P1
Summary:
ContextObjectContainer::getObject returned a NULL Vector object.
The NULL Vector object was dereferenced by "objVector.elementAt(index)"
and caused a coredump. The JIT did not generate code to throw an exception for
a deference of a NULL object - hence the crash. The getObjectData method
is depending upon this exception which should be thrown.
Conclusion: JVM generated incorrect compiled code.
t@78 (l@78) terminated by signal SEGV (no mapping at the fault address)
0x8ba31d3c: ld [%i5], %g2
current thread: t@78
=>[1] 0x8ba31d3c(0x0, 0x8e36f090, 0x0, 0x0, 0x0, 0x0), at 0x8ba31d3b
[2] 0x8ba31d00(0x8d13aac0, 0x8e36f090, 0x0, 0x8e3bb828, 0x0, 0x0), at 0x8ba31cff
[3] JITInvokeCompiledMethod(0x14e83f8, 0x1cea458, 0x14e7f58, 0x5, 0x2, 0x8), at 0xfee46448
[4] invokeCompiledMethod(0x849fe580, 0x1cea458, 0x14e7f58, 0x14e83e0, 0x14e83e0, 0x230), at 0xfec7ded4
[5] executeJava(0x5, 0x14e7f58, 0xfee534a8, 0x14e812c, 0x1cea458, 0x1d575c0), at 0xfed36130
current thread: t@78
current frame: [1]
g0-g1 0x00000000 0x00000000 0x00000000 0x014e7ae9
g2-g3 0x00000000 0x8d13cd28 0x00000000 0x00bd4800
g4-g5 0x00000000 0xfffffffe 0x00000000 0x000001b4
g6-g7 0x00000000 0x00000000 0x00000000 0x894a5800
o0-o1 0x00000000 0x00000000 0x00000000 0x8e36f090
o2-o3 0x00000000 0x00000000 0x00000000 0x00000000
o4-o5 0x00000000 0x00000000 0x00000000 0x00000000
o6-o7 0x00000000 0x849fe498 0x00000000 0x8ba31d00
l0-l1 0x00000000 0x00000000 0x00000000 0x0000001f *** Note %l0 == 0 == objVector is NULL from getObject(name)
l2-l3 0x00000000 0x0000002c 0x00000000 0x8d16e5c0
l4-l5 0x00000000 0x0000002c 0x00000000 0x00000000
l6-l7 0x00000000 0x00002000 0x00000000 0xff05e740
i0-i1 0x00000000 0x8d13aac0 0x00000000 0x8e36f090
i2-i3 0x00000000 0x00000000 0x00000000 0x8e3bb828
i4-i5 0x00000000 0x00000000 0x00000000 0x00000000 *** Note %i5 == 0 which is reason for trap @ 0x8ba31d3c
i6-i7 0x00000000 0x849fe520 0x00000000 0xfee46448
y 0x00000000 0x00000000
ccr 0x00000000 0xfe401004
pc 0x00000000 0x8ba31d3c:0x8ba31d3c ld [%i5], %g2
npc 0x00000000 0x8ba31d40:0x8ba31d40 mov %i5, %o0
/**
* <code>getObjectData</code>
* method returns the Object value in the embedded CompositeModel
* in the given context name, at the given index, and having the given
* attribute name. Returns null if the context object was not found, the
* context object found was not a Vector object, the given index value
* does not exist in the Vector, or if that object is not a CompositeModel.
*
* @param name a <code>String</code> value
* @param index an <code>int</code> value
* @param attribName a <code>String</code> value
* @return an <code>Object</code> value
*/
public Object getObjectData(String name, int index, String attribName) {
Object data = null;
try {
Vector objVector = (Vector) getObject(name);
CompositeModel model = (CompositeModel) objVector.elementAt(index);
data = model.getValueFor(attribName);
} catch (Exception e) {
// no-op
}
return(data);
}
public Object getObject(String name) {
Object obj = null;
String scope = getObjectScope(name);
if (scope != null) {
obj = getContextHash(scope).get(name);
}
return(obj);
}
0x8ba31cdc: save %sp, -0x88, %sp
0x8ba31ce0: ld [%fp + 0x40], %g2
0x8ba31ce4: st %g0, [%sp - -0x1000]
0x8ba31ce8: st %g2, [%sp + 0x40]
0x8ba31cec: clr %i4
0x8ba31cf0: ld [%i0], %g2
0x8ba31cf4: mov %i0, %o0 this -> %o0
0x8ba31cf8: or %i1, %g0, %o1 String name -> %o1
0x8ba31cfc: ld [%g2 + 0x64], %g3
0x8ba31d00: call 0x8ba10bd0 Vector objVector = (Vector) getObject(name);
0x8ba31d04: sethi %hi(0x1cd8800), %g3
0x8ba31d08: mov %o0, %l0 objVector -> %l0
0x8ba31d0c: cmp %l0, 0x0
0x8ba31d10: be,a,pn %icc,0x8ba31d3c branch to 0x8ba31d3c if objVector == NULL <which it is>
0x8ba31d14: mov %l0, %i5
0x8ba31d18: ld [%l0], %o0
0x8ba31d1c: sethi %hi(0xbffc00), %o1
0x8ba31d20: ld [%o0 + 0x18], %g1
0x8ba31d24: cmp %g1, %o1
0x8ba31d28: be,a,pt %icc,0x8ba31d3c
0x8ba31d2c: mov %l0, %i5
0x8ba31d30: call inconsistent_checkcast_JIT_ncls Vector objVector = (Vector) <check cast>
0x8ba31d34: nop
0x8ba31d38: mov %l0, %i5
0x8ba31d3c: ld [%i5], %g2 %i5 == NULL <trap>
0x8ba31d40: mov %i5, %o0 objVector -> %o0
0x8ba31d44: or %i2, %g0, %o1 int index -> %o1
0x8ba31d48: ld [%g2 + 0xd0], %g3
0x8ba31d4c: call 0x8b81c350 CompositeModel model = (CompositeModel) objVector.elementAt(index);
0x8ba31d50: sethi %hi(0xbffc00), %g3
0x8ba31d54: mov %o0, %l0 model -> %l0
0x8ba31d58: cmp %l0, 0x0
0x8ba31d5c: be,a,pn %icc,0x8ba31d88
0x8ba31d60: st %l0, [%fp - 0x20]
0x8ba31d64: ld [%l0], %o0
0x8ba31d68: sethi %hi(0x1d20000), %o1
0x8ba31d6c: ld [%o0 + 0x18], %g1
0x8ba31d70: cmp %g1, %o1
0x8ba31d74: be,a,pt %icc,0x8ba31d88
0x8ba31d78: st %l0, [%fp - 0x20]
0x8ba31d7c: call inconsistent_checkcast_JIT_ncls
0x8ba31d80: nop
0x8ba31d84: st %l0, [%fp - 0x20]
0x8ba31d88: ld [%l0], %o0
0x8ba31d8c: sethi %hi(0x8ba31c00), %o2
0x8ba31d90: add %o2, 0x1e8, %o2
0x8ba31d94: ldd [%o2], %g2
0x8ba31d98: cmp %o0, %g3
0x8ba31d9c: be,a,pt %icc,0x8ba31db8
0x8ba31da0: or %i3, %g0, %o1
0x8ba31da4: sethi %hi(0x1cf7800), %o1
0x8ba31da8: call JITSupport_lookupMethod
0x8ba31dac: add %o1, 0x278, %o1
0x8ba31db0: or %o0, 0x0, %g2
0x8ba31db4: or %i3, %g0, %o1 attribName -> %o1
0x8ba31db8: or %l0, 0x0, %o0 model -> %o0
0x8ba31dbc: jmpl %g2, %o7 data = model.getValueFor(attribName);
0x8ba31dc0: nop
0x8ba31dc4: mov %o0, %l3
0x8ba31dc8: mov %l3, %i4
0x8ba31dcc: ba,pt %icc,0x8ba31dd8
0x8ba31dd0: mov %i4, %i0
0x8ba31dd4: mov %i4, %i0
0x8ba31dd8: ret
0x8ba31ddc: restore
###@###.### 2003-06-13
This problem is for jdk1.2.2_10 to 1.2.2_15.
###@###.### 2003-06-16
ContextObjectContainer::getObject returned a NULL Vector object.
The NULL Vector object was dereferenced by "objVector.elementAt(index)"
and caused a coredump. The JIT did not generate code to throw an exception for
a deference of a NULL object - hence the crash. The getObjectData method
is depending upon this exception which should be thrown.
Conclusion: JVM generated incorrect compiled code.
t@78 (l@78) terminated by signal SEGV (no mapping at the fault address)
0x8ba31d3c: ld [%i5], %g2
current thread: t@78
=>[1] 0x8ba31d3c(0x0, 0x8e36f090, 0x0, 0x0, 0x0, 0x0), at 0x8ba31d3b
[2] 0x8ba31d00(0x8d13aac0, 0x8e36f090, 0x0, 0x8e3bb828, 0x0, 0x0), at 0x8ba31cff
[3] JITInvokeCompiledMethod(0x14e83f8, 0x1cea458, 0x14e7f58, 0x5, 0x2, 0x8), at 0xfee46448
[4] invokeCompiledMethod(0x849fe580, 0x1cea458, 0x14e7f58, 0x14e83e0, 0x14e83e0, 0x230), at 0xfec7ded4
[5] executeJava(0x5, 0x14e7f58, 0xfee534a8, 0x14e812c, 0x1cea458, 0x1d575c0), at 0xfed36130
current thread: t@78
current frame: [1]
g0-g1 0x00000000 0x00000000 0x00000000 0x014e7ae9
g2-g3 0x00000000 0x8d13cd28 0x00000000 0x00bd4800
g4-g5 0x00000000 0xfffffffe 0x00000000 0x000001b4
g6-g7 0x00000000 0x00000000 0x00000000 0x894a5800
o0-o1 0x00000000 0x00000000 0x00000000 0x8e36f090
o2-o3 0x00000000 0x00000000 0x00000000 0x00000000
o4-o5 0x00000000 0x00000000 0x00000000 0x00000000
o6-o7 0x00000000 0x849fe498 0x00000000 0x8ba31d00
l0-l1 0x00000000 0x00000000 0x00000000 0x0000001f *** Note %l0 == 0 == objVector is NULL from getObject(name)
l2-l3 0x00000000 0x0000002c 0x00000000 0x8d16e5c0
l4-l5 0x00000000 0x0000002c 0x00000000 0x00000000
l6-l7 0x00000000 0x00002000 0x00000000 0xff05e740
i0-i1 0x00000000 0x8d13aac0 0x00000000 0x8e36f090
i2-i3 0x00000000 0x00000000 0x00000000 0x8e3bb828
i4-i5 0x00000000 0x00000000 0x00000000 0x00000000 *** Note %i5 == 0 which is reason for trap @ 0x8ba31d3c
i6-i7 0x00000000 0x849fe520 0x00000000 0xfee46448
y 0x00000000 0x00000000
ccr 0x00000000 0xfe401004
pc 0x00000000 0x8ba31d3c:0x8ba31d3c ld [%i5], %g2
npc 0x00000000 0x8ba31d40:0x8ba31d40 mov %i5, %o0
/**
* <code>getObjectData</code>
* method returns the Object value in the embedded CompositeModel
* in the given context name, at the given index, and having the given
* attribute name. Returns null if the context object was not found, the
* context object found was not a Vector object, the given index value
* does not exist in the Vector, or if that object is not a CompositeModel.
*
* @param name a <code>String</code> value
* @param index an <code>int</code> value
* @param attribName a <code>String</code> value
* @return an <code>Object</code> value
*/
public Object getObjectData(String name, int index, String attribName) {
Object data = null;
try {
Vector objVector = (Vector) getObject(name);
CompositeModel model = (CompositeModel) objVector.elementAt(index);
data = model.getValueFor(attribName);
} catch (Exception e) {
// no-op
}
return(data);
}
public Object getObject(String name) {
Object obj = null;
String scope = getObjectScope(name);
if (scope != null) {
obj = getContextHash(scope).get(name);
}
return(obj);
}
0x8ba31cdc: save %sp, -0x88, %sp
0x8ba31ce0: ld [%fp + 0x40], %g2
0x8ba31ce4: st %g0, [%sp - -0x1000]
0x8ba31ce8: st %g2, [%sp + 0x40]
0x8ba31cec: clr %i4
0x8ba31cf0: ld [%i0], %g2
0x8ba31cf4: mov %i0, %o0 this -> %o0
0x8ba31cf8: or %i1, %g0, %o1 String name -> %o1
0x8ba31cfc: ld [%g2 + 0x64], %g3
0x8ba31d00: call 0x8ba10bd0 Vector objVector = (Vector) getObject(name);
0x8ba31d04: sethi %hi(0x1cd8800), %g3
0x8ba31d08: mov %o0, %l0 objVector -> %l0
0x8ba31d0c: cmp %l0, 0x0
0x8ba31d10: be,a,pn %icc,0x8ba31d3c branch to 0x8ba31d3c if objVector == NULL <which it is>
0x8ba31d14: mov %l0, %i5
0x8ba31d18: ld [%l0], %o0
0x8ba31d1c: sethi %hi(0xbffc00), %o1
0x8ba31d20: ld [%o0 + 0x18], %g1
0x8ba31d24: cmp %g1, %o1
0x8ba31d28: be,a,pt %icc,0x8ba31d3c
0x8ba31d2c: mov %l0, %i5
0x8ba31d30: call inconsistent_checkcast_JIT_ncls Vector objVector = (Vector) <check cast>
0x8ba31d34: nop
0x8ba31d38: mov %l0, %i5
0x8ba31d3c: ld [%i5], %g2 %i5 == NULL <trap>
0x8ba31d40: mov %i5, %o0 objVector -> %o0
0x8ba31d44: or %i2, %g0, %o1 int index -> %o1
0x8ba31d48: ld [%g2 + 0xd0], %g3
0x8ba31d4c: call 0x8b81c350 CompositeModel model = (CompositeModel) objVector.elementAt(index);
0x8ba31d50: sethi %hi(0xbffc00), %g3
0x8ba31d54: mov %o0, %l0 model -> %l0
0x8ba31d58: cmp %l0, 0x0
0x8ba31d5c: be,a,pn %icc,0x8ba31d88
0x8ba31d60: st %l0, [%fp - 0x20]
0x8ba31d64: ld [%l0], %o0
0x8ba31d68: sethi %hi(0x1d20000), %o1
0x8ba31d6c: ld [%o0 + 0x18], %g1
0x8ba31d70: cmp %g1, %o1
0x8ba31d74: be,a,pt %icc,0x8ba31d88
0x8ba31d78: st %l0, [%fp - 0x20]
0x8ba31d7c: call inconsistent_checkcast_JIT_ncls
0x8ba31d80: nop
0x8ba31d84: st %l0, [%fp - 0x20]
0x8ba31d88: ld [%l0], %o0
0x8ba31d8c: sethi %hi(0x8ba31c00), %o2
0x8ba31d90: add %o2, 0x1e8, %o2
0x8ba31d94: ldd [%o2], %g2
0x8ba31d98: cmp %o0, %g3
0x8ba31d9c: be,a,pt %icc,0x8ba31db8
0x8ba31da0: or %i3, %g0, %o1
0x8ba31da4: sethi %hi(0x1cf7800), %o1
0x8ba31da8: call JITSupport_lookupMethod
0x8ba31dac: add %o1, 0x278, %o1
0x8ba31db0: or %o0, 0x0, %g2
0x8ba31db4: or %i3, %g0, %o1 attribName -> %o1
0x8ba31db8: or %l0, 0x0, %o0 model -> %o0
0x8ba31dbc: jmpl %g2, %o7 data = model.getValueFor(attribName);
0x8ba31dc0: nop
0x8ba31dc4: mov %o0, %l3
0x8ba31dc8: mov %l3, %i4
0x8ba31dcc: ba,pt %icc,0x8ba31dd8
0x8ba31dd0: mov %i4, %i0
0x8ba31dd4: mov %i4, %i0
0x8ba31dd8: ret
0x8ba31ddc: restore
###@###.### 2003-06-13
This problem is for jdk1.2.2_10 to 1.2.2_15.
###@###.### 2003-06-16