#104 64 Bit bug which results in random VM crashes

1.17
closed-accepted
nobody
None
5
2013-07-23
2011-11-10
hendrikbock
No

The Dispatch java class stores pointers in the variable 'm_pDispatch' as a 32bit java int type. This value is cast to an IDispatch pointer in the C++ JNI part of the Dispatch class.
If the value of the java int variable exceeds the 2^31 limit the value of the java int type gets negative. When being casted to an IDispatch pointer on the C++ native side, this pointer gets an invalid value - for example '0xFFFFFFFF83B20917'. When this address is accessed the VM crashes with an EXCEPTION_ACCESS_VIOLATION.
This bug occurs randomly and only on 64 bit systems with a lot of memory which makes it hard to track down.

The attached files contain a JVM crash log of such a crash and new versions of the files which contained buggy code. I was not able to do a complete code-review of jacob. So maybe the bug can also be found elsewhere.

Discussion

1 2 > >> (Page 1 of 2)
  • hendrikbock
    hendrikbock
    2011-11-10

    JVM crash log of such a crash

     
    Attachments
  • hendrikbock
    hendrikbock
    2011-12-09

     
    Attachments
  • hendrikbock
    hendrikbock
    2011-12-09

     
    Attachments
  • hendrikbock
    hendrikbock
    2011-12-09

     
    Attachments
  • hendrikbock
    hendrikbock
    2011-12-09

     
    Attachments
  • hendrikbock
    hendrikbock
    2011-12-09

     
    Attachments
  • hendrikbock
    hendrikbock
    2011-12-09

     
    Attachments
  • hendrikbock
    hendrikbock
    2011-12-09

     
    Attachments
  • hendrikbock
    hendrikbock
    2011-12-09

     
    Attachments
  • hendrikbock
    hendrikbock
    2011-12-09

     
    Attachments
  • hendrikbock
    hendrikbock
    2011-12-09

     
    Attachments
  • hendrikbock
    hendrikbock
    2011-12-09

     
    Attachments
  • hendrikbock
    hendrikbock
    2011-12-09

     
    Attachments
  • hendrikbock
    hendrikbock
    2011-12-09

    I found out that some more classes are affected by this bug. I deleted the previously uploaded files and uploaded new versions of all files affected. The previously uploaded files were deleted because i fixed the bug differently in some places.

     
  • hendrikbock
    hendrikbock
    2011-12-09

    • milestone: 940660 --> 2383428
     
  • clay_shooter
    clay_shooter
    2011-12-11

    Can you generate a patch file , maybe using eclipse's patch functionality? Then I can see the diffs for each file.

     
  • hendrikbock
    hendrikbock
    2011-12-12

    The patch was now also tested on 32bit Windows without any problems.

     
  • hendrikbock
    hendrikbock
    2011-12-12

     
    Attachments
  • hendrikbock
    hendrikbock
    2011-12-12

     
    Attachments
  • hendrikbock
    hendrikbock
    2011-12-12

     
  • hendrikbock
    hendrikbock
    2011-12-12

     
  • hendrikbock
    hendrikbock
    2011-12-12

     
    Attachments
1 2 > >> (Page 1 of 2)