P4 | Issue | Fix Version | Assignee | Priority | Status | Resolution | Resolved In Build |
|---|---|---|---|---|---|---|
| JDK-2170206 | 5.0-pool | Unassigned | P5 | Closed | Not an Issue |
FULL PRODUCT VERSION :
java version "1.6.0_01"
Java(TM) SE Runtime Environment (build 1.6.0_01-b06)
Java HotSpot(TM) Client VM (build 1.6.0_01-b06, mixed mode, sharing)
java version "1.5.0_08"
Java(TM) 2 Runtime Environment, Standard Edition (build 1.5.0_08-b03)
Java HotSpot(TM) Client VM (build 1.5.0_08-b03, mixed mode, sharing)
java version "1.4.2_11"
Java(TM) 2 Runtime Environment, Standard Edition (build 1.4.2_11-b06)
Java HotSpot(TM) Client VM (build 1.4.2_11-b06, mixed mode)
ADDITIONAL OS VERSION INFORMATION :
Microsoft Windows XP [Version 5.1.2600]
EXTRA RELEVANT SYSTEM CONFIGURATION :
JNI-DLL compiled using Bloodshed Dev-C++ 4.9.9.2 using g++ (GCC) 3.4.2 (mingw-special)
A DESCRIPTION OF THE PROBLEM :
If a JNI-function looks like this:
JNIEXPORT void JNICALL Java_de_kimmeringer_jnicrash_JNICrasher_releaseArray(JNIEnv* env, jclass obj, jbyteArray array, jint address){
(env)->ReleaseByteArrayElements(array, (jbyte*) address, 0);
}
the Virtual Machine crashes with ExceptionCode=0xc0000005.
A command like fflush(stdout) or free(malloc(1)) let everything work fine (more I haven't tried).
STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
see attachment
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
No crash of virtual machine
ACTUAL -
A crashing virtual machine
ERROR MESSAGES/STACK TRACES THAT OCCUR :
#
# An unexpected error has been detected by Java Runtime Environment:
#
# EXCEPTION_ACCESS_VIOLATION (0xc0000005) at pc=0x000501ff, pid=644, tid=4320
#
# Java VM: Java HotSpot(TM) Client VM (1.6.0_01-b06 mixed mode, sharing)
# Problematic frame:
# C 0x000501ff
#
# If you would like to submit a bug report, please visit:
# http://java.sun.com/webapps/bugreport/crash.jsp
#
--------------- T H R E A D ---------------
Current thread (0x02a75000): JavaThread "Executing thread 1" [_thread_in_native, id=4320]
siginfo: ExceptionCode=0xc0000005, reading address 0x000501ff
Registers:
EAX=0x02a75410, EBX=0x269649f0, ECX=0x02e1fab8, EDX=0x02a876dc
ESP=0x02e1fa6c, EBP=0x02e1faa4, ESI=0x269649f0, EDI=0x02a75000
EIP=0x000501ff, EFLAGS=0x00010283
Top of Stack: (sp=0x02e1fa6c)
0x02e1fa6c: 008ea430 02a750e8 02e1fab8 02a75410
0x02e1fa7c: 00000002 02a75000 02e1fa84 269649f0
0x02e1fa8c: 02e1fab8 26964fa8 00000000 269649f0
0x02e1fa9c: 00000000 02e1fab4 02e1fadc 008e2c71
0x02e1faac: 26964f30 008e8409 02a75410 229acfc8
0x02e1fabc: 02e1fabc 26964d92 02e1fae8 26964fa8
0x02e1facc: 00000000 26964da0 02e1fab4 02e1fae4
0x02e1fadc: 02e1fb0c 008e2c71 02a75410 229acfc8
Instructions: (pc=0x000501ff)
0x000501ef:
[error occurred during error reporting, step 100, id 0xc0000005]
Stack: [0x02dd0000,0x02e20000), sp=0x02e1fa6c, free space=318k
Native frames: (J=compiled Java code, j=interpreted, Vv=VM code, C=native code)
C 0x000501ff
j de.kimmeringer.jnicrash.JNICrasher.access$1([BI)V+2
j de.kimmeringer.jnicrash.JNICrasher$Executer.run()V+47
v ~StubRoutines::call_stub
Java frames: (J=compiled Java code, j=interpreted, Vv=VM code)
j de.kimmeringer.jnicrash.JNICrasher.releaseArray([BI)V+0
j de.kimmeringer.jnicrash.JNICrasher.access$1([BI)V+2
j de.kimmeringer.jnicrash.JNICrasher$Executer.run()V+47
v ~StubRoutines::call_stub
--------------- P R O C E S S ---------------
Java Threads: ( => current thread )
0x00387800 JavaThread "DestroyJavaVM" [_thread_blocked, id=5700]
=>0x02a75000 JavaThread "Executing thread 1" [_thread_in_native, id=4320]
0x02a4e400 JavaThread "Low Memory Detector" daemon [_thread_blocked, id=5176]
0x02a49800 JavaThread "CompilerThread0" daemon [_thread_blocked, id=4596]
0x02a48400 JavaThread "Attach Listener" daemon [_thread_blocked, id=2108]
0x02a47800 JavaThread "Signal Dispatcher" daemon [_thread_blocked, id=5648]
0x02a43000 JavaThread "Finalizer" daemon [_thread_blocked, id=3776]
0x02a3e800 JavaThread "Reference Handler" daemon [_thread_blocked, id=4724]
Other Threads:
0x02a35400 VMThread [id=3200]
0x02a69000 WatcherThread [id=3268]
VM state:not at safepoint (normal execution)
VM Mutex/Monitor currently owned by a thread: None
Heap
def new generation total 960K, used 344K [0x22960000, 0x22a60000, 0x22e40000)
eden space 896K, 38% used [0x22960000, 0x229b61a8, 0x22a40000)
from space 64K, 0% used [0x22a40000, 0x22a40000, 0x22a50000)
to space 64K, 0% used [0x22a50000, 0x22a50000, 0x22a60000)
tenured generation total 4096K, used 0K [0x22e40000, 0x23240000, 0x26960000)
the space 4096K, 0% used [0x22e40000, 0x22e40000, 0x22e40200, 0x23240000)
compacting perm gen total 12288K, used 23K [0x26960000, 0x27560000, 0x2a960000)
the space 12288K, 0% used [0x26960000, 0x26965d08, 0x26965e00, 0x27560000)
ro space 8192K, 66% used [0x2a960000, 0x2aeac5d0, 0x2aeac600, 0x2b160000)
rw space 12288K, 52% used [0x2b160000, 0x2b7a8c98, 0x2b7a8e00, 0x2bd60000)
Dynamic libraries:
0x00400000 - 0x00423000 C:\Programme\Java\jdk1.6.0_01\bin\javaw.exe
0x7c910000 - 0x7c9c7000 C:\WINDOWS\system32\ntdll.dll
0x7c800000 - 0x7c906000 C:\WINDOWS\system32\kernel32.dll
0x77da0000 - 0x77e4a000 C:\WINDOWS\system32\ADVAPI32.dll
0x77e50000 - 0x77ee1000 C:\WINDOWS\system32\RPCRT4.dll
0x7e360000 - 0x7e3f0000 C:\WINDOWS\system32\USER32.dll
0x77ef0000 - 0x77f37000 C:\WINDOWS\system32\GDI32.dll
0x7c340000 - 0x7c396000 C:\Programme\Java\jdk1.6.0_01\jre\bin\msvcr71.dll
0x6d870000 - 0x6dab7000 C:\Programme\Java\jdk1.6.0_01\jre\bin\client\jvm.dll
0x76af0000 - 0x76b1e000 C:\WINDOWS\system32\WINMM.dll
0x6d3c0000 - 0x6d3c8000 C:\Programme\Java\jdk1.6.0_01\jre\bin\hpi.dll
0x76bb0000 - 0x76bbb000 C:\WINDOWS\system32\PSAPI.DLL
0x6d820000 - 0x6d82c000 C:\Programme\Java\jdk1.6.0_01\jre\bin\verify.dll
0x6d460000 - 0x6d47f000 C:\Programme\Java\jdk1.6.0_01\jre\bin\java.dll
0x6d860000 - 0x6d86f000 C:\Programme\Java\jdk1.6.0_01\jre\bin\zip.dll
0x6c300000 - 0x6c308000 C:\eclipse\workspace\Playground\JNICrasher.dll
0x77be0000 - 0x77c38000 C:\WINDOWS\system32\msvcrt.dll
VM Arguments:
java_command: de.kimmeringer.jnicrash.JNICrasher
Launcher Type: SUN_STANDARD
Environment Variables:
CLASSPATH=.;C:\Programme\Java\jre1.6.0_beta2\lib\ext\QTJava.zip
PATH=c:\programme\imagemagick-6.2.4-q16;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\PROGRA~1\GEMEIN~1\SONICS~1\;C:\Programme\Microsoft Visual C++ Toolkit 2003\bin;C:\Programme\Microsoft SQL Server\80\Tools\Binn\;C:\nmap-3.93;C:\GnuPG;C:\Programme\Gemeinsame Dateien\Adobe\AGL;C:\Programme\Sybase\Shared\PowerBuilder;C:\Programme\Sybase\InfoMaker 9.0\Tutorial;C:\Programme\JProbe Suite 6.0.2\bin;C:\Programme\Gemeinsame Dateien\Teleca Shared;C:\Programme\QuickTime\QTSystem\;C:\Programme\OpenVPN\bin;C:\smartmontools\5.37\bin
USERNAME=kimmerin
OS=Windows_NT
PROCESSOR_IDENTIFIER=x86 Family 6 Model 13 Stepping 8, GenuineIntel
--------------- S Y S T E M ---------------
OS: Windows XP Build 2600 Service Pack 2
CPU:total 1 family 6, cmov, cx8, fxsr, mmx, sse, sse2
Memory: 4k page, physical 2096536k(1117336k free), swap 2462480k(1396740k free)
vm_info: Java HotSpot(TM) Client VM (1.6.0_01-b06) for windows-x86, built on Mar 14 2007 00:24:02 by "java_re" with unknown MS VC++:1310
REPRODUCIBILITY :
This bug can be reproduced always.
---------- BEGIN SOURCE ----------
/*
* Created on 07.06.2007
*
*/
package de.kimmeringer.jnicrash;
/**
* Class trying to crash the JNI as being observed in a real project
* @author Lothar Kimmeringer <###@###.###>
*
*/
public class JNICrasher {
private static native int pinArray(byte[] data);
private static native void releaseArray(byte[] data, int address);
/**
* Creates a new instance of JNICrasher
*/
public JNICrasher() {
}
/**
* Main method to be called to start the program
* @param args Calling arguments
* @throws Exception Will be thrown if there was an error while
* execution
*/
public final static void main(String[] args) throws Exception{
System.loadLibrary("JNICrasher");
JNICrasher jc = new JNICrasher();
jc.execute(args);
}
private void execute(String[] args) throws Exception{
int numThreads = 1;
if (args.length > 0){
numThreads = Integer.parseInt(args[0]);
}
for (int i = 0; i < numThreads; i++){
Executer ex = new Executer();
ex.setName("Executing thread " + (i + 1));
ex.start();
System.out.println("Thread " + ex.getName() + " started");
}
}
private class Executer extends Thread{
/**
* Main run-method
*/
public void run() {
try{
int counter = 1;
while (true){
byte[] bytes = new byte[512];
for (int i = 0; i < bytes.length; i++){
bytes[i] = (byte) (Math.random() * 257);
}
int address = pinArray(bytes);
Thread.sleep(100);
releaseArray(bytes, address);
if (counter == 1){
System.out.println("survived the first try");
}
counter++;
if (counter % 100 == 0){
System.out.println("Still doing the rounds");
}
}
}
catch(Throwable t){
System.err.println("thread " + getName() + " died");
t.printStackTrace();
}
}
}
}
---------- END SOURCE ----------
CUSTOMER SUBMITTED WORKAROUND :
Placing a fflush(stdout) or free(malloc(1)) or maybe something else I haven't tried in front of the ReleaseByteArrayElements-function.
if (TRUE){} doesn't work but might be due to compiler-optimization.
Dear all,
I'm also looking for a fix to this bug as it exactly resembles a bug reported by my ISV.
Thanks,
Mithun Sridharan
java version "1.6.0_01"
Java(TM) SE Runtime Environment (build 1.6.0_01-b06)
Java HotSpot(TM) Client VM (build 1.6.0_01-b06, mixed mode, sharing)
java version "1.5.0_08"
Java(TM) 2 Runtime Environment, Standard Edition (build 1.5.0_08-b03)
Java HotSpot(TM) Client VM (build 1.5.0_08-b03, mixed mode, sharing)
java version "1.4.2_11"
Java(TM) 2 Runtime Environment, Standard Edition (build 1.4.2_11-b06)
Java HotSpot(TM) Client VM (build 1.4.2_11-b06, mixed mode)
ADDITIONAL OS VERSION INFORMATION :
Microsoft Windows XP [Version 5.1.2600]
EXTRA RELEVANT SYSTEM CONFIGURATION :
JNI-DLL compiled using Bloodshed Dev-C++ 4.9.9.2 using g++ (GCC) 3.4.2 (mingw-special)
A DESCRIPTION OF THE PROBLEM :
If a JNI-function looks like this:
JNIEXPORT void JNICALL Java_de_kimmeringer_jnicrash_JNICrasher_releaseArray(JNIEnv* env, jclass obj, jbyteArray array, jint address){
(env)->ReleaseByteArrayElements(array, (jbyte*) address, 0);
}
the Virtual Machine crashes with ExceptionCode=0xc0000005.
A command like fflush(stdout) or free(malloc(1)) let everything work fine (more I haven't tried).
STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
see attachment
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
No crash of virtual machine
ACTUAL -
A crashing virtual machine
ERROR MESSAGES/STACK TRACES THAT OCCUR :
#
# An unexpected error has been detected by Java Runtime Environment:
#
# EXCEPTION_ACCESS_VIOLATION (0xc0000005) at pc=0x000501ff, pid=644, tid=4320
#
# Java VM: Java HotSpot(TM) Client VM (1.6.0_01-b06 mixed mode, sharing)
# Problematic frame:
# C 0x000501ff
#
# If you would like to submit a bug report, please visit:
# http://java.sun.com/webapps/bugreport/crash.jsp
#
--------------- T H R E A D ---------------
Current thread (0x02a75000): JavaThread "Executing thread 1" [_thread_in_native, id=4320]
siginfo: ExceptionCode=0xc0000005, reading address 0x000501ff
Registers:
EAX=0x02a75410, EBX=0x269649f0, ECX=0x02e1fab8, EDX=0x02a876dc
ESP=0x02e1fa6c, EBP=0x02e1faa4, ESI=0x269649f0, EDI=0x02a75000
EIP=0x000501ff, EFLAGS=0x00010283
Top of Stack: (sp=0x02e1fa6c)
0x02e1fa6c: 008ea430 02a750e8 02e1fab8 02a75410
0x02e1fa7c: 00000002 02a75000 02e1fa84 269649f0
0x02e1fa8c: 02e1fab8 26964fa8 00000000 269649f0
0x02e1fa9c: 00000000 02e1fab4 02e1fadc 008e2c71
0x02e1faac: 26964f30 008e8409 02a75410 229acfc8
0x02e1fabc: 02e1fabc 26964d92 02e1fae8 26964fa8
0x02e1facc: 00000000 26964da0 02e1fab4 02e1fae4
0x02e1fadc: 02e1fb0c 008e2c71 02a75410 229acfc8
Instructions: (pc=0x000501ff)
0x000501ef:
[error occurred during error reporting, step 100, id 0xc0000005]
Stack: [0x02dd0000,0x02e20000), sp=0x02e1fa6c, free space=318k
Native frames: (J=compiled Java code, j=interpreted, Vv=VM code, C=native code)
C 0x000501ff
j de.kimmeringer.jnicrash.JNICrasher.access$1([BI)V+2
j de.kimmeringer.jnicrash.JNICrasher$Executer.run()V+47
v ~StubRoutines::call_stub
Java frames: (J=compiled Java code, j=interpreted, Vv=VM code)
j de.kimmeringer.jnicrash.JNICrasher.releaseArray([BI)V+0
j de.kimmeringer.jnicrash.JNICrasher.access$1([BI)V+2
j de.kimmeringer.jnicrash.JNICrasher$Executer.run()V+47
v ~StubRoutines::call_stub
--------------- P R O C E S S ---------------
Java Threads: ( => current thread )
0x00387800 JavaThread "DestroyJavaVM" [_thread_blocked, id=5700]
=>0x02a75000 JavaThread "Executing thread 1" [_thread_in_native, id=4320]
0x02a4e400 JavaThread "Low Memory Detector" daemon [_thread_blocked, id=5176]
0x02a49800 JavaThread "CompilerThread0" daemon [_thread_blocked, id=4596]
0x02a48400 JavaThread "Attach Listener" daemon [_thread_blocked, id=2108]
0x02a47800 JavaThread "Signal Dispatcher" daemon [_thread_blocked, id=5648]
0x02a43000 JavaThread "Finalizer" daemon [_thread_blocked, id=3776]
0x02a3e800 JavaThread "Reference Handler" daemon [_thread_blocked, id=4724]
Other Threads:
0x02a35400 VMThread [id=3200]
0x02a69000 WatcherThread [id=3268]
VM state:not at safepoint (normal execution)
VM Mutex/Monitor currently owned by a thread: None
Heap
def new generation total 960K, used 344K [0x22960000, 0x22a60000, 0x22e40000)
eden space 896K, 38% used [0x22960000, 0x229b61a8, 0x22a40000)
from space 64K, 0% used [0x22a40000, 0x22a40000, 0x22a50000)
to space 64K, 0% used [0x22a50000, 0x22a50000, 0x22a60000)
tenured generation total 4096K, used 0K [0x22e40000, 0x23240000, 0x26960000)
the space 4096K, 0% used [0x22e40000, 0x22e40000, 0x22e40200, 0x23240000)
compacting perm gen total 12288K, used 23K [0x26960000, 0x27560000, 0x2a960000)
the space 12288K, 0% used [0x26960000, 0x26965d08, 0x26965e00, 0x27560000)
ro space 8192K, 66% used [0x2a960000, 0x2aeac5d0, 0x2aeac600, 0x2b160000)
rw space 12288K, 52% used [0x2b160000, 0x2b7a8c98, 0x2b7a8e00, 0x2bd60000)
Dynamic libraries:
0x00400000 - 0x00423000 C:\Programme\Java\jdk1.6.0_01\bin\javaw.exe
0x7c910000 - 0x7c9c7000 C:\WINDOWS\system32\ntdll.dll
0x7c800000 - 0x7c906000 C:\WINDOWS\system32\kernel32.dll
0x77da0000 - 0x77e4a000 C:\WINDOWS\system32\ADVAPI32.dll
0x77e50000 - 0x77ee1000 C:\WINDOWS\system32\RPCRT4.dll
0x7e360000 - 0x7e3f0000 C:\WINDOWS\system32\USER32.dll
0x77ef0000 - 0x77f37000 C:\WINDOWS\system32\GDI32.dll
0x7c340000 - 0x7c396000 C:\Programme\Java\jdk1.6.0_01\jre\bin\msvcr71.dll
0x6d870000 - 0x6dab7000 C:\Programme\Java\jdk1.6.0_01\jre\bin\client\jvm.dll
0x76af0000 - 0x76b1e000 C:\WINDOWS\system32\WINMM.dll
0x6d3c0000 - 0x6d3c8000 C:\Programme\Java\jdk1.6.0_01\jre\bin\hpi.dll
0x76bb0000 - 0x76bbb000 C:\WINDOWS\system32\PSAPI.DLL
0x6d820000 - 0x6d82c000 C:\Programme\Java\jdk1.6.0_01\jre\bin\verify.dll
0x6d460000 - 0x6d47f000 C:\Programme\Java\jdk1.6.0_01\jre\bin\java.dll
0x6d860000 - 0x6d86f000 C:\Programme\Java\jdk1.6.0_01\jre\bin\zip.dll
0x6c300000 - 0x6c308000 C:\eclipse\workspace\Playground\JNICrasher.dll
0x77be0000 - 0x77c38000 C:\WINDOWS\system32\msvcrt.dll
VM Arguments:
java_command: de.kimmeringer.jnicrash.JNICrasher
Launcher Type: SUN_STANDARD
Environment Variables:
CLASSPATH=.;C:\Programme\Java\jre1.6.0_beta2\lib\ext\QTJava.zip
PATH=c:\programme\imagemagick-6.2.4-q16;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\PROGRA~1\GEMEIN~1\SONICS~1\;C:\Programme\Microsoft Visual C++ Toolkit 2003\bin;C:\Programme\Microsoft SQL Server\80\Tools\Binn\;C:\nmap-3.93;C:\GnuPG;C:\Programme\Gemeinsame Dateien\Adobe\AGL;C:\Programme\Sybase\Shared\PowerBuilder;C:\Programme\Sybase\InfoMaker 9.0\Tutorial;C:\Programme\JProbe Suite 6.0.2\bin;C:\Programme\Gemeinsame Dateien\Teleca Shared;C:\Programme\QuickTime\QTSystem\;C:\Programme\OpenVPN\bin;C:\smartmontools\5.37\bin
USERNAME=kimmerin
OS=Windows_NT
PROCESSOR_IDENTIFIER=x86 Family 6 Model 13 Stepping 8, GenuineIntel
--------------- S Y S T E M ---------------
OS: Windows XP Build 2600 Service Pack 2
CPU:total 1 family 6, cmov, cx8, fxsr, mmx, sse, sse2
Memory: 4k page, physical 2096536k(1117336k free), swap 2462480k(1396740k free)
vm_info: Java HotSpot(TM) Client VM (1.6.0_01-b06) for windows-x86, built on Mar 14 2007 00:24:02 by "java_re" with unknown MS VC++:1310
REPRODUCIBILITY :
This bug can be reproduced always.
---------- BEGIN SOURCE ----------
/*
* Created on 07.06.2007
*
*/
package de.kimmeringer.jnicrash;
/**
* Class trying to crash the JNI as being observed in a real project
* @author Lothar Kimmeringer <###@###.###>
*
*/
public class JNICrasher {
private static native int pinArray(byte[] data);
private static native void releaseArray(byte[] data, int address);
/**
* Creates a new instance of JNICrasher
*/
public JNICrasher() {
}
/**
* Main method to be called to start the program
* @param args Calling arguments
* @throws Exception Will be thrown if there was an error while
* execution
*/
public final static void main(String[] args) throws Exception{
System.loadLibrary("JNICrasher");
JNICrasher jc = new JNICrasher();
jc.execute(args);
}
private void execute(String[] args) throws Exception{
int numThreads = 1;
if (args.length > 0){
numThreads = Integer.parseInt(args[0]);
}
for (int i = 0; i < numThreads; i++){
Executer ex = new Executer();
ex.setName("Executing thread " + (i + 1));
ex.start();
System.out.println("Thread " + ex.getName() + " started");
}
}
private class Executer extends Thread{
/**
* Main run-method
*/
public void run() {
try{
int counter = 1;
while (true){
byte[] bytes = new byte[512];
for (int i = 0; i < bytes.length; i++){
bytes[i] = (byte) (Math.random() * 257);
}
int address = pinArray(bytes);
Thread.sleep(100);
releaseArray(bytes, address);
if (counter == 1){
System.out.println("survived the first try");
}
counter++;
if (counter % 100 == 0){
System.out.println("Still doing the rounds");
}
}
}
catch(Throwable t){
System.err.println("thread " + getName() + " died");
t.printStackTrace();
}
}
}
}
---------- END SOURCE ----------
CUSTOMER SUBMITTED WORKAROUND :
Placing a fflush(stdout) or free(malloc(1)) or maybe something else I haven't tried in front of the ReleaseByteArrayElements-function.
if (TRUE){} doesn't work but might be due to compiler-optimization.
Dear all,
I'm also looking for a fix to this bug as it exactly resembles a bug reported by my ISV.
Thanks,
Mithun Sridharan
- backported by
-
JDK-2170206 JVM-Crash with ReleaseByteArrayElements at beginning of function
-
- Closed
-