Crash in eclipse (JIT bug)
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| openjdk-6 (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Bug Description
The symptom is that eclipse crashes silently (no log, no message, no hs_.....log file in home directory). Only a core file in home directory. It happens when the m2eclipse plugin from sonatype is installed, and it fetches indexes from maven servers. A workaround is to disable the Internet connection while eclipse starts.
This is a Ubuntu 10.04 x64 system completely up to date.
Looking at the core file, this looks like a code generation bug. Perhaps the latest update to openjdk broke something.
gdb -c ~/core
(gdb) print $rsp
$9 = (void *) 0x1
Obviously the stack pointer is corrupted. Probably this is the reason why no hs_.....log is produced. Calling the crash handler is imposible.
If we disassemble a few instructions above:
(gdb) x /20i $rip - 52
0x7f12a956bd3b: je 0x7f12a956bd46
0x7f12a956bd41: jmpq 0x7f12a955d330
0x7f12a956bd46: mov -0x38(%rbp),%r13
0x7f12a956bd4a: mov -0x30(%rbp),%r14
0x7f12a956bd4e: retq
0x7f12a956bd4f: mov -0x40(%rbp),%rsp
0x7f12a956bd53: movq $0x0,-0x10(%rbp)
0x7f12a956bd5b: movabs $0x7f12ae146988
0x7f12a956bd65: movabs $0x0,%rdx
=> 0x7f12a956bd6f: callq 0x7f12a956bd79
0x7f12a956bd74: jmpq 0x7f12a956bdfa
We see that the instruction mov -0x40(%rbp),%rsp overwrites the stack pointer. We confirm this by looking at the assigned value:
(gdb) print {long} ($rbp - 0x40)
$13 = 1
| Ramon Garcia (ramon-garcia-f+ubuntu) wrote | #1 |
| Robin Stocker (nibor) wrote | #2 |
| Changed in openjdk-6 (Ubuntu): | |
| status: | New → Confirmed |
| Vreixo Formoso (metalpain2002) wrote | #3 |
| Matthias Klose (doko) wrote | #4 |
| wdesmet (kromagg) wrote | #5 |
| Ramon Garcia (ramon-garcia-f+ubuntu) wrote | #6 |
| Changed in openjdk-6 (Ubuntu): | |
| status: | Confirmed → Fix Released |
I am keeping the core file, in case futher details are required.