P2
See comment section for core and hs_err file location.
OS: Red Hat Enterprise Linux ES release 4 (Nahant Update 4)
Java: 1.5.0_06
java process crashed due to SIGSEGV in frame::oops_interpreted_do.
(gdb) thread 1
[Switching to thread 1 (process 16524)]#0 0x005917a2 in _dl_sysinfo_int80 () from /lib/ld-linux.so.2
(gdb) where
#0 0x005917a2 in _dl_sysinfo_int80 () from /lib/ld-linux.so.2
#1 0x005d17a5 in raise () from /lib/tls/libc.so.6
#2 0x005d3209 in abort () from /lib/tls/libc.so.6
#3 0xb7a43965 in os::abort () from /usr/local/jdk1.5.0_06/jre/lib/i386/server/libjvm.so
#4 0xb7b1fbd4 in VMError::report_and_die () from /usr/local/jdk1.5.0_06/jre/lib/i386/server/libjvm.so
#5 0xb7a4830a in JVM_handle_linux_signal () from /usr/local/jdk1.5.0_06/jre/lib/i386/server/libjvm.so
#6 0xb7a45884 in signalHandler () from /usr/local/jdk1.5.0_06/jre/lib/i386/server/libjvm.so
#7 <signal handler called>
#8 0xb782713e in frame::oops_interpreted_do () from /usr/local/jdk1.5.0_06/jre/lib/i386/server/libjvm.so
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
#9 0xb7ae7e46 in JavaThread::oops_do () from /usr/local/jdk1.5.0_06/jre/lib/i386/server/libjvm.so
#10 0xb7aea34d in Threads::oops_do () from /usr/local/jdk1.5.0_06/jre/lib/i386/server/libjvm.so
#11 0xb7830e6a in GenCollectedHeap::process_strong_roots () from /usr/local/jdk1.5.0_06/jre/lib/i386/server/libjvm.so
#12 0xb77ec06d in DefNewGeneration::collect () from /usr/local/jdk1.5.0_06/jre/lib/i386/server/libjvm.so
#13 0xb78308a7 in GenCollectedHeap::do_collection () from /usr/local/jdk1.5.0_06/jre/lib/i386/server/libjvm.so
#14 0xb77b57ce in TwoGenerationCollectorPolicy::satisfy_failed_allocation ()
from /usr/local/jdk1.5.0_06/jre/lib/i386/server/libjvm.so
#15 0xb7830b32 in GenCollectedHeap::satisfy_failed_allocation ()
from /usr/local/jdk1.5.0_06/jre/lib/i386/server/libjvm.so
#16 0xb7b2872e in VM_GenCollectForAllocation::doit () from /usr/local/jdk1.5.0_06/jre/lib/i386/server/libjvm.so
#17 0xb7b28466 in VM_Operation::evaluate () from /usr/local/jdk1.5.0_06/jre/lib/i386/server/libjvm.so
#18 0xb7b27a77 in VMThread::evaluate_operation () from /usr/local/jdk1.5.0_06/jre/lib/i386/server/libjvm.so
#19 0xb7b27ce5 in VMThread::loop () from /usr/local/jdk1.5.0_06/jre/lib/i386/server/libjvm.so
#20 0xb7b27850 in VMThread::run () from /usr/local/jdk1.5.0_06/jre/lib/i386/server/libjvm.so
#21 0xb7a47338 in _start () from /usr/local/jdk1.5.0_06/jre/lib/i386/server/libjvm.so
#22 0x007f8371 in start_thread () from /lib/tls/libpthread.so.0
#23 0x00671ffe in clone () from /lib/tls/libc.so.6
!! Instructions where SEGV happened
(gdb) disas 0xb782713e
Dump of assembler code for function _ZN5frame19oops_interpreted_doEP10OopClosurePK11RegisterMapi:
0xb7827120 <_ZN5frame19oops_interpreted_doEP10OopClosurePK11RegisterMapi+0>: push %ebp
0xb7827121 <_ZN5frame19oops_interpreted_doEP10OopClosurePK11RegisterMapi+1>: mov %esp,%ebp
0xb7827123 <_ZN5frame19oops_interpreted_doEP10OopClosurePK11RegisterMapi+3>: push %edi
0xb7827124 <_ZN5frame19oops_interpreted_doEP10OopClosurePK11RegisterMapi+4>: push %esi
0xb7827125 <_ZN5frame19oops_interpreted_doEP10OopClosurePK11RegisterMapi+5>: push %ebx
0xb7827126 <_ZN5frame19oops_interpreted_doEP10OopClosurePK11RegisterMapi+6>: sub $0xf8,%esp
0xb782712c <_ZN5frame19oops_interpreted_doEP10OopClosurePK11RegisterMapi+12>: mov 0x8(%ebp),%ecx
0xb782712f <_ZN5frame19oops_interpreted_doEP10OopClosurePK11RegisterMapi+15>: call 0xb7827134 <_ZN5frame19oops_interpreted_doEP10OopClosurePK11RegisterMapi+20>
0xb7827134 <_ZN5frame19oops_interpreted_doEP10OopClosurePK11RegisterMapi+20>: pop %ebx
0xb7827135 <_ZN5frame19oops_interpreted_doEP10OopClosurePK11RegisterMapi+21>: add $0x3a76bc,%ebx
0xb782713b <_ZN5frame19oops_interpreted_doEP10OopClosurePK11RegisterMapi+27>: mov 0x8(%ecx),%eax
0xb782713e <_ZN5frame19oops_interpreted_doEP10OopClosurePK11RegisterMapi+30>: mov 0xfffffff8(%eax),%edi
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
0xb7827141 <_ZN5frame19oops_interpreted_doEP10OopClosurePK11RegisterMapi+33>: push %ecx
0xb7827142 <_ZN5frame19oops_interpreted_doEP10OopClosurePK11RegisterMapi+34>: call 0xb7826860 <_ZNK5frame21interpreter_frame_bciEv>
0xb7827147 <_ZN5frame19oops_interpreted_doEP10OopClosurePK11RegisterMapi+39>: mov %eax,0xffffff28(%ebp)
0xb782714d <_ZN5frame19oops_interpreted_doEP10OopClosurePK11RegisterMapi+45>: pop %eax
!! Check registers
(gdb) frame 8
#8 0xb782713e in frame::oops_interpreted_do () from /usr/local/jdk1.5.0_06/jre/lib/i386/server/libjvm.so
(gdb) info reg
eax 0x5d8b014e 1569390926
^^^^^^^^^^^
ecx 0xb26a0aeb -1301673237
edx 0xb26c94c0 -1301506880
ebx 0xb7bcf6c3 -1212352829
esp 0x8e3e8ab0 0x8e3e8ab0
ebp 0x8e3e8ad8 0x8e3e8ad8
esi 0x8e3e8b10 -1908503792
edi 0x8e3e8b1c -1908503780
eip 0xb782713e 0xb782713e
eflags 0x206 518
cs 0x73 115
ss 0x7b 123
ds 0xc02d007b -1070792581
es 0x7b 123
fs 0x0 0
gs 0x33 51
!! Check address which caused SIGSEGV
(gdb) x/wx 0xb26a0aeb+8 !! <= ecx+8
0xb26a0af3: 0x5d8b014e
(gdb) x/wx 0x5d8b014e+0xfffffff8 !! <= eax+0xfffffff8
0x5d8b0146: Cannot access memory at address 0x5d8b0146
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
It seems the address in ecx is illegal. But I couldn't see how this could happen.
Please analyze the core and evaluate this crash.
OS: Red Hat Enterprise Linux ES release 4 (Nahant Update 4)
Java: 1.5.0_06
java process crashed due to SIGSEGV in frame::oops_interpreted_do.
(gdb) thread 1
[Switching to thread 1 (process 16524)]#0 0x005917a2 in _dl_sysinfo_int80 () from /lib/ld-linux.so.2
(gdb) where
#0 0x005917a2 in _dl_sysinfo_int80 () from /lib/ld-linux.so.2
#1 0x005d17a5 in raise () from /lib/tls/libc.so.6
#2 0x005d3209 in abort () from /lib/tls/libc.so.6
#3 0xb7a43965 in os::abort () from /usr/local/jdk1.5.0_06/jre/lib/i386/server/libjvm.so
#4 0xb7b1fbd4 in VMError::report_and_die () from /usr/local/jdk1.5.0_06/jre/lib/i386/server/libjvm.so
#5 0xb7a4830a in JVM_handle_linux_signal () from /usr/local/jdk1.5.0_06/jre/lib/i386/server/libjvm.so
#6 0xb7a45884 in signalHandler () from /usr/local/jdk1.5.0_06/jre/lib/i386/server/libjvm.so
#7 <signal handler called>
#8 0xb782713e in frame::oops_interpreted_do () from /usr/local/jdk1.5.0_06/jre/lib/i386/server/libjvm.so
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
#9 0xb7ae7e46 in JavaThread::oops_do () from /usr/local/jdk1.5.0_06/jre/lib/i386/server/libjvm.so
#10 0xb7aea34d in Threads::oops_do () from /usr/local/jdk1.5.0_06/jre/lib/i386/server/libjvm.so
#11 0xb7830e6a in GenCollectedHeap::process_strong_roots () from /usr/local/jdk1.5.0_06/jre/lib/i386/server/libjvm.so
#12 0xb77ec06d in DefNewGeneration::collect () from /usr/local/jdk1.5.0_06/jre/lib/i386/server/libjvm.so
#13 0xb78308a7 in GenCollectedHeap::do_collection () from /usr/local/jdk1.5.0_06/jre/lib/i386/server/libjvm.so
#14 0xb77b57ce in TwoGenerationCollectorPolicy::satisfy_failed_allocation ()
from /usr/local/jdk1.5.0_06/jre/lib/i386/server/libjvm.so
#15 0xb7830b32 in GenCollectedHeap::satisfy_failed_allocation ()
from /usr/local/jdk1.5.0_06/jre/lib/i386/server/libjvm.so
#16 0xb7b2872e in VM_GenCollectForAllocation::doit () from /usr/local/jdk1.5.0_06/jre/lib/i386/server/libjvm.so
#17 0xb7b28466 in VM_Operation::evaluate () from /usr/local/jdk1.5.0_06/jre/lib/i386/server/libjvm.so
#18 0xb7b27a77 in VMThread::evaluate_operation () from /usr/local/jdk1.5.0_06/jre/lib/i386/server/libjvm.so
#19 0xb7b27ce5 in VMThread::loop () from /usr/local/jdk1.5.0_06/jre/lib/i386/server/libjvm.so
#20 0xb7b27850 in VMThread::run () from /usr/local/jdk1.5.0_06/jre/lib/i386/server/libjvm.so
#21 0xb7a47338 in _start () from /usr/local/jdk1.5.0_06/jre/lib/i386/server/libjvm.so
#22 0x007f8371 in start_thread () from /lib/tls/libpthread.so.0
#23 0x00671ffe in clone () from /lib/tls/libc.so.6
!! Instructions where SEGV happened
(gdb) disas 0xb782713e
Dump of assembler code for function _ZN5frame19oops_interpreted_doEP10OopClosurePK11RegisterMapi:
0xb7827120 <_ZN5frame19oops_interpreted_doEP10OopClosurePK11RegisterMapi+0>: push %ebp
0xb7827121 <_ZN5frame19oops_interpreted_doEP10OopClosurePK11RegisterMapi+1>: mov %esp,%ebp
0xb7827123 <_ZN5frame19oops_interpreted_doEP10OopClosurePK11RegisterMapi+3>: push %edi
0xb7827124 <_ZN5frame19oops_interpreted_doEP10OopClosurePK11RegisterMapi+4>: push %esi
0xb7827125 <_ZN5frame19oops_interpreted_doEP10OopClosurePK11RegisterMapi+5>: push %ebx
0xb7827126 <_ZN5frame19oops_interpreted_doEP10OopClosurePK11RegisterMapi+6>: sub $0xf8,%esp
0xb782712c <_ZN5frame19oops_interpreted_doEP10OopClosurePK11RegisterMapi+12>: mov 0x8(%ebp),%ecx
0xb782712f <_ZN5frame19oops_interpreted_doEP10OopClosurePK11RegisterMapi+15>: call 0xb7827134 <_ZN5frame19oops_interpreted_doEP10OopClosurePK11RegisterMapi+20>
0xb7827134 <_ZN5frame19oops_interpreted_doEP10OopClosurePK11RegisterMapi+20>: pop %ebx
0xb7827135 <_ZN5frame19oops_interpreted_doEP10OopClosurePK11RegisterMapi+21>: add $0x3a76bc,%ebx
0xb782713b <_ZN5frame19oops_interpreted_doEP10OopClosurePK11RegisterMapi+27>: mov 0x8(%ecx),%eax
0xb782713e <_ZN5frame19oops_interpreted_doEP10OopClosurePK11RegisterMapi+30>: mov 0xfffffff8(%eax),%edi
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
0xb7827141 <_ZN5frame19oops_interpreted_doEP10OopClosurePK11RegisterMapi+33>: push %ecx
0xb7827142 <_ZN5frame19oops_interpreted_doEP10OopClosurePK11RegisterMapi+34>: call 0xb7826860 <_ZNK5frame21interpreter_frame_bciEv>
0xb7827147 <_ZN5frame19oops_interpreted_doEP10OopClosurePK11RegisterMapi+39>: mov %eax,0xffffff28(%ebp)
0xb782714d <_ZN5frame19oops_interpreted_doEP10OopClosurePK11RegisterMapi+45>: pop %eax
!! Check registers
(gdb) frame 8
#8 0xb782713e in frame::oops_interpreted_do () from /usr/local/jdk1.5.0_06/jre/lib/i386/server/libjvm.so
(gdb) info reg
eax 0x5d8b014e 1569390926
^^^^^^^^^^^
ecx 0xb26a0aeb -1301673237
edx 0xb26c94c0 -1301506880
ebx 0xb7bcf6c3 -1212352829
esp 0x8e3e8ab0 0x8e3e8ab0
ebp 0x8e3e8ad8 0x8e3e8ad8
esi 0x8e3e8b10 -1908503792
edi 0x8e3e8b1c -1908503780
eip 0xb782713e 0xb782713e
eflags 0x206 518
cs 0x73 115
ss 0x7b 123
ds 0xc02d007b -1070792581
es 0x7b 123
fs 0x0 0
gs 0x33 51
!! Check address which caused SIGSEGV
(gdb) x/wx 0xb26a0aeb+8 !! <= ecx+8
0xb26a0af3: 0x5d8b014e
(gdb) x/wx 0x5d8b014e+0xfffffff8 !! <= eax+0xfffffff8
0x5d8b0146: Cannot access memory at address 0x5d8b0146
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
It seems the address in ecx is illegal. But I couldn't see how this could happen.
Please analyze the core and evaluate this crash.