IBM Support

IZ86040: USE OF JAVA/UTIL/TREEMAP CAUSES JAVA 6 CRASH ON 64-BIT SYSTEM Z

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as program error.

Error description

  • Error Message: An ABEND occurs (or a SIGSEGV is raised) on
64-bit z/OS or z/Linux, in a Java 6 application which uses
java/util/TreeMap. The crash could occur in libj9gc24.so, in
libj9jit24.so, or in compiled code. In all cases, an object
array which is part of a TreeMap data structure has its first
element temporarily overwritten by the length of the array
(typically 64). The ABEND occurs when the corrupted element is
examined by the garbage collector (or used by JIT-compiled
code), as the value is not a valid pointer. The problem only
occurs if support for compressed references is enabled.
.
Stack Trace: N/A
.

Local fix

  • This issue can be avoided by removing the -Xcompressedrefs
option from the JVM command line, to turn off support for
compressed references. Note that this will cause the size of the
object heap to increase, by a factor of two at most.

Problem summary

  • The problem is caused when the JIT compiler performs a buggy
transformation of a System.arraycopy call that copies a set of
elements of an object array to a different offset within the
same array. When compressed references are enabled, the
optimized arraycopy call incorrectly copies the array length
from the array object header into the first element of the
array. In the case of TreeMap, this corrupted element is usually
overwritten again with a valid pointer very quickly, but if
garbage collection occurs in the mean time, or if another thread
loads the corrupted element, the bad pointer will cause a crash.
Hence the problem is timing-dependent and is rarely encountered.

Problem conclusion

  • This defect will be fixed in:
6.0.0 SR9
.
The JIT compiler has been updated to transform arraycopy calls
correctly when compressed reference support is enabled.
.
To obtain the fix:
Install build 20100816 or later

Temporary fix

  • 



Comments


    

  • 



APAR Information




    

  • APAR number
    IZ86040
    • 

  • Reported component name
    JIT
    • 

  • Reported component ID
    620700124
    • 

  • Reported release
    600
    • 

  • Status
    CLOSED  PER
    • 

  • PE
    NoPE
    • 

  • HIPER
    NoHIPER
    • 

  • Special Attention
    NoSpecatt
    • 

  • Submitted date
    2010-10-05
    • 

  • Closed date
    2010-10-05
    • 

  • Last modified date
    2011-02-13
    • 





    

  • APAR is sysrouted FROM one or more of the following:
    

    • 

  • APAR is sysrouted TO one or more of the following:
    

    • 



Fix information


    

  • Fixed component name
    JIT
    • 

  • Fixed component ID
    620700124
    • 



Applicable component levels


    

  • R600  PSN
       UP
    • 








      
              
                            

              

              [{"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSC9HBA","label":"Just In Time (JIT) Compiler"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"6.0","Edition":"","Line of Business":{"code":"","label":""}}]
              

                                                                    

          
 
        

      

    

      

        

          

            
Document Information


            

            


                        

            Modified date:
            

            13 February 2011
            

            
                      

        


        

        


      

    

  



    

  

  
    
            

          
Page Feedback