Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-4701709

in sparc.ad, missing annul bit in enc_String_Compare causes SEGV

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: P3
    • Resolution: Fixed
    • Affects Version/s: 1.4.1
    • Fix Version/s: 1.3.1_05
    • Component/s: hotspot
    • Labels:
    • Subcomponent:
    • Resolved In Build:
      05
    • CPU:
      sparc
    • OS:
      solaris_8

      Backports

        Description



        Name: cl74495 Date: 06/13/2002


        Below is part of the enc_String_Compare implementation
        from file src/cpu/sparc/vm/sparc.ad .
        The branch instruction marked with "set annul" comment
        needs to have the annul bit set. The code is shown
        after applying the fix, which is to have the
        second argument to br() be true.

         Without the annul bit, the delay slot fetch marked
        "SEGV here" can execute a fetch one character past
        the end of the "chr1" character array . If the
        chr1 character array is at the end of a memory space
        and the next virtual address page is not committed,
        a SEGV can result.

            // Compare the rest of the characters
            __ lduh(tmp1_reg, limit_reg, chr1_reg);
            __ bind(Lloop);
            // __ lduh(tmp1_reg, limit_reg, chr1_reg); // hoisted
            __ lduh(tmp2_reg, limit_reg, chr2_reg);
            __ subcc(chr1_reg, chr2_reg, chr1_reg);
            __ br(Assembler::notZero, false, Assembler::pt, Ldone);
            assert(chr1_reg == result_reg, "result must be pre-placed");
            __ delayed()->inccc(limit_reg, sizeof(jchar));
            __ br(Assembler::notZero, true, Assembler::pt, Lloop); // set annul, gemstone fix 27662
            __ delayed()->lduh(tmp1_reg, limit_reg, chr1_reg); // hoisted // SEGV here

        This problem exists in src/cpu/sparc/vm/sparc.ad
        for all of these J2SE versions :
          1.3.1.03
          1.4.0.01
          1.4.1 beta b14

        I have not checked 1.2.x sources.
        (Review ID: 153413)
        ======================================================================

          Attachments

            Issue Links

              Activity

                People

                Assignee:
                mpalecznsunw Michael Paleczny (Inactive)
                Reporter:
                clucasius Carlos Lucasius (Inactive)
                Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                  Dates

                  Created:
                  Updated:
                  Resolved:
                  Imported:
                  Indexed: