Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8068885

SIGSEGV (0xb) in jni_SetIntArrayRegion (via FileSystemPreferences.lockFile0)

    XMLWordPrintable

    Details

    • Subcomponent:
    • CPU:
      x86_64
    • OS:
      linux

      Description

      FULL PRODUCT VERSION :
      java version "1.7.0_65"
      Java(TM) SE Runtime Environment (build 1.7.0_65-b17)
      Java HotSpot(TM) 64-Bit Server VM (build 24.65-b04, mixed mode)


      FULL OS VERSION :
      Linux pud21 2.6.32-358.6.1.el6.x86_64 #1 SMP Tue Apr 23 19:29:00 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux


      A DESCRIPTION OF THE PROBLEM :
      Looks like the native call Java_java_util_prefs_FileSystemPreferences_lockFile0 calls jni_NewIntArray() to allocate a 2-int array as its return value.

      However it doesn't check the return value of NewIntArray, so if allocation fails then SetIntArrayRegion segfaults. The full stack trace shows this happening via FileSystemPreferences.syncWorld(), on a thread spawned by the FileSystemPreferences class.

      Presumably there is immense memory pressure, so I don't expect a miracle. But ideally a system thread should not bring the entire JVM down, even in such dire circumstances.

      THE PROBLEM WAS REPRODUCIBLE WITH -Xint FLAG: Did not try

      THE PROBLEM WAS REPRODUCIBLE WITH -server FLAG: Did not try

      ERROR MESSAGES/STACK TRACES THAT OCCUR :
      #
      # A fatal error has been detected by the Java Runtime Environment:
      #
      # SIGSEGV (0xb) at pc=0x00007f6b7c6238f9, pid=7480, tid=140096070981376
      #
      # JRE version: Java(TM) SE Runtime Environment (7.0_65-b17) (build 1.7.0_65-b17)
      # Java VM: Java HotSpot(TM) 64-Bit Server VM (24.65-b04 mixed mode linux-amd64 compressed oops)
      # Problematic frame:
      # V [libjvm.so+0x6508f9] jni_SetIntArrayRegion+0xa9
      #
      # Failed to write core dump. Core dumps have been disabled. To enable core dumping, try "ulimit -c unlimited" before starting Java again
      #
      # If you would like to submit a bug report, please visit:
      # http://bugreport.sun.com/bugreport/crash.jsp
      #

      --------------- T H R E A D ---------------

      Current thread (0x00007f6ab4416000): JavaThread "Timer-0" daemon [_thread_in_vm, id=7532, stack(0x00007f6aa87b9000,0x00007f6aa88ba000)]

      siginfo:si_signo=SIGSEGV: si_errno=0, si_code=1 (SEGV_MAPERR), si_addr=0x0000000000000000

      Registers:
      RAX=0x00007f6b7c9a2958, RBX=0x00007f6ab4416000, RCX=0x0000000000000002, RDX=0x00007f6ad81aaff0
      RSP=0x00007f6aa88b81d0, RBP=0x00007f6aa88b8240, RSI=0x0000000000000000, RDI=0x00007f6ab4416000
      R8 =0x00007f6aa88b8270, R9 =0x0000000000000000, R10=0x0000000000000000, R11=0x00000000ffffff90
      R12=0x0000000000000000, R13=0x0000000000000002, R14=0x0000000000000000, R15=0x00007f6b7ce18d80
      RIP=0x00007f6b7c6238f9, EFLAGS=0x0000000000010246, CSGSFS=0x0000000000000033, ERR=0x0000000000000004
        TRAPNO=0x000000000000000e

      Top of Stack: (sp=0x00007f6aa88b81d0)
      0x00007f6aa88b81d0: 00007f6aa88b8240 00007f6aa88b8270
      0x00007f6aa88b81e0: 00007f6ab4416000 00007f6ad81aafe8
      0x00007f6aa88b81f0: 00007f6a000000aa 00007f6b7c9a2958
      0x00007f6aa88b8200: 00007f6ab4416000 0000000000000000
      0x00007f6aa88b8210: 00007f6aa88b8250 0000000000000000
      0x00007f6aa88b8220: 00000000000006e1 00007f6ab44161e8
      0x00007f6aa88b8230: 00007f6aa00079c0 00007f6aa88b8350
      0x00007f6aa88b8240: 00007f6aa88b82b0 00007f6b74ded35b
      0x00007f6aa88b8250: 00007f6a00000001 0000000000000000
      0x00007f6aa88b8260: 0000000000000000 00007f6b6d006350
      0x00007f6aa88b8270: 00000000000006e1 00000007eff14be8
      0x00007f6aa88b8280: 00007f6aa88b8280 00000007f112ee48
      0x00007f6aa88b8290: 0000000000000000 00000007f112ee48
      0x00007f6aa88b82a0: 00007f6aa88b8350 00007f6ab4416000
      0x00007f6aa88b82b0: 00007f6aa88b8320 00007f6b6d012e18
      0x00007f6aa88b82c0: 00007f6aa88b8340 00007f6b6d006233
      0x00007f6aa88b82d0: 0000000000000000 0000000000000000
      0x00007f6aa88b82e0: 00007f6aa88b82e0 00000007f112ee48
      0x00007f6aa88b82f0: 00007f6aa88b8350 00000007f1137418
      0x00007f6aa88b8300: 0000000000000000 00000007f112ee48
      0x00007f6aa88b8310: 0000000000000000 00007f6aa88b8340
      0x00007f6aa88b8320: 00007f6aa88b8398 00007f6b6d006233
      0x00007f6aa88b8330: 000000057fcfca88 00007f6b6d00ecdb
      0x00007f6aa88b8340: 0000000000000000 0000000000000180
      0x00007f6aa88b8350: 00000007efec2a08 00007f6aa88b8358
      0x00007f6aa88b8360: 00000007f112ebb7 00007f6aa88b83f0
      0x00007f6aa88b8370: 00000007f1137418 0000000000000000
      0x00007f6aa88b8380: 00000007f112ec48 00007f6aa88b8340
      0x00007f6aa88b8390: 00007f6aa88b83e8 00007f6aa88b8458
      0x00007f6aa88b83a0: 00007f6b6d006350 0000000000000180
      0x00007f6aa88b83b0: 0000000000000000 0000000000000032
      0x00007f6aa88b83c0: 0000000000000000 000000057fd143e8

      Instructions: (pc=0x00007f6b7c6238f9)
      0x00007f6b7c6238d9: c0 48 89 5d a0 48 c7 45 a8 00 00 00 00 48 83 7b
      0x00007f6b7c6238e9: 08 00 74 09 48 8d 7d a0 e8 1a c7 21 00 45 85 f6
      0x00007f6b7c6238f9: 49 8b 3c 24 78 27 45 85 ed 78 22 48 8b 05 3d 61
      0x00007f6b7c623909: 7b 00 43 8d 54 35 00 0f b6 08 80 f9 01 48 19 c0

      Register to memory mapping:

      RAX=0x00007f6b7c9a2958: <offset 0x9cf958> in /d/sw/java64/jdk1.7.0_65/jre/lib/amd64/server/libjvm.so at 0x00007f6b7bfd3000
      RBX=0x00007f6ab4416000 is a thread
      RCX=0x0000000000000002 is an unknown value
      RDX=0x00007f6ad81aaff0 is an unknown value
      RSP=0x00007f6aa88b81d0 is pointing into the stack for thread: 0x00007f6ab4416000
      RBP=0x00007f6aa88b8240 is pointing into the stack for thread: 0x00007f6ab4416000
      RSI=0x0000000000000000 is an unknown value
      RDI=0x00007f6ab4416000 is a thread
      R8 =0x00007f6aa88b8270 is pointing into the stack for thread: 0x00007f6ab4416000
      R9 =0x0000000000000000 is an unknown value
      R10=0x0000000000000000 is an unknown value
      R11=0x00000000ffffff90 is an unknown value
      R12=0x0000000000000000 is an unknown value
      R13=0x0000000000000002 is an unknown value
      R14=0x0000000000000000 is an unknown value
      R15=0x00007f6b7ce18d80: <offset 0xe45d80> in /d/sw/java64/jdk1.7.0_65/jre/lib/amd64/server/libjvm.so at 0x00007f6b7bfd3000


      Stack: [0x00007f6aa87b9000,0x00007f6aa88ba000], sp=0x00007f6aa88b81d0, free space=1020k
      Native frames: (J=compiled Java code, j=interpreted, Vv=VM code, C=native code)
      V [libjvm.so+0x6508f9] jni_SetIntArrayRegion+0xa9
      C [libjava.so+0x1b35b] Java_java_util_prefs_FileSystemPreferences_lockFile0+0xfb
      j java.util.prefs.FileSystemPreferences.lockFile0(Ljava/lang/String;IZ)[I+0
      j java.util.prefs.FileSystemPreferences.lockFile(Z)Z+63
      j java.util.prefs.FileSystemPreferences.sync()V+47
      j java.util.prefs.FileSystemPreferences.flush()V+9
      j java.util.prefs.FileSystemPreferences.syncWorld()V+29
      j java.util.prefs.FileSystemPreferences.access$1200()V+0
      j java.util.prefs.FileSystemPreferences$3.run()V+0
      J 4106% C2 java.util.TimerThread.mainLoop()V (232 bytes) @ 0x00007f6b6d9c8c7c [0x00007f6b6d9c8b20+0x15c]
      j java.util.TimerThread.run()V+1
      v ~StubRoutines::call_stub
      V [libjvm.so+0x5ffb65] JavaCalls::call_helper(JavaValue*, methodHandle*, JavaCallArguments*, Thread*)+0x365
      V [libjvm.so+0x5fe5c8] JavaCalls::call(JavaValue*, methodHandle, JavaCallArguments*, Thread*)+0x28
      V [libjvm.so+0x5fe897] JavaCalls::call_virtual(JavaValue*, KlassHandle, Symbol*, Symbol*, JavaCallArguments*, Thread*)+0x197
      V [libjvm.so+0x5fe9b7] JavaCalls::call_virtual(JavaValue*, Handle, KlassHandle, Symbol*, Symbol*, Thread*)+0x47
      V [libjvm.so+0x67b445] thread_entry(JavaThread*, Thread*)+0xe5
      V [libjvm.so+0x958d9f] JavaThread::thread_main_inner()+0xdf
      V [libjvm.so+0x958ea5] JavaThread::run()+0xf5
      V [libjvm.so+0x81f988] java_start(Thread*)+0x108


      REPRODUCIBILITY :
      This bug can be reproduced occasionally.

      CUSTOMER SUBMITTED WORKAROUND :
      Better managing application memory should do the job.

        Attachments

          Activity

            People

            Assignee:
            bpb Brian Burkhalter
            Reporter:
            webbuggrp Webbug Group
            Votes:
            0 Vote for this issue
            Watchers:
            6 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: