[Bug java/32836] New: infinite loop (SIGSEGV) in java::lang::Throwable::fillInStackTrace

[Bug java/32836] New: infinite loop (SIGSEGV) in java::lang::Throwable::fillInStackTrace

[artem at bizlink dot ru]

This is Fedora 7.

$ gcj -v
Using built-in specs.
Reading specs from /usr/lib/gcc/i386-redhat-linux/4.1.2/libgcj.spec
rename spec startfile to startfileorig
rename spec lib to liborig
Target: i386-redhat-linux
Configured with: ../configure --prefix=/usr --mandir=/usr/share/man
--infodir=/usr/share/info --enable-shared --enable-threads=posix
--enable-checking=release --with-system-zlib --enable-__cxa_atexit
--disable-libunwind-exceptions
--enable-languages=c,c++,objc,obj-c++,java,fortran,ada --enable-java-awt=gtk
--disable-dssi --enable-plugin
--with-java-home=/usr/lib/jvm/java-1.5.0-gcj-1.5.0.0/jre
--enable-libgcj-multifile --enable-java-maintainer-mode
--with-ecj-jar=/usr/share/java/eclipse-ecj.jar --with-cpu=generic
--host=i386-redhat-linux
Thread model: posix
gcc version 4.1.2 20070502 (Red Hat 4.1.2-12)

There is this curious stack trace (in GDB):

...
#7889 <signal handler called>
#7890 0x006fc7e6 in ?? () from /lib/libgcc_s.so.1
#7891 0x006fd6b2 in _Unwind_Backtrace () from /lib/libgcc_s.so.1
#7892 0x02d9ac4e in _Jv_StackTrace::GetStackTrace () from
/usr/lib/libgcj.so.8rh
#7893 0x02dd5ecc in java::lang::VMThrowable::fillInStackTrace () from
/usr/lib/libgcj.so.8rh
#7894 0x03259492 in java::lang::Throwable::fillInStackTrace () from
/usr/lib/libgcj.so.8rh
#7895 0x03258ddd in java::lang::Throwable::Throwable () from
/usr/lib/libgcj.so.8rh
#7896 0x03258da3 in java::lang::Throwable::Throwable () from
/usr/lib/libgcj.so.8rh
#7897 0x0323cefb in java::lang::Exception::Exception () from
/usr/lib/libgcj.so.8rh
#7898 0x0324369b in java::lang::RuntimeException::RuntimeException () from
/usr/lib/libgcj.so.8rh
#7899 0x032418db in java::lang::NullPointerException::NullPointerException ()
from /usr/lib/libgcj.so.8rh
#7900 0x02d89b08 in ?? () from /usr/lib/libgcj.so.8rh
#7901 <signal handler called>
#7902 0x006fc7e6 in ?? () from /lib/libgcc_s.so.1
#7903 0x006fd6b2 in _Unwind_Backtrace () from /lib/libgcc_s.so.1
---Type <return> to continue, or q <return> to quit---
#7904 0x02d9ac4e in _Jv_StackTrace::GetStackTrace () from
/usr/lib/libgcj.so.8rh
#7905 0x02dd5ecc in java::lang::VMThrowable::fillInStackTrace () from
/usr/lib/libgcj.so.8rh
#7906 0x03259492 in java::lang::Throwable::fillInStackTrace () from
/usr/lib/libgcj.so.8rh
#7907 0x03258ddd in java::lang::Throwable::Throwable () from
/usr/lib/libgcj.so.8rh
#7908 0x03258da3 in java::lang::Throwable::Throwable () from
/usr/lib/libgcj.so.8rh
#7909 0x0323cefb in java::lang::Exception::Exception () from
/usr/lib/libgcj.so.8rh
#7910 0x0324369b in java::lang::RuntimeException::RuntimeException () from
/usr/lib/libgcj.so.8rh
#7911 0x032418db in java::lang::NullPointerException::NullPointerException ()
from /usr/lib/libgcj.so.8rh
#7912 0x02d89b08 in ?? () from /usr/lib/libgcj.so.8rh
#7913 <signal handler called>
#7914 0x006fc7e6 in ?? () from /lib/libgcc_s.so.1
#7915 0x006fd6b2 in _Unwind_Backtrace () from /lib/libgcc_s.so.1
#7916 0x02d9ac4e in _Jv_StackTrace::GetStackTrace () from
/usr/lib/libgcj.so.8rh
#7917 0x02dd5ecc in java::lang::VMThrowable::fillInStackTrace () from
/usr/lib/libgcj.so.8rh
#7918 0x03259492 in java::lang::Throwable::fillInStackTrace () from
/usr/lib/libgcj.so.8rh
#7919 0x03258ddd in java::lang::Throwable::Throwable () from
/usr/lib/libgcj.so.8rh
#7920 0x03258da3 in java::lang::Throwable::Throwable () from
/usr/lib/libgcj.so.8rh
#7921 0x0323cefb in java::lang::Exception::Exception () from
/usr/lib/libgcj.so.8rh
#7922 0x0324369b in java::lang::RuntimeException::RuntimeException () from
/usr/lib/libgcj.so.8rh
#7923 0x032418db in java::lang::NullPointerException::NullPointerException ()
from /usr/lib/libgcj.so.8rh
#7924 0x02d89b08 in ?? () from /usr/lib/libgcj.so.8rh
#7925 <signal handler called>
#7926 0x08368d70 in aga::stpcpy (dest=0x64353f5d "", _src=0x836c92b "&ssi=") at
chomp.cpp:174

As you can see, fillInStackTrace goes into an infinite loop, presumably due to
SIGSEGV in itself, until it stack overflows.

I can provide the binary and the core if somebody is interested in fixing this.


-- 
           Summary: infinite loop (SIGSEGV) in
                    java::lang::Throwable::fillInStackTrace
           Product: gcc
           Version: 4.1.2
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: java
        AssignedTo: unassigned at gcc dot gnu dot org
        ReportedBy: artem at bizlink dot ru
 GCC build triplet: i386-redhat-linux
  GCC host triplet: i386-redhat-linux
GCC target triplet: i386-redhat-linux


http://gcc.gnu.org/bugzilla/show_bug.cgi?id=32836

[Bug java/32836] infinite loop (SIGSEGV) in java::lang::Throwable::fillInStackTrace

[artem at bizlink dot ru]

------- Comment #1 from artem at bizlink dot ru  2007-07-20 10:00 -------
In fact, I have two cores with this infinite loop, and they both are very
large:

$ l
total 304808
drwxr-xr-x 2 artemgr artemgr       4096 2007-07-20 11:58 ./
drwxr-xr-x 8 artemgr artemgr       4096 2007-07-20 11:57 ../
-rwxr-xr-x 1 artemgr artemgr   18949540 2007-07-20 11:25 ads*
-rw------- 1 artemgr artemgr 2317770752 2007-07-20 08:44 core.11043
-rw------- 1 artemgr artemgr 2296696832 2007-07-20 08:38 core.7490

Could be that it's some kind of an out of memory error?
Still, it is triggered only from this fillInStackTrace, otherwise the program
is working fine.


-- 


http://gcc.gnu.org/bugzilla/show_bug.cgi?id=32836

[Bug java/32836] infinite loop (SIGSEGV) in java::lang::Throwable::fillInStackTrace

[artem at bizlink dot ru]

------- Comment #2 from artem at bizlink dot ru  2007-07-20 10:38 -------
> In fact, I have two cores with this infinite loop,
> and they both are very large

12 mb when compressed with p7zip, so I can still deliver upon request.


-- 


http://gcc.gnu.org/bugzilla/show_bug.cgi?id=32836

[Bug java/32836] infinite loop (SIGSEGV) in java::lang::Throwable::fillInStackTrace

[artem at bizlink dot ru]

------- Comment #3 from artem at bizlink dot ru  2007-07-20 11:27 -------
To clarify:
this is a buffer overflow, catched by the GCJ SIGSEGV handler.
GCJ then tries to build a strack trace, but stack is obviously broken.
Still, it's not pretty that GCJ goes into an infinite loop via SIGSEGV handler,
and then into stack overflow, so I think it would be good if that infinite loop
condition can be detected somehow (for example, by traversing the intact part
of the stack trace we can easily see that we are already invoked from the
SIGSEGV handler twice or more!).


-- 


http://gcc.gnu.org/bugzilla/show_bug.cgi?id=32836

[Bug java/32836] infinite loop (SIGSEGV) in java::lang::Throwable::fillInStackTrace

[artem at bizlink dot ru]

------- Comment #4 from artem at bizlink dot ru  2007-07-20 11:34 -------
I think the best JVM-compatible action then would be to shutdown the failed
thread, but let the other threads continue...


-- 

artem at bizlink dot ru changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
           Severity|normal                      |enhancement


http://gcc.gnu.org/bugzilla/show_bug.cgi?id=32836

[Bug java/32836] infinite loop (SIGSEGV) in java::lang::Throwable::fillInStackTrace

[artem at bizlink dot ru]

------- Comment #5 from artem at bizlink dot ru  2007-07-20 11:39 -------
> I think the best JVM-compatible action then would be
> to shutdown the failed thread,
> but let the other threads continue...

Errrr... I wasn't really going to post this. Forgot to clear the textarea.
Sorry.
I don't think it's possible to detect reliably if this is a thread-local
problem or not, so the best action is still to abort, but at least it will
abort without consuming (2 GB?) of stack space and hard disk space (for the
core).


-- 


http://gcc.gnu.org/bugzilla/show_bug.cgi?id=32836

[Bug libgcj/32836] infinite loop (SIGSEGV) in java::lang::Throwable::fillInStackTrace

[pinskia at gcc dot gnu dot org]

-- 

pinskia at gcc dot gnu dot org changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |pinskia at gcc dot gnu dot
                   |                            |org
           Severity|enhancement                 |normal
          Component|java                        |libgcj


http://gcc.gnu.org/bugzilla/show_bug.cgi?id=32836

[Bug libgcj/32836] infinite loop (SIGSEGV) in java::lang::Throwable::fillInStackTrace

[tromey at gcc dot gnu dot org]

------- Comment #6 from tromey at gcc dot gnu dot org  2007-07-24 14:34 -------
Yeah, I've seen problems like this as well on occasion.
I'm not sure what to do about them however.


-- 

tromey at gcc dot gnu dot org changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |tromey at gcc dot gnu dot
                   |                            |org
             Status|UNCONFIRMED                 |NEW
     Ever Confirmed|0                           |1
   Last reconfirmed|0000-00-00 00:00:00         |2007-07-24 14:34:35
               date|                            |


http://gcc.gnu.org/bugzilla/show_bug.cgi?id=32836