-
Bug
-
Resolution: Fixed
-
P2
-
7, 8, 11, 14, 15
-
b21
-
windows
-
Verified
| Issue | Fix Version | Assignee | Priority | Status | Resolution | Resolved In Build |
|---|---|---|---|---|---|---|
| JDK-8243679 | 14.0.2 | Anton Litvinov | P2 | Closed | Fixed | b04 |
| JDK-8247227 | 13.0.4 | Anton Litvinov | P2 | Resolved | Fixed | b05 |
| JDK-8243297 | 11.0.8-oracle | Anton Litvinov | P2 | Closed | Fixed | b04 |
| JDK-8244308 | 11.0.8 | Anton Litvinov | P2 | Resolved | Fixed | b02 |
| JDK-8248040 | openjdk8u272 | Anton Litvinov | P2 | Resolved | Fixed | b01 |
| JDK-8243570 | 8u261 | Anton Litvinov | P2 | Closed | Fixed | b05 |
| JDK-8247011 | emb-8u261 | Anton Litvinov | P2 | Resolved | Fixed | team |
| JDK-8243571 | 7u271 | Anton Litvinov | P2 | Closed | Fixed | b05 |
FULL PRODUCT VERSION :
JDK 15
ADDITIONAL OS VERSION INFORMATION :
MS Windows 10 OS
A DESCRIPTION OF THE PROBLEM :
Passing "java.awt.Component" object instead of an object of the expected type "java.awt.Window" to the constructor "TimedWindowEvent(Window source, int id, Window opposite, int oldState, int newState, long time)" of the class "sun.awt.TimedWindowEvent" through JNI invocation in "AwtWindow::SendWindowEvent(jint, HWND, jint, jint)" C++ method allows to create invalid "sun.awt.TimedWindowEvent" instance, which during its processing in Java method "java.awt.DefaultKeyboardFocusManager.dispatchEvent(AWTEvent)" leads to JVM crash. The crash occurs, during an attempt to call the method "java.awt.Window.getTemporaryLostComponent()" on the object retrieved from the invalid instance of "TimedWindowEvent" through the method "getOppositeWindow()", because the returned "java.awt.Window" object is in runtime in fact the instance of "java.awt.Component" class, which does not have "getTemporaryLostComponent()" method.
ERROR MESSAGES/STACK TRACES THAT OCCUR :
---------- Part of JVM error log from the attached file "hs_err_pid5836.log" ----------
#
# A fatal error has been detected by the Java Runtime Environment:
#
# EXCEPTION_ACCESS_VIOLATION (0xc0000005) at pc=0x00007ffee4f399fb, pid=5836, tid=7276
#
# JRE version: Java(TM) SE Runtime Environment (15.0+10) (build 15-ea+10-316)
# Java VM: Java HotSpot(TM) 64-Bit Server VM (15-ea+10-316, mixed mode, sharing, tiered, compressed oops, g1 gc, windows-amd64)
# Problematic frame:
# V [jvm.dll+0x4d99fb]
#
# No core dump will be written. Minidumps are not enabled by default on client versions of Windows
#
# If you would like to submit a bug report, please visit:
# https://bugreport.java.com/bugreport/crash.jsp
#
--------------- S U M M A R Y ------------
Command Line: Foreground
Host: Intel(R) Core(TM) i7-6660U CPU @ 2.40GHz, 2 cores, 5G, Windows 10 , 64 bit Build 16299 (10.0.16299.15)
Time: Fri Apr 10 16:16:13 2020 GMT Daylight Time elapsed time: 3 seconds (0d 0h 0m 3s)
--------------- T H R E A D ---------------
Current thread (0x0000028c434d9000): JavaThread "AWT-EventQueue-0" [_thread_in_vm, id=7276, stack(0x000000f279300000,0x000000f279400000)]
Stack: [0x000000f279300000,0x000000f279400000], sp=0x000000f2793fdda0, free space=1015k
Native frames: (J=compiled Java code, j=interpreted, Vv=VM code, C=native code)
V [jvm.dll+0x4d99fb]
V [jvm.dll+0x4d7f7f]
V [jvm.dll+0x323903]
V [jvm.dll+0x322ebf]
C 0x0000028c2dedd698
Java frames: (J=compiled Java code, j=interpreted, Vv=VM code)
j java.awt.DefaultKeyboardFocusManager.dispatchEvent(Ljava/awt/AWTEvent;)Z+1455 java.desktop@15-ea
j java.awt.Component.dispatchEventImpl(Ljava/awt/AWTEvent;)V+131 java.desktop@15-ea
j java.awt.Container.dispatchEventImpl(Ljava/awt/AWTEvent;)V+42 java.desktop@15-ea
j java.awt.Window.dispatchEventImpl(Ljava/awt/AWTEvent;)V+19 java.desktop@15-ea
j java.awt.Component.dispatchEvent(Ljava/awt/AWTEvent;)V+2 java.desktop@15-ea
j java.awt.EventQueue.dispatchEventImpl(Ljava/awt/AWTEvent;Ljava/lang/Object;)V+41 java.desktop@15-ea
j java.awt.EventQueue$4.run()Ljava/lang/Void;+32 java.desktop@15-ea
j java.awt.EventQueue$4.run()Ljava/lang/Object;+1 java.desktop@15-ea
J 480 c1 java.security.AccessController.executePrivileged(Ljava/security/PrivilegedAction;Ljava/security/AccessControlContext;Ljava/lang/Class;)Ljava/lang/Object; java.base@15-ea (65 bytes) @ 0x0000028c2e4fac44 [0x0000028c2e4faae0+0x0000000000000164]
j java.security.AccessController.doPrivileged(Ljava/security/PrivilegedAction;Ljava/security/AccessControlContext;)Ljava/lang/Object;+13 java.base@15-ea
j java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(Ljava/security/PrivilegedAction;Ljava/security/AccessControlContext;Ljava/security/AccessControlContext;)Ljava/lang/Object;+18 java.base@15-ea
j java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(Ljava/security/PrivilegedAction;Ljava/security/AccessControlContext;)Ljava/lang/Object;+6 java.base@15-ea
j java.awt.EventQueue$5.run()Ljava/lang/Void;+11 java.desktop@15-ea
j java.awt.EventQueue$5.run()Ljava/lang/Object;+1 java.desktop@15-ea
J 480 c1 java.security.AccessController.executePrivileged(Ljava/security/PrivilegedAction;Ljava/security/AccessControlContext;Ljava/lang/Class;)Ljava/lang/Object; java.base@15-ea (65 bytes) @ 0x0000028c2e4fac44 [0x0000028c2e4faae0+0x0000000000000164]
j java.security.AccessController.doPrivileged(Ljava/security/PrivilegedAction;Ljava/security/AccessControlContext;)Ljava/lang/Object;+13 java.base@15-ea
j java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(Ljava/security/PrivilegedAction;Ljava/security/AccessControlContext;Ljava/security/AccessControlContext;)Ljava/lang/Object;+18 java.base@15-ea
j java.awt.EventQueue.dispatchEvent(Ljava/awt/AWTEvent;)V+73 java.desktop@15-ea
j java.awt.SequencedEvent.dispatch()V+150 java.desktop@15-ea
j java.awt.EventQueue.dispatchEventImpl(Ljava/awt/AWTEvent;Ljava/lang/Object;)V+21 java.desktop@15-ea
j java.awt.EventQueue$4.run()Ljava/lang/Void;+32 java.desktop@15-ea
j java.awt.EventQueue$4.run()Ljava/lang/Object;+1 java.desktop@15-ea
J 480 c1 java.security.AccessController.executePrivileged(Ljava/security/PrivilegedAction;Ljava/security/AccessControlContext;Ljava/lang/Class;)Ljava/lang/Object; java.base@15-ea (65 bytes) @ 0x0000028c2e4fac44 [0x0000028c2e4faae0+0x0000000000000164]
j java.security.AccessController.doPrivileged(Ljava/security/PrivilegedAction;Ljava/security/AccessControlContext;)Ljava/lang/Object;+13 java.base@15-ea
j java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(Ljava/security/PrivilegedAction;Ljava/security/AccessControlContext;Ljava/security/AccessControlContext;)Ljava/lang/Object;+18 java.base@15-ea
j java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(Ljava/security/PrivilegedAction;Ljava/security/AccessControlContext;)Ljava/lang/Object;+6 java.base@15-ea
j java.awt.EventQueue$5.run()Ljava/lang/Void;+11 java.desktop@15-ea
j java.awt.EventQueue$5.run()Ljava/lang/Object;+1 java.desktop@15-ea
J 480 c1 java.security.AccessController.executePrivileged(Ljava/security/PrivilegedAction;Ljava/security/AccessControlContext;Ljava/lang/Class;)Ljava/lang/Object; java.base@15-ea (65 bytes) @ 0x0000028c2e4fac44 [0x0000028c2e4faae0+0x0000000000000164]
j java.security.AccessController.doPrivileged(Ljava/security/PrivilegedAction;Ljava/security/AccessControlContext;)Ljava/lang/Object;+13 java.base@15-ea
j java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(Ljava/security/PrivilegedAction;Ljava/security/AccessControlContext;Ljava/security/AccessControlContext;)Ljava/lang/Object;+18 java.base@15-ea
j java.awt.EventQueue.dispatchEvent(Ljava/awt/AWTEvent;)V+73 java.desktop@15-ea
j java.awt.EventDispatchThread.pumpOneEventForFilters(I)V+78 java.desktop@15-ea
j java.awt.EventDispatchThread.pumpEventsForFilter(ILjava/awt/Conditional;Ljava/awt/EventFilter;)V+35 java.desktop@15-ea
j java.awt.EventDispatchThread.pumpEventsForHierarchy(ILjava/awt/Conditional;Ljava/awt/Component;)V+11 java.desktop@15-ea
j java.awt.EventDispatchThread.pumpEvents(ILjava/awt/Conditional;)V+4 java.desktop@15-ea
j java.awt.EventDispatchThread.pumpEvents(Ljava/awt/Conditional;)V+3 java.desktop@15-ea
j java.awt.EventDispatchThread.run()V+9 java.desktop@15-ea
v ~StubRoutines::call_stub
siginfo: EXCEPTION_ACCESS_VIOLATION (0xc0000005), reading address 0x00000000003b0020
JDK 15
ADDITIONAL OS VERSION INFORMATION :
MS Windows 10 OS
A DESCRIPTION OF THE PROBLEM :
Passing "java.awt.Component" object instead of an object of the expected type "java.awt.Window" to the constructor "TimedWindowEvent(Window source, int id, Window opposite, int oldState, int newState, long time)" of the class "sun.awt.TimedWindowEvent" through JNI invocation in "AwtWindow::SendWindowEvent(jint, HWND, jint, jint)" C++ method allows to create invalid "sun.awt.TimedWindowEvent" instance, which during its processing in Java method "java.awt.DefaultKeyboardFocusManager.dispatchEvent(AWTEvent)" leads to JVM crash. The crash occurs, during an attempt to call the method "java.awt.Window.getTemporaryLostComponent()" on the object retrieved from the invalid instance of "TimedWindowEvent" through the method "getOppositeWindow()", because the returned "java.awt.Window" object is in runtime in fact the instance of "java.awt.Component" class, which does not have "getTemporaryLostComponent()" method.
ERROR MESSAGES/STACK TRACES THAT OCCUR :
---------- Part of JVM error log from the attached file "hs_err_pid5836.log" ----------
#
# A fatal error has been detected by the Java Runtime Environment:
#
# EXCEPTION_ACCESS_VIOLATION (0xc0000005) at pc=0x00007ffee4f399fb, pid=5836, tid=7276
#
# JRE version: Java(TM) SE Runtime Environment (15.0+10) (build 15-ea+10-316)
# Java VM: Java HotSpot(TM) 64-Bit Server VM (15-ea+10-316, mixed mode, sharing, tiered, compressed oops, g1 gc, windows-amd64)
# Problematic frame:
# V [jvm.dll+0x4d99fb]
#
# No core dump will be written. Minidumps are not enabled by default on client versions of Windows
#
# If you would like to submit a bug report, please visit:
# https://bugreport.java.com/bugreport/crash.jsp
#
--------------- S U M M A R Y ------------
Command Line: Foreground
Host: Intel(R) Core(TM) i7-6660U CPU @ 2.40GHz, 2 cores, 5G, Windows 10 , 64 bit Build 16299 (10.0.16299.15)
Time: Fri Apr 10 16:16:13 2020 GMT Daylight Time elapsed time: 3 seconds (0d 0h 0m 3s)
--------------- T H R E A D ---------------
Current thread (0x0000028c434d9000): JavaThread "AWT-EventQueue-0" [_thread_in_vm, id=7276, stack(0x000000f279300000,0x000000f279400000)]
Stack: [0x000000f279300000,0x000000f279400000], sp=0x000000f2793fdda0, free space=1015k
Native frames: (J=compiled Java code, j=interpreted, Vv=VM code, C=native code)
V [jvm.dll+0x4d99fb]
V [jvm.dll+0x4d7f7f]
V [jvm.dll+0x323903]
V [jvm.dll+0x322ebf]
C 0x0000028c2dedd698
Java frames: (J=compiled Java code, j=interpreted, Vv=VM code)
j java.awt.DefaultKeyboardFocusManager.dispatchEvent(Ljava/awt/AWTEvent;)Z+1455 java.desktop@15-ea
j java.awt.Component.dispatchEventImpl(Ljava/awt/AWTEvent;)V+131 java.desktop@15-ea
j java.awt.Container.dispatchEventImpl(Ljava/awt/AWTEvent;)V+42 java.desktop@15-ea
j java.awt.Window.dispatchEventImpl(Ljava/awt/AWTEvent;)V+19 java.desktop@15-ea
j java.awt.Component.dispatchEvent(Ljava/awt/AWTEvent;)V+2 java.desktop@15-ea
j java.awt.EventQueue.dispatchEventImpl(Ljava/awt/AWTEvent;Ljava/lang/Object;)V+41 java.desktop@15-ea
j java.awt.EventQueue$4.run()Ljava/lang/Void;+32 java.desktop@15-ea
j java.awt.EventQueue$4.run()Ljava/lang/Object;+1 java.desktop@15-ea
J 480 c1 java.security.AccessController.executePrivileged(Ljava/security/PrivilegedAction;Ljava/security/AccessControlContext;Ljava/lang/Class;)Ljava/lang/Object; java.base@15-ea (65 bytes) @ 0x0000028c2e4fac44 [0x0000028c2e4faae0+0x0000000000000164]
j java.security.AccessController.doPrivileged(Ljava/security/PrivilegedAction;Ljava/security/AccessControlContext;)Ljava/lang/Object;+13 java.base@15-ea
j java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(Ljava/security/PrivilegedAction;Ljava/security/AccessControlContext;Ljava/security/AccessControlContext;)Ljava/lang/Object;+18 java.base@15-ea
j java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(Ljava/security/PrivilegedAction;Ljava/security/AccessControlContext;)Ljava/lang/Object;+6 java.base@15-ea
j java.awt.EventQueue$5.run()Ljava/lang/Void;+11 java.desktop@15-ea
j java.awt.EventQueue$5.run()Ljava/lang/Object;+1 java.desktop@15-ea
J 480 c1 java.security.AccessController.executePrivileged(Ljava/security/PrivilegedAction;Ljava/security/AccessControlContext;Ljava/lang/Class;)Ljava/lang/Object; java.base@15-ea (65 bytes) @ 0x0000028c2e4fac44 [0x0000028c2e4faae0+0x0000000000000164]
j java.security.AccessController.doPrivileged(Ljava/security/PrivilegedAction;Ljava/security/AccessControlContext;)Ljava/lang/Object;+13 java.base@15-ea
j java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(Ljava/security/PrivilegedAction;Ljava/security/AccessControlContext;Ljava/security/AccessControlContext;)Ljava/lang/Object;+18 java.base@15-ea
j java.awt.EventQueue.dispatchEvent(Ljava/awt/AWTEvent;)V+73 java.desktop@15-ea
j java.awt.SequencedEvent.dispatch()V+150 java.desktop@15-ea
j java.awt.EventQueue.dispatchEventImpl(Ljava/awt/AWTEvent;Ljava/lang/Object;)V+21 java.desktop@15-ea
j java.awt.EventQueue$4.run()Ljava/lang/Void;+32 java.desktop@15-ea
j java.awt.EventQueue$4.run()Ljava/lang/Object;+1 java.desktop@15-ea
J 480 c1 java.security.AccessController.executePrivileged(Ljava/security/PrivilegedAction;Ljava/security/AccessControlContext;Ljava/lang/Class;)Ljava/lang/Object; java.base@15-ea (65 bytes) @ 0x0000028c2e4fac44 [0x0000028c2e4faae0+0x0000000000000164]
j java.security.AccessController.doPrivileged(Ljava/security/PrivilegedAction;Ljava/security/AccessControlContext;)Ljava/lang/Object;+13 java.base@15-ea
j java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(Ljava/security/PrivilegedAction;Ljava/security/AccessControlContext;Ljava/security/AccessControlContext;)Ljava/lang/Object;+18 java.base@15-ea
j java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(Ljava/security/PrivilegedAction;Ljava/security/AccessControlContext;)Ljava/lang/Object;+6 java.base@15-ea
j java.awt.EventQueue$5.run()Ljava/lang/Void;+11 java.desktop@15-ea
j java.awt.EventQueue$5.run()Ljava/lang/Object;+1 java.desktop@15-ea
J 480 c1 java.security.AccessController.executePrivileged(Ljava/security/PrivilegedAction;Ljava/security/AccessControlContext;Ljava/lang/Class;)Ljava/lang/Object; java.base@15-ea (65 bytes) @ 0x0000028c2e4fac44 [0x0000028c2e4faae0+0x0000000000000164]
j java.security.AccessController.doPrivileged(Ljava/security/PrivilegedAction;Ljava/security/AccessControlContext;)Ljava/lang/Object;+13 java.base@15-ea
j java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(Ljava/security/PrivilegedAction;Ljava/security/AccessControlContext;Ljava/security/AccessControlContext;)Ljava/lang/Object;+18 java.base@15-ea
j java.awt.EventQueue.dispatchEvent(Ljava/awt/AWTEvent;)V+73 java.desktop@15-ea
j java.awt.EventDispatchThread.pumpOneEventForFilters(I)V+78 java.desktop@15-ea
j java.awt.EventDispatchThread.pumpEventsForFilter(ILjava/awt/Conditional;Ljava/awt/EventFilter;)V+35 java.desktop@15-ea
j java.awt.EventDispatchThread.pumpEventsForHierarchy(ILjava/awt/Conditional;Ljava/awt/Component;)V+11 java.desktop@15-ea
j java.awt.EventDispatchThread.pumpEvents(ILjava/awt/Conditional;)V+4 java.desktop@15-ea
j java.awt.EventDispatchThread.pumpEvents(Ljava/awt/Conditional;)V+3 java.desktop@15-ea
j java.awt.EventDispatchThread.run()V+9 java.desktop@15-ea
v ~StubRoutines::call_stub
siginfo: EXCEPTION_ACCESS_VIOLATION (0xc0000005), reading address 0x00000000003b0020
- backported by
-
JDK-8244308 Invalid "sun.awt.TimedWindowEvent" object leads to JVM crash
-
- Resolved
-
-
-
- Resolved
-
-
-
- Resolved
-
-
-
- Resolved
-
-
-
- Closed
-
-
-
- Closed
-
-
-
- Closed
-
-
-
- Closed
-
- links to
(3 backported by, 1 links to)