[Bug 481] Shark assert(pc == __null, "should be") / Sigsegv bombs without assertions - Deoptimizer issue

bugzilla-daemon at icedtea.classpath.org bugzilla-daemon at icedtea.classpath.org
Mon May 3 01:19:07 PDT 2010 

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=481





------- Comment #1 from xerxes at zafena.se  2010-05-03 08:19 -------
Created an attachment (id=333)
 --> (http://icedtea.classpath.org/bugzilla/attachment.cgi?id=333&action=view)
backtrace how the sigsegv crash looks on arm when running without assertions

When running without assertions then the sigsegv crash happens inside the JITed
code block of: sun.net.www.protocol.jar.JarURLConnection::connect

when shark are processing a sharkState merge during the safepointed block.
current_state()->merge(orig_state, orig_block, safepointed_block);

Attached log file for backtrace for ARM.

gdb disassemble on X86 indicates that the crash happens at the same place:
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0xb7fe5b70 (LWP 1877)]
0x03aaf8c7 in sun.net.www.protocol.jar.JarURLConnection_3A__3A_connect ()
(gdb) disassemble
Dump of assembler code for function
sun.net.www.protocol.jar.JarURLConnection_3A__3A_connect:
   0x03aaf7c0 <+0>:     push   %ebp
   0x03aaf7c1 <+1>:     mov    %esp,%ebp
   0x03aaf7c3 <+3>:     push   %ebx
   0x03aaf7c4 <+4>:     push   %edi
   0x03aaf7c5 <+5>:     push   %esi
   0x03aaf7c6 <+6>:     sub    $0x1c,%esp
   0x03aaf7c9 <+9>:     mov    0x10(%ebp),%esi
   0x03aaf7cc <+12>:    mov    0x98(%esi),%eax
   0x03aaf7d2 <+18>:    mov    0x1e0(%esi),%edi
   0x03aaf7d8 <+24>:    sub    0x9c(%esi),%eax
   0x03aaf7de <+30>:    mov    %ebp,%ecx
   0x03aaf7e0 <+32>:    sub    %eax,%ecx
   0x03aaf7e2 <+34>:    cmp    $0x4fff,%ecx
   0x03aaf7e8 <+40>:    mov    0x8(%ebp),%eax
   0x03aaf7eb <+43>:    mov    %eax,-0x10(%ebp)
   0x03aaf7ee <+46>:    ja     0x3aaf816
<sun.net.www.protocol.jar.JarURLConnection_3A__3A_connect+86>
   0x03aaf7f4 <+52>:    sub    $0x10,%esp
   0x03aaf7fa <+58>:    mov    %esi,0x8(%esp)
   0x03aaf7fe <+62>:    mov    0x8(%ebp),%esi
   0x03aaf801 <+65>:    mov    %esi,(%esp)
   0x03aaf804 <+68>:    movl   $0x0,0x4(%esp)
   0x03aaf80c <+76>:    call   0x3b6a40
<_ZN14CppInterpreter12normal_entryEP13methodOopDesciP6Thread>
   0x03aaf811 <+81>:    jmp    0x3aaf8cf
<sun.net.www.protocol.jar.JarURLConnection_3A__3A_connect+271>
   0x03aaf816 <+86>:    add    $0xffffffd4,%edi
   0x03aaf819 <+89>:    mov    %edi,%eax
   0x03aaf81b <+91>:    sub    0x1d8(%esi),%eax
   0x03aaf821 <+97>:    cmp    $0x5000,%eax
   0x03aaf827 <+103>:   jb     0x3aaf7f4
<sun.net.www.protocol.jar.JarURLConnection_3A__3A_connect+52>
   0x03aaf82d <+109>:   mov    %edi,0x18(%edi)
   0x03aaf830 <+112>:   movl   $0x3,0x20(%edi)
   0x03aaf837 <+119>:   mov    0x1e4(%esi),%eax
   0x03aaf83d <+125>:   mov    %eax,0x24(%edi)
   0x03aaf840 <+128>:   lea    0x24(%edi),%eax
   0x03aaf843 <+131>:   mov    %eax,0x1e4(%esi)
   0x03aaf849 <+137>:   mov    0x2c(%edi),%ebx
   0x03aaf84c <+140>:   movsbl 0x1c(%ebx),%eax
   0x03aaf850 <+144>:   test   %eax,%eax
   0x03aaf852 <+146>:   je     0x3aaf8d7
<sun.net.www.protocol.jar.JarURLConnection_3A__3A_connect+279>
   0x03aaf858 <+152>:   cmpl   $0x1,0x65bf20
   0x03aaf85f <+159>:   jne    0x3aaf8b8
<sun.net.www.protocol.jar.JarURLConnection_3A__3A_connect+248>
   0x03aaf865 <+165>:   lea    0x10(%edi),%eax
   0x03aaf868 <+168>:   mov    %eax,0x1e0(%esi)
   0x03aaf86e <+174>:   mov    -0x10(%ebp),%eax
   0x03aaf871 <+177>:   mov    %eax,0x14(%edi)
   0x03aaf874 <+180>:   mov    0xc(%ebp),%eax
   0x03aaf877 <+183>:   add    $0x10,%eax
   0x03aaf87a <+186>:   mov    %eax,0x1c(%edi)
   0x03aaf87d <+189>:   mov    %ebx,0x2c(%edi)
   0x03aaf880 <+192>:   mov    0x1e4(%esi),%ebx
   0x03aaf886 <+198>:   mov    %ebx,0x100(%esi)
   0x03aaf88c <+204>:   sub    $0x8,%esp
   0x03aaf892 <+210>:   mov    %esi,(%esp)
   0x03aaf895 <+213>:   call   0x55d230
<_ZN20SafepointSynchronize5blockEP10JavaThread>
---Type <return> to continue, or q <return> to quit---
   0x03aaf89a <+218>:   add    $0x8,%esp
   0x03aaf89d <+221>:   movl   $0x0,0x100(%esi)
   0x03aaf8a7 <+231>:   mov    0x4(%esi),%ebx
   0x03aaf8aa <+234>:   test   %ebx,%ebx
   0x03aaf8ac <+236>:   mov    0x14(%edi),%eax
   0x03aaf8af <+239>:   mov    0x2c(%edi),%edi
   0x03aaf8b2 <+242>:   jne    0x3aafc0d
<sun.net.www.protocol.jar.JarURLConnection_3A__3A_connect+1101>
   0x03aaf8b8 <+248>:   mov    0x1e4(%esi),%ebx
   0x03aaf8be <+254>:   lea    0xc(%ebx),%edi
   0x03aaf8c1 <+257>:   mov    %edi,0x1e0(%esi)
=> 0x03aaf8c7 <+263>:   mov    (%ebx),%ebx
   0x03aaf8c9 <+265>:   mov    %ebx,0x1e4(%esi)
   0x03aaf8cf <+271>:   lea    -0xc(%ebp),%esp
   0x03aaf8d2 <+274>:   pop    %esi
   0x03aaf8d3 <+275>:   pop    %edi
   0x03aaf8d4 <+276>:   pop    %ebx
   0x03aaf8d5 <+277>:   pop    %ebp
   0x03aaf8d6 <+278>:   ret    

All crashes can be circumvented by creating a .hotspot_compiler file containing
the following lines:
exclude: Send_NoteOn_AllChannels::main
exclude: SoftTestUtils::<init>
exclude: com.sun.media.sound.EmergencySoundbank::createSoundbank
exclude: sun.net.www.protocol.jar.JarURLConnection::connect

Thus preventing jit compilation of all methods that make the JVM crash after
being processed by the deoptimizer.


-- 
Configure bugmail: http://icedtea.classpath.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

More information about the distro-pkg-dev mailing list