-
Bug
-
Resolution: Fixed
-
P1
-
unknown
-
1.1.1
-
sparc
-
solaris_9
-
Verified
When viewing a page with a broken applet in HotJava, a broken gears icon appears in place of the applet. When clicking on this icon, HotJava pops up a dialog box displaying the error that caused the applet to fail. When the user hits the "Cancel" button to dismiss this icon, the JVM and HotJava crashes with a segmentation fault. The information in the hotjava log is included below. When I tried to analyze the core file, dbx gives the error:
dbx: unable to read core file ELF program header
dbx: warning: core file header read failed
This is seen using jvm11_10 (with or without the JIT compiler installed) and HotJava1.0_13.
To reproduce:
1) Using Hotjava 1.0_13, open the URL http://lugh.east/jvm_segfault/test.html
2) A broken gears icon should appear since the applet is "broken".
3) Click on the broken applet and a dialog box will pop-up with the error
4) Click on the cancel button. and you will get a seg. fault.
The files used to reproduce this bug are available in http://lugh.east/jvm_segfault or /net/lugh.east/export/jvm_segfault
Note: Customer Call information is incorrect. this was actually seen under jvm11_10 but this release value is not available.
The HotJava log info is shown below:
SIGSEGV 11* segmentation violation
si_signo [11]: SIGSEGV 11* segmentation violation
si_errno [0]: Error 0
si_code [1]: SEGV_ACCERR [addr: 0x4]
stackbase=EF092000, stackpointer=EF0917E8
Full thread dump:
"Image Fetcher 0" (TID:0xed5f5660, sys_thread_t:0xecd31de0, state:CW) prio=8
sun.awt.image.ImageFetcher.nextImage(ImageFetcher.java:106)
sun.awt.image.ImageFetcher.fetchloop(ImageFetcher.java:143)
sun.awt.image.ImageFetcher.run(ImageFetcher.java:124)
"thread applet-NewApplet.class" (TID:0xed5ae208, sys_thread_t:0xeccd1de0, state:CW) prio=3
java.lang.Object.wait(Object.java)
sun.applet.AppletPanel.getNextEvent(AppletPanel.java:204)
sun.applet.AppletPanel.run(AppletPanel.java:230)
sun.hotjava.tags.TagAppletPanel.run(TagAppletPanel.java:198)
java.lang.Thread.run(Thread.java)
"Image Fetcher 3" (TID:0xed5e86d0, sys_thread_t:0xecd91de0, state:CW) prio=8
sun.awt.image.ImageFetcher.nextImage(ImageFetcher.java:106)
sun.awt.image.ImageFetcher.fetchloop(ImageFetcher.java:143)
sun.awt.image.ImageFetcher.run(ImageFetcher.java:124)
"AWT-Finalizer" (TID:0xed5f8f20, sys_thread_t:0xecdf1de0, state:CW) prio=9
java.lang.Object.wait(Object.java)
sun.awt.AWTFinalizer.run(AWTFinalizer.java:48)
"HotJava Clock" (TID:0xed5dcde8, sys_thread_t:0xecd01de0, state:CW) prio=5
sun.hotjava.ui.ClockTicker.run(ClockTicker.java:55)
java.lang.Thread.run(Thread.java)
"Screen Updater" (TID:0xed5b4bb0, sys_thread_t:0xecdc1de0, state:CW) prio=4
sun.awt.ScreenUpdater.nextEntry(ScreenUpdater.java:87)
sun.awt.ScreenUpdater.run(ScreenUpdater.java:98)
"AWT-Motif" (TID:0xed5af3c0, sys_thread_t:0xecff1de0, state:CW) prio=5
java.lang.Thread.run(Thread.java)
"AWT-Input" (TID:0xed5af3a0, sys_thread_t:0xef041de0, state:R) prio=5
"AWT-EventQueue-0" (TID:0xed5af380, sys_thread_t:0xef091de0, state:R) prio=5 *current thread*
sun.awt.motif.MComponentPeer.dispose(MComponentPeer.java:200)
sun.awt.motif.MDialogPeer.dispose(MDialogPeer.java:78)
java.awt.Component.removeNotify(Component.java:2112)
java.awt.Container.removeNotify(Container.java:1017)
java.awt.Window.dispose(Window.java:164)
sun.hotjava.tags.ExceptionDialog.action(TagAppletPanel.java:850)
java.awt.Component.handleEvent(Component.java:1963)
java.awt.Window.postEvent(Window.java:411)
java.awt.Component.postEvent(Component.java:1570)
sun.hotjava.ui.UserTextButton.handleEvent(UserTextButton.java:71)
java.awt.Component.postEvent(Component.java:1560)
java.awt.Component.dispatchEventImpl(Component.java:1452)
java.awt.Component.dispatchEvent(Component.java:1380)
java.awt.EventDispatchThread.run(EventDispatchThread.java:63)
"Alloc State Notifier" (TID:0xed5adf58, sys_thread_t:0xef1f1de0, state:CW) prio=9
sun.misc.VMNotifierThread.run(VM.java)
"Red Alloc State Notifier" (TID:0xed5adf38, sys_thread_t:0xef341de0, state:CW) prio=10
sun.misc.VMNotifierThread.run(VM.java)
"Request Processor" (TID:0xed5addf0, sys_thread_t:0xef371de0, state:CW) prio=7
sun.misc.Queue.dequeue(Queue.java:90)
sun.misc.Queue.dequeue(Queue.java:74)
sun.misc.RequestProcessor.run(RequestProcessor.java:56)
java.lang.Thread.run(Thread.java)
"Finalizer thread" (TID:0xed5981d8, sys_thread_t:0xef471de0, state:CW) prio=1
"Idle thread" (TID:0xed598190, sys_thread_t:0xef541de0, state:R) prio=0
"Clock" (TID:0xed5980d0, sys_thread_t:0xef571de0, state:CW) prio=12
"main" (TID:0xed5980a8, sys_thread_t:0x42338, state:CW) prio=5
Monitor Cache Dump:
sun.misc.Queue@ED5ADE20/ED6D91E8: <unowned>
Waiting to be notified:
"Request Processor"
<unknown key> (0xecd01de0): <unowned>
Waiting to be notified:
"HotJava Clock"
sun.awt.ScreenUpdater@ED5B4BB0/ED6D5E30: <unowned>
Waiting to be notified:
"Screen Updater"
sun.awt.motif.MToolkit@ED5AF300/ED6BC840: owner "AWT-EventQueue-0" (0xef091de0, 1 entry)
Waiting to enter:
"AWT-Input"
Waiting to be notified:
"AWT-Motif"
sun.misc.VMNotifierThread@ED5ADF38/ED6D9688: <unowned>
Waiting to be notified:
"Red Alloc State Notifier"
sun.hotjava.tags.TagAppletPanel@ED5AEB88/ED98E3F0: <unowned>
Waiting to be notified:
"thread applet-NewApplet.class"
sun.awt.AWTFinalizer@ED5F8F20/ED718F08: <unowned>
Waiting to be notified:
"AWT-Finalizer"
java.util.Vector@ED5AFEE8/ED6BFFD8: <unowned>
Waiting to be notified:
"Image Fetcher 0"
"Image Fetcher 3"
sun.misc.VMNotifierThread@ED5ADF58/ED6D9740: <unowned>
Waiting to be notified:
"Alloc State Notifier"
Registered Monitor Dump:
Verifier lock: <unowned>
Thread queue lock: <unowned>
Waiting to be notified:
"main"
Name and type hash table lock: <unowned>
String intern lock: <unowned>
JNI pinning lock: <unowned>
JNI global reference lock: <unowned>
BinClass lock: <unowned>
Class loading lock: <unowned>
Java stack lock: <unowned>
Code rewrite lock: <unowned>
Heap lock: <unowned>
Has finalization queue lock: <unowned>
Finalize me queue lock: <unowned>
Waiting to be notified:
"Finalizer thread"
Monitor IO lock: <unowned>
Child death monitor: <unowned>
Event monitor: <unowned>
I/O monitor: <unowned>
Alarm monitor: <unowned>
Waiting to be notified:
"Clock"
Sbrk lock: <unowned>
Monitor cache expansion lock: <unowned>
Monitor registry: owner "AWT-EventQueue-0" (0xef091de0, 1 entry)
Thread Alarm Q:
sys_thread_t 0xecff1de0 [Timeout expired]
sys_thread_t 0xecd31de0 [Timeout in 1638 ms]
sys_thread_t 0xecd91de0 [Timeout in 1946 ms]
sys_thread_t 0xecd01de0 [Timeout in 9636 ms]
sys_thread_t 0xecdc1de0 [Timeout in 113011 ms]
Abort
I have a good core file of this without JIT:
(dbx) where
=>[1] __lwp_kill(0x0, 0x6, 0xc35, 0xef7a8a3c, 0xe, 0x0), at 0xef437de4
[2] sysAbort(0x0, 0xef052000, 0xef0511c8, 0xb, 0x0, 0x0), at 0xef785594
---- called from signal handler with signal 11 (SIGSEGV) ------
[3] _Ximp_Local_Filter(), at 0xecc72248
[4] XFilterEvent(0xef0516ec, 0xbc0040b, 0x1, 0x121218, 0x396b08, 0x121214), at 0xef612dfc
[5] _XtDefaultDispatcher(0xef0516ec, 0x1, 0x0, 0x121214, 0x0, 0x37a470), at 0xef0cdae8
[6] XtDispatchEvent(0xef0516ec, 0x1, 0xef0cd764, 0xef110040, 0x0, 0x2), at 0xef0cddac
[7] RemoveAllPMgr(0x396b08, 0xecf38eac, 0x1, 0x1, 0x37a1a0, 0xef0ff80f), at 0xecf39080
[8] XtCallCallbackList(0x396b08, 0x37ab60, 0x0, 0x0, 0x0, 0x1), at 0xef0bf924
[9] XtPhase2Destroy(0x396b08, 0xffffffff, 0x0, 0xef110040, 0xef0bfff8, 0x0), at 0xef0c8188
[10] _XtDoPhase2Destroy(0xe3c40, 0x0, 0x0, 0x0, 0x0, 0xe3c40), at 0xef0c83a0
[11] XtDestroyWidget(0x396b08, 0xef110040, 0xe3c40, 0xef0513e0, 0xef05186b, 0xef796067), at 0xef0c85b0
[12] sun_awt_motif_MDialogPeer_pDispose(0xed5c2db0, 0xef187800, 0x397080, 0x8, 0x1, 0x13), at 0xef1497a8
[13] Java_sun_awt_motif_MDialogPeer_pDispose_stub(0x11b6b4, 0xef051ca4, 0xef7b0798, 0xef7a8a14, 0x3b6dead0, 0x10), at 0xef166c7c
[14] invokeNativeMethod(0x11b68c, 0x34d6e4, 0x11b6b4, 0xef051ca4, 0xef751428, 0x8), at 0xef7518c0
[15] finish_invokevirtual(0x16bd88, 0xef051ca4, 0x11b6b4, 0x11b688, 0x168af0, 0x11b68c), at 0xef78fde0
[16] do_execute_java_method_vararg(0xef051ca4, 0xef7adca5, 0x0, 0x0, 0x0, 0x11b3a0), at 0xef761320
[17] execute_java_dynamic_method(0xef051ca4, 0xed5af2f8, 0xef7adca0, 0xef7adca4, 0xef7b0400, 0x0), at 0xef7609c4
[18] ThreadRT0(0xed5af2f8, 0xef7adca4, 0x0, 0x0, 0x0, 0x0), at 0xef779f98
[19] start_func(0xef797000, 0xed5af2f8, 0xef779f40, 0x0, 0x0, 0x0), at 0xef78e5e0
(dbx)
###@###.###da 1997-03-05
Does not core dump with jvm111_14 and hotjava1.0_17
dbx: unable to read core file ELF program header
dbx: warning: core file header read failed
This is seen using jvm11_10 (with or without the JIT compiler installed) and HotJava1.0_13.
To reproduce:
1) Using Hotjava 1.0_13, open the URL http://lugh.east/jvm_segfault/test.html
2) A broken gears icon should appear since the applet is "broken".
3) Click on the broken applet and a dialog box will pop-up with the error
4) Click on the cancel button. and you will get a seg. fault.
The files used to reproduce this bug are available in http://lugh.east/jvm_segfault or /net/lugh.east/export/jvm_segfault
Note: Customer Call information is incorrect. this was actually seen under jvm11_10 but this release value is not available.
The HotJava log info is shown below:
SIGSEGV 11* segmentation violation
si_signo [11]: SIGSEGV 11* segmentation violation
si_errno [0]: Error 0
si_code [1]: SEGV_ACCERR [addr: 0x4]
stackbase=EF092000, stackpointer=EF0917E8
Full thread dump:
"Image Fetcher 0" (TID:0xed5f5660, sys_thread_t:0xecd31de0, state:CW) prio=8
sun.awt.image.ImageFetcher.nextImage(ImageFetcher.java:106)
sun.awt.image.ImageFetcher.fetchloop(ImageFetcher.java:143)
sun.awt.image.ImageFetcher.run(ImageFetcher.java:124)
"thread applet-NewApplet.class" (TID:0xed5ae208, sys_thread_t:0xeccd1de0, state:CW) prio=3
java.lang.Object.wait(Object.java)
sun.applet.AppletPanel.getNextEvent(AppletPanel.java:204)
sun.applet.AppletPanel.run(AppletPanel.java:230)
sun.hotjava.tags.TagAppletPanel.run(TagAppletPanel.java:198)
java.lang.Thread.run(Thread.java)
"Image Fetcher 3" (TID:0xed5e86d0, sys_thread_t:0xecd91de0, state:CW) prio=8
sun.awt.image.ImageFetcher.nextImage(ImageFetcher.java:106)
sun.awt.image.ImageFetcher.fetchloop(ImageFetcher.java:143)
sun.awt.image.ImageFetcher.run(ImageFetcher.java:124)
"AWT-Finalizer" (TID:0xed5f8f20, sys_thread_t:0xecdf1de0, state:CW) prio=9
java.lang.Object.wait(Object.java)
sun.awt.AWTFinalizer.run(AWTFinalizer.java:48)
"HotJava Clock" (TID:0xed5dcde8, sys_thread_t:0xecd01de0, state:CW) prio=5
sun.hotjava.ui.ClockTicker.run(ClockTicker.java:55)
java.lang.Thread.run(Thread.java)
"Screen Updater" (TID:0xed5b4bb0, sys_thread_t:0xecdc1de0, state:CW) prio=4
sun.awt.ScreenUpdater.nextEntry(ScreenUpdater.java:87)
sun.awt.ScreenUpdater.run(ScreenUpdater.java:98)
"AWT-Motif" (TID:0xed5af3c0, sys_thread_t:0xecff1de0, state:CW) prio=5
java.lang.Thread.run(Thread.java)
"AWT-Input" (TID:0xed5af3a0, sys_thread_t:0xef041de0, state:R) prio=5
"AWT-EventQueue-0" (TID:0xed5af380, sys_thread_t:0xef091de0, state:R) prio=5 *current thread*
sun.awt.motif.MComponentPeer.dispose(MComponentPeer.java:200)
sun.awt.motif.MDialogPeer.dispose(MDialogPeer.java:78)
java.awt.Component.removeNotify(Component.java:2112)
java.awt.Container.removeNotify(Container.java:1017)
java.awt.Window.dispose(Window.java:164)
sun.hotjava.tags.ExceptionDialog.action(TagAppletPanel.java:850)
java.awt.Component.handleEvent(Component.java:1963)
java.awt.Window.postEvent(Window.java:411)
java.awt.Component.postEvent(Component.java:1570)
sun.hotjava.ui.UserTextButton.handleEvent(UserTextButton.java:71)
java.awt.Component.postEvent(Component.java:1560)
java.awt.Component.dispatchEventImpl(Component.java:1452)
java.awt.Component.dispatchEvent(Component.java:1380)
java.awt.EventDispatchThread.run(EventDispatchThread.java:63)
"Alloc State Notifier" (TID:0xed5adf58, sys_thread_t:0xef1f1de0, state:CW) prio=9
sun.misc.VMNotifierThread.run(VM.java)
"Red Alloc State Notifier" (TID:0xed5adf38, sys_thread_t:0xef341de0, state:CW) prio=10
sun.misc.VMNotifierThread.run(VM.java)
"Request Processor" (TID:0xed5addf0, sys_thread_t:0xef371de0, state:CW) prio=7
sun.misc.Queue.dequeue(Queue.java:90)
sun.misc.Queue.dequeue(Queue.java:74)
sun.misc.RequestProcessor.run(RequestProcessor.java:56)
java.lang.Thread.run(Thread.java)
"Finalizer thread" (TID:0xed5981d8, sys_thread_t:0xef471de0, state:CW) prio=1
"Idle thread" (TID:0xed598190, sys_thread_t:0xef541de0, state:R) prio=0
"Clock" (TID:0xed5980d0, sys_thread_t:0xef571de0, state:CW) prio=12
"main" (TID:0xed5980a8, sys_thread_t:0x42338, state:CW) prio=5
Monitor Cache Dump:
sun.misc.Queue@ED5ADE20/ED6D91E8: <unowned>
Waiting to be notified:
"Request Processor"
<unknown key> (0xecd01de0): <unowned>
Waiting to be notified:
"HotJava Clock"
sun.awt.ScreenUpdater@ED5B4BB0/ED6D5E30: <unowned>
Waiting to be notified:
"Screen Updater"
sun.awt.motif.MToolkit@ED5AF300/ED6BC840: owner "AWT-EventQueue-0" (0xef091de0, 1 entry)
Waiting to enter:
"AWT-Input"
Waiting to be notified:
"AWT-Motif"
sun.misc.VMNotifierThread@ED5ADF38/ED6D9688: <unowned>
Waiting to be notified:
"Red Alloc State Notifier"
sun.hotjava.tags.TagAppletPanel@ED5AEB88/ED98E3F0: <unowned>
Waiting to be notified:
"thread applet-NewApplet.class"
sun.awt.AWTFinalizer@ED5F8F20/ED718F08: <unowned>
Waiting to be notified:
"AWT-Finalizer"
java.util.Vector@ED5AFEE8/ED6BFFD8: <unowned>
Waiting to be notified:
"Image Fetcher 0"
"Image Fetcher 3"
sun.misc.VMNotifierThread@ED5ADF58/ED6D9740: <unowned>
Waiting to be notified:
"Alloc State Notifier"
Registered Monitor Dump:
Verifier lock: <unowned>
Thread queue lock: <unowned>
Waiting to be notified:
"main"
Name and type hash table lock: <unowned>
String intern lock: <unowned>
JNI pinning lock: <unowned>
JNI global reference lock: <unowned>
BinClass lock: <unowned>
Class loading lock: <unowned>
Java stack lock: <unowned>
Code rewrite lock: <unowned>
Heap lock: <unowned>
Has finalization queue lock: <unowned>
Finalize me queue lock: <unowned>
Waiting to be notified:
"Finalizer thread"
Monitor IO lock: <unowned>
Child death monitor: <unowned>
Event monitor: <unowned>
I/O monitor: <unowned>
Alarm monitor: <unowned>
Waiting to be notified:
"Clock"
Sbrk lock: <unowned>
Monitor cache expansion lock: <unowned>
Monitor registry: owner "AWT-EventQueue-0" (0xef091de0, 1 entry)
Thread Alarm Q:
sys_thread_t 0xecff1de0 [Timeout expired]
sys_thread_t 0xecd31de0 [Timeout in 1638 ms]
sys_thread_t 0xecd91de0 [Timeout in 1946 ms]
sys_thread_t 0xecd01de0 [Timeout in 9636 ms]
sys_thread_t 0xecdc1de0 [Timeout in 113011 ms]
Abort
I have a good core file of this without JIT:
(dbx) where
=>[1] __lwp_kill(0x0, 0x6, 0xc35, 0xef7a8a3c, 0xe, 0x0), at 0xef437de4
[2] sysAbort(0x0, 0xef052000, 0xef0511c8, 0xb, 0x0, 0x0), at 0xef785594
---- called from signal handler with signal 11 (SIGSEGV) ------
[3] _Ximp_Local_Filter(), at 0xecc72248
[4] XFilterEvent(0xef0516ec, 0xbc0040b, 0x1, 0x121218, 0x396b08, 0x121214), at 0xef612dfc
[5] _XtDefaultDispatcher(0xef0516ec, 0x1, 0x0, 0x121214, 0x0, 0x37a470), at 0xef0cdae8
[6] XtDispatchEvent(0xef0516ec, 0x1, 0xef0cd764, 0xef110040, 0x0, 0x2), at 0xef0cddac
[7] RemoveAllPMgr(0x396b08, 0xecf38eac, 0x1, 0x1, 0x37a1a0, 0xef0ff80f), at 0xecf39080
[8] XtCallCallbackList(0x396b08, 0x37ab60, 0x0, 0x0, 0x0, 0x1), at 0xef0bf924
[9] XtPhase2Destroy(0x396b08, 0xffffffff, 0x0, 0xef110040, 0xef0bfff8, 0x0), at 0xef0c8188
[10] _XtDoPhase2Destroy(0xe3c40, 0x0, 0x0, 0x0, 0x0, 0xe3c40), at 0xef0c83a0
[11] XtDestroyWidget(0x396b08, 0xef110040, 0xe3c40, 0xef0513e0, 0xef05186b, 0xef796067), at 0xef0c85b0
[12] sun_awt_motif_MDialogPeer_pDispose(0xed5c2db0, 0xef187800, 0x397080, 0x8, 0x1, 0x13), at 0xef1497a8
[13] Java_sun_awt_motif_MDialogPeer_pDispose_stub(0x11b6b4, 0xef051ca4, 0xef7b0798, 0xef7a8a14, 0x3b6dead0, 0x10), at 0xef166c7c
[14] invokeNativeMethod(0x11b68c, 0x34d6e4, 0x11b6b4, 0xef051ca4, 0xef751428, 0x8), at 0xef7518c0
[15] finish_invokevirtual(0x16bd88, 0xef051ca4, 0x11b6b4, 0x11b688, 0x168af0, 0x11b68c), at 0xef78fde0
[16] do_execute_java_method_vararg(0xef051ca4, 0xef7adca5, 0x0, 0x0, 0x0, 0x11b3a0), at 0xef761320
[17] execute_java_dynamic_method(0xef051ca4, 0xed5af2f8, 0xef7adca0, 0xef7adca4, 0xef7b0400, 0x0), at 0xef7609c4
[18] ThreadRT0(0xed5af2f8, 0xef7adca4, 0x0, 0x0, 0x0, 0x0), at 0xef779f98
[19] start_func(0xef797000, 0xed5af2f8, 0xef779f40, 0x0, 0x0, 0x0), at 0xef78e5e0
(dbx)
###@###.###da 1997-03-05
Does not core dump with jvm111_14 and hotjava1.0_17