harmony-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Gregory Shimansky (JIRA)" <j...@apache.org>
Subject [jira] Commented: (HARMONY-2669) [classlib][charsets] Working with charset ISO-2022-CN crashes DRLVM
Date Tue, 17 Apr 2007 16:22:16 GMT

    [ https://issues.apache.org/jira/browse/HARMONY-2669?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12489454
] 

Gregory Shimansky commented on HARMONY-2669:
--------------------------------------------

The bug appears to be in this code of Java_com_ibm_icu4jni_converters_NativeConverter_setSubstitutionBytes
(see icu4jni, the patched version for memory leaks):

        jbyte* u_subChars = (*env)->GetPrimitiveArrayCritical(env,subChars,NULL);
        if(u_subChars){
             char* mySubChars= (char*)malloc(sizeof(char)*length);
             toChars((UChar*)u_subChars,&mySubChars[0],length);
             ucnv_setSubstChars(cnv,mySubChars, (char)length,&errorCode);
             if(U_FAILURE(errorCode)){
/* !!! */       (*env)->ReleasePrimitiveArrayCritical(env,subChars,mySubChars /* Here should
be u_subChars */ ,0); /* !!! */
                return errorCode;
             }
             free(mySubChars);
        }

ICU mistakenly passes a pointer to an array allocated in this function. But on windows in
debug mode MSVC has some paranoiac checks that heap pointer allocated in one DLL (ICU) cannot
be freed in another DLL (DRLVM). So when VM tries to free mySubChars it fails paranoiac MSVC
check.

I checked ICU 3.6 and the code is still the same. Probably we could use patched ICUInterface34.dll
and report a bug on ICU. I am not sure how many other places in ICU share the same pattern.

> [classlib][charsets] Working with charset ISO-2022-CN crashes DRLVM
> -------------------------------------------------------------------
>
>                 Key: HARMONY-2669
>                 URL: https://issues.apache.org/jira/browse/HARMONY-2669
>             Project: Harmony
>          Issue Type: Bug
>          Components: Classlib
>         Environment: Windows XP i686
>            Reporter: Salikh Zakirov
>         Assigned To: Gregory Shimansky
>         Attachments: Enc.java
>
>
> The attached test crashes debug version of DRLVM on a heap pointer validity check on
free().
> With the following stack:
>  	harmonyvm.dll!_CrtIsValidHeapPointer(const void * pUserData=0x02876958)  Line 1807
C
>  	harmonyvm.dll!_free_dbg_lk(void * pUserData=0x02876958, int nBlockUse=0x00000001) 
Line 1132 + 0x9 bytes	C
>  	harmonyvm.dll!_free_dbg(void * pUserData=0x02876958, int nBlockUse=0x00000001)  Line
1070 + 0xd bytes	C
>  	harmonyvm.dll!free(void * pUserData=0x02876958)  Line 1025 + 0xb bytes	C
>  	harmonyvm.dll!ReleaseByteArrayElements(JNIEnv_External * env=0x011c2cc0, _jobject *
array=0x0013f40c, char * elems=0x02876958, int mode=0x00000000)  Line 908 + 0x9 bytes	C++
> >	harmonyvm.dll!ReleasePrimitiveArrayCritical(JNIEnv_External * jenv=0x011c2cc0, _jobject
* array=0x0013f40c, void * carray=0x02876958, int mode=0x00000000)  Line 1305 + 0x15 bytes
C++
>  	ICUInterface34.dll!0285211e() 	
> Running the same test with J9 produces
> Exception in thread "main" java.lang.IllegalArgumentException: U_ILLEGAL_ARGUMENT_ERROR
>         at com.ibm.icu4jni.common.ErrorCode.getException(Unknown Source)
>         at com.ibm.icu4jni.charset.CharsetEncoderICU.implReplaceWith(Unknown Source)
>         at java.nio.charset.CharsetEncoder.replaceWith(CharsetEncoder.java:856)
>         at Enc.main(Enc.java:9)

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message