Details
-
Bug
-
Resolution: Fixed
-
P3
-
7
-
b36
-
generic
-
solaris
Description
This problem is present in all JDK versions containing the code described below, so backporting is needed.
This applies applies to 32 bit Solaris: both sparc and x86. There is no problem with 64 bit Solaris.
Function SplashEventLoop in ./solaris/native/sun/awt/splashscreen/splashscreen_sys.c uses FD_SET in two places on local array var fds, which only contains 2048 bits. If this code is executed with a descriptor-intensive application on a Solaris system configured to support greater than 2048 descriptors, the FD_SET usage will cause corruption of a caller's stack frame. Either poll must be used instead of select, or else FD_SETSIZE must be made 65536 when this module is compiled.
See the select(3c) Solaris manpage and case PSARC/1997/110 for more details.
The code in question is listed below:
void
SplashEventLoop(Splash * splash) {
/* Different from win32 implementation - this loop
uses select timeouts instead of a timer */
/* we should have splash _locked_ on entry!!! */
int xconn = XConnectionNumber(splash->display);
while (1) {
int ctl = splash->controlpipe[0];
fd_set fds[2];
int n = 0;
struct timeval tv, *ptv;
int rc;
int time;
int pipes_empty;
FD_ZERO(fds);
FD_SET(xconn, fds);
^^^^^^^^^^^^^^^^^^^ not sure if xconn
if (xconn+1 > n)
n = xconn+1;
FD_SET(ctl, fds);
This applies applies to 32 bit Solaris: both sparc and x86. There is no problem with 64 bit Solaris.
Function SplashEventLoop in ./solaris/native/sun/awt/splashscreen/splashscreen_sys.c uses FD_SET in two places on local array var fds, which only contains 2048 bits. If this code is executed with a descriptor-intensive application on a Solaris system configured to support greater than 2048 descriptors, the FD_SET usage will cause corruption of a caller's stack frame. Either poll must be used instead of select, or else FD_SETSIZE must be made 65536 when this module is compiled.
See the select(3c) Solaris manpage and case PSARC/1997/110 for more details.
The code in question is listed below:
void
SplashEventLoop(Splash * splash) {
/* Different from win32 implementation - this loop
uses select timeouts instead of a timer */
/* we should have splash _locked_ on entry!!! */
int xconn = XConnectionNumber(splash->display);
while (1) {
int ctl = splash->controlpipe[0];
fd_set fds[2];
int n = 0;
struct timeval tv, *ptv;
int rc;
int time;
int pipes_empty;
FD_ZERO(fds);
FD_SET(xconn, fds);
^^^^^^^^^^^^^^^^^^^ not sure if xconn
if (xconn+1 > n)
n = xconn+1;
FD_SET(ctl, fds);
Attachments
Issue Links
- relates to
-
-
- Closed
-