Analysis of Mauve failures - The final chapter

Mark Wielaard mark@klomp.org
Fri Apr 5 03:47:00 GMT 2002

• Previous message (by thread): Analysis of Mauve failures - The final chapter
• Next message (by thread): Analysis of Mauve failures - The final chapter
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

---

Hi,
On Fri, 2002年04月05日 at 03:10, Mark Wielaard wrote:
> On Fri, 2002年04月05日 at 02:40, Boehm, Hans wrote:
>> > Was there an issue here beyond the warning?
>> There was an issue, but it wasn't the garbage collector. natArray.cc
> seems to forget to check for a null object and crashes. But why that
> didn't show up when using -verbose or -debug is unclear.

I spoke to soon. The null pointer check seems to be not the only issue.
This patch seems clearly needed:
--- natArray.cc	2001年10月02日 13:44:32	1.11
+++ natArray.cc	2002年04月05日 10:34:11
@@ -1,6 +1,6 @@
 // natField.cc - Implementation of java.lang.reflect.Field native
methods.
 
-/* Copyright (C) 1999, 2000, 2001 Free Software Foundation
+/* Copyright (C) 1999, 2000, 2001, 2002 Free Software Foundation
 
 This file is part of libgcj.
 
@@ -16,6 +16,7 @@
 #include <gcj/cni.h>
 #include <java/lang/reflect/Array.h>
 #include <java/lang/IllegalArgumentException.h>
+#include <java/lang/NullPointerException.h>
 #include <java/lang/Byte.h>
 #include <java/lang/Short.h>
 #include <java/lang/Integer.h>
@@ -46,6 +47,8 @@
 java::lang::reflect::Array::newInstance (jclass componentType,
 					 jintArray dimensions)
 {
+ if (! dimensions)
+ throw new java::lang::NullPointerException;
 jint ndims = dimensions->length;
 if (ndims == 0)
 throw new java::lang::IllegalArgumentException ();
But what is really going on with the Mauve test is not yet clear to me.
The following program (extracted from the mauve test) run under gdb
gives:
import java.lang.reflect.Array;
public class Big
{
 public static void main(String[] args)
 {
 String[][] t = (String[][]) Array.newInstance(String.class,
 new int[] {Integer.MAX_VALUE, Integer.MAX_VALUE});
 System.out.println(t.length);
 }
}
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 1024 (LWP 23056)]
0x40250020 in java::lang::Class::isPrimitive() (this=0x0)
 at ../../../gcc/libjava/java/lang/Class.h:208
208	 return vtable == JV_PRIMITIVE_VTABLE;
Current language: auto; currently c++
(gdb) bt
#0 0x40250020 in java::lang::Class::isPrimitive() (this=0x0)
 at ../../../gcc/libjava/java/lang/Class.h:208
#1 0x40222e89 in _Jv_NewMultiArrayUnchecked (type=0x80a2af0,
dimensions=1, 
 sizes=0x8085e7c) at ../../../gcc/libjava/prims.cc:541
#2 0x40222f09 in _Jv_NewMultiArrayUnchecked (type=0x80a2a10,
dimensions=2, 
 sizes=0x8085e78) at ../../../gcc/libjava/prims.cc:552
#3 0x40222fad in _Jv_NewMultiArray(java::lang::Class*, int, int*) (
 type=0x80a2a10, dimensions=2, sizes=0x8085e78)
 at ../../../gcc/libjava/prims.cc:566
#4 0x4025af14 in
java::lang::reflect::Array::newInstance(java::lang::Class*,
JArray<int>*) (componentType=0x8049350, dimensions=0x8085e70)
 at ../../../gcc/libjava/java/lang/reflect/natArray.cc:63
#5 0x08048ab7 in Big.main(java.lang.String[]) (args=0x8089fe8) at
Big.java:6
It seems to me that something like the following is needed since the
Class type does not have to be an array class with Array.newInstanceOf()
--- prims.cc	2002年03月10日 03:30:48	1.71.2.1
+++ prims.cc	2002年04月05日 11:06:30
@@ -535,8 +535,11 @@
 static jobject
 _Jv_NewMultiArrayUnchecked (jclass type, jint dimensions, jint *sizes)
 {
- JvAssert (type->isArray());
- jclass element_type = type->getComponentType();
+ jclass element_type;
+ if (type->isArray())
+ element_type = type->getComponentType();
+ else
+ element_type = type;
 jobject result;
 if (element_type->isPrimitive())
 result = _Jv_NewPrimArray (element_type, sizes[0]);
But that dies horribly with:
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 1024 (LWP 13418)]
GC_build_fl_clear2 (h=0x81cd000, ofl=0x0)
 at ../../../gcc/boehm-gc/new_hblk.c:59
59	 p[0] = (word)ofl;
(gdb) bt
#0 GC_build_fl_clear2 (h=0x81cd000, ofl=0x0)
 at ../../../gcc/boehm-gc/new_hblk.c:59
#1 0x403f5675 in GC_build_fl (h=0x81cd000, sz=2, clear=136105984, list=0x0)
 at ../../../gcc/boehm-gc/new_hblk.c:184
#2 0x403f194f in GC_generic_malloc_many (lb=8, k=0, result=0x405a9784)
 at ../../../gcc/boehm-gc/mallocx.c:479
#3 0x403ef1ba in GC_local_malloc (bytes=4)
 at ../../../gcc/boehm-gc/linux_threads.c:346
#4 0x403e7663 in _Jv_AllocArray(int, java::lang::Class*) (size=4, 
 klass=0x8120910) at ../../../gcc/libjava/boehm.cc:354
#5 0x40222bf9 in _Jv_NewObjectArray (count=2147483647, 
 elementClass=0x80a2af0, init=0x0) at ../../../gcc/libjava/prims.cc:463
#6 0x40222ed9 in _Jv_NewMultiArrayUnchecked (type=0x80a2af0, dimensions=1, 
 sizes=0x8085e7c) at ../../../gcc/libjava/prims.cc:547
#7 0x40222f20 in _Jv_NewMultiArrayUnchecked (type=0x80a2a10, dimensions=2, 
 sizes=0x8085e78) at ../../../gcc/libjava/prims.cc:554
#8 0x40222fc3 in _Jv_NewMultiArray(java::lang::Class*, int, int*) (
 type=0x80a2a10, dimensions=2, sizes=0x8085e78)
 at ../../../gcc/libjava/prims.cc:568
#9 0x4025af24 in java::lang::reflect::Array::newInstance(java::lang::Class*, JArray<int>*) (componentType=0x8049350, dimensions=0x8085e70)
 at ../../../gcc/libjava/java/lang/reflect/natArray.cc:63
#10 0x08048ab7 in Big.main(java.lang.String[]) (args=0x8089fe8) at Big.java:6
Maybe someone who is more familiar with the Array code can take a look
at it.
Cheers,
Mark

---

• Previous message (by thread): Analysis of Mauve failures - The final chapter
• Next message (by thread): Analysis of Mauve failures - The final chapter
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

---

More information about the Java mailing list