From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 18712 invoked by alias); 8 Nov 2004 19:56:01 -0000 Mailing-List: contact java-prs-help@gcc.gnu.org; run by ezmlm Precedence: bulk List-Subscribe: List-Archive: List-Post: List-Help: , Sender: java-prs-owner@gcc.gnu.org Received: (qmail 18690 invoked by uid 48); 8 Nov 2004 19:56:00 -0000 Date: Mon, 08 Nov 2004 19:56:00 -0000 Message-ID: <20041108195600.18687.qmail@sourceware.org> From: "Hans dot Boehm at hp dot com" To: java-prs@gcc.gnu.org In-Reply-To: <20041101172052.18266.ovidr@users.sourceforge.net> References: <20041101172052.18266.ovidr@users.sourceforge.net> Reply-To: gcc-bugzilla@gcc.gnu.org Subject: [Bug libgcj/18266] SIGSEGV in GC_register_finalizer_inner () X-Bugzilla-Reason: CC X-SW-Source: 2004-q4/txt/msg00344.txt.bz2 List-Id: ------- Additional Comments From Hans dot Boehm at hp dot com 2004-11-08 19:55 ------- I think this could be explained by the same problem. This time the collector is in the Java-specific finalization pass which marks objects reachable from objects that are about to be finalized, so that the finalizer doesn't see deallocated memory. It appears that the finalizable object it's marking from has somehow been clobbered already, and no longer has a proper vtable entry. Hence the collector dies trying to find the mark descriptor in the vtable. I can see how this might happen if we accidentally register a finalizer on something that was already collected, which can happen if the finalizer installed by hash synchronization is dropped. It might be useful to find a little more of the context. Try p descr p current_p p type_descr p GC_gc_no p *mark_stack_top up 1 -- goto GC_finalize frame p real_ptr p *curr_fo x/8wx real_ptr -4 Printing *curr_fo should indicate the finalization function and "client data" associated with this object. It would be useful to explore the "client data" a bit further, so that we can understand what the finalizer is really trying to do. (All Java finalizers use the same function, and use the client data field to specify what really needs to be done.) Assuming current_p and real_ptr are the same, and you can call functions from gdb, try p GC_find_header(real_ptr) If that looks like a sane pointer, also try p *GC_find_header(real_ptr) p GC_base(real_ptr) I need to look at the WeakHashMap code, but I won't get a chance to do that for a few days. We could also probably track this down more systematically by having the hash synchronization code check that the vtable pointer hasn't changed when we reregister the client finalizer around line 757 in natObject.cc. We would have to remember the vtable pointer in the hl structure. This might cause this to fail far more predictably, and might at least confirm that we're not barking up the wrong tree. -- http://gcc.gnu.org/bugzilla/show_bug.cgi?id=18266