Ubuntu
openjdk-7 package

Groovy broken with 7u65 security update: VerifyError

Bug #1360392 reported by Daryl Robbins
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
openjdk-7 (Ubuntu)
Fix Released
Undecided
billhuey
Precise
Fix Released
Undecided
billhuey
Trusty
Fix Released
Undecided
billhuey
Utopic
Fix Released
Undecided
billhuey

Bug Description

Description: Ubuntu 14.04.1 LTS
Release: 14.04

After applying security update 7u65-2.5.1-4ubuntu1~0.14.04.1 earlier this week, all of our compiled Groovy code ceased to function, throwing the following exception from numerous classes:

java.lang.VerifyError: Bad <init> method call from inside of a branch
Exception Details:
  Location:
    com/mgd/api/service/security/TokenValidationException.<init>(Ljava/lang/Throwable;)V @87: invokespecial
  Reason:
    Error exists in the bytecode
  Bytecode:
    0000000: b800 184d 04bd 0023 5903 2b53 5910 ff12
    0000010: 04b8 0029 2a5f ab00 0000 00af 0000 0005
    0000020: 8794 83a0 0000 0032 aad3 b1ff 0000 0047
    0000030: c783 a456 0000 005a f0c1 c756 0000 0087
    0000040: 0000 9b75 0000 00a6 5f5a 5903 3212 2bb8
    0000050: 002f c000 2b5f 57b7 0032 a700 755f 5a59
    0000060: 0332 b800 38c0 003a 5f57 b700 3ca7 0062
    0000070: 5f5a 5903 32b8 0038 c000 3a5f 5904 3212
    0000080: 2bb8 002f c000 2b5f 5905 32b8 0042 5f59
    0000090: 0632 b800 425f 57b7 0045 a700 355f 5a59
    00000a0: 0332 b800 38c0 003a 5f59 0432 122b b800
    00000b0: 2fc0 002b 5f57 b700 48a7 0016 5f5a 57b7
    00000c0: 0014 a700 0dbb 004a 5912 4cb7 004d bf57
    00000d0: 2ab6 001c 4e2d 2a5f b500 1e2d 57b1
  Stackmap Table:
    full_frame(@72,{UninitializedThis,Object[#43],Object[#81]},{Object[#83],UninitializedThis})
    full_frame(@93,{UninitializedThis,Object[#43],Object[#81]},{Object[#83],UninitializedThis})
    full_frame(@112,{UninitializedThis,Object[#43],Object[#81]},{Object[#83],UninitializedThis})
    full_frame(@157,{UninitializedThis,Object[#43],Object[#81]},{Object[#83],UninitializedThis})
    full_frame(@188,{UninitializedThis,Object[#43],Object[#81]},{Object[#83],UninitializedThis})
    full_frame(@197,{UninitializedThis,Object[#43],Object[#81]},{Object[#83],UninitializedThis})
    full_frame(@207,{Object[#2],Object[#43],Object[#81]},{Object[#83]})
] with root cause
java.lang.VerifyError: Bad <init> method call from inside of a branch

Downgrading back to 7u51-2.4.6-1ubuntu4 resolved the issue.

This is a known issue with this particular version:
https://bugs.openjdk.java.net/browse/JDK-8051012
http://jira.codehaus.org/browse/GROOVY-6951

Revision history for this message
billhuey (bill-huey) wrote :

This is apart of the security changes apparently according to my discussion with Andrew Hughs.

http://hg.openjdk.java.net/jdk7u/jdk7u/hotspot/rev/bad107a5d096

Is the backported patch apparently

Revision history for this message
Jamie Strandboge (jdstrand) wrote :

Sponsored Bill's update to Utopic which is building now.

Changed in openjdk-7 (Ubuntu Utopic):
assignee: nobody → billhuey (bill-huey)
Changed in openjdk-7 (Ubuntu Trusty):
assignee: nobody → billhuey (bill-huey)
Changed in openjdk-7 (Ubuntu Precise):
assignee: nobody → billhuey (bill-huey)
status: New → Fix Committed
Changed in openjdk-7 (Ubuntu Trusty):
status: New → Fix Committed
Changed in openjdk-7 (Ubuntu Utopic):
status: New → Fix Committed
Revision history for this message
Jamie Strandboge (jdstrand) wrote :

Sponsored Bill's update to Trusty and Precise to https://launchpad.net/~ubuntu-security-proposed/+archive/ubuntu/ppa. Can people try them out and report back on if it fixes the issue for them? I'll issue a regression USN for these on Monday.

Revision history for this message
Daryl Robbins (darylrobbins) wrote :

I'm trying to test the fix but can't seem to get it to apply. I added the ppa, did apt-get update, and then dist-upgrade, but it's still applying the latest version from the official repository. Do I need to do anything to get it to pickup? Thanks!

Revision history for this message
Jamie Strandboge (jdstrand) wrote :

Daryl, it isn't done building yet. You can check the status of the builds more easily here: https://launchpad.net/~ubuntu-security-proposed/+archive/ubuntu/ppa/+packages

Revision history for this message
Daryl Robbins (darylrobbins) wrote :

Fix works perfectly for me. It seems to be running the Groovy code without issue now.

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package openjdk-7 - 7u65-2.5.1-4ubuntu1~0.14.04.2

---------------
openjdk-7 (7u65-2.5.1-4ubuntu1~0.14.04.2) trusty-security; urgency=medium

  [ Matthias Klose ]
  * debian/patches/it-aarch64-zero-default.diff: fix quoting of configure args
    for the zero build.

  [ Bill Huey ]
  * Fix a stack verifier regression in the latest security updates
    - http://hg.openjdk.java.net/jdk7u/jdk7u/hotspot/rev/bad107a5d096
    - LP: #1360392
 -- Bill Huey <email address hidden> Sat, 23 Aug 2014 07:35:37 -0500

Changed in openjdk-7 (Ubuntu Trusty):
status: Fix Committed → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package openjdk-7 - 7u65-2.5.1-4ubuntu1~0.12.04.2

---------------
openjdk-7 (7u65-2.5.1-4ubuntu1~0.12.04.2) precise-security; urgency=medium

  * Fix a stack verifier regression in the latest security updates
    - http://hg.openjdk.java.net/jdk7u/jdk7u/hotspot/rev/bad107a5d096
    - LP: #1360392
 -- Bill Huey <email address hidden> Sat, 23 Aug 2014 07:35:37 -0500

Changed in openjdk-7 (Ubuntu Precise):
status: Fix Committed → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package openjdk-7 - 7u65-2.5.1-5ubuntu1

---------------
openjdk-7 (7u65-2.5.1-5ubuntu1) utopic; urgency=medium

  * Merge from Debian 7u65-2.5.1-5

openjdk-7 (7u65-2.5.1-5) unstable; urgency=medium

  * Fix quoting of configure args for the zero build.
  * Fix a stack verifier regression in the latest security updates.
    http://hg.openjdk.java.net/jdk7u/jdk7u/hotspot/rev/bad107a5d096
    (Bill Huey) LP: #1360392.
  * Don't ship the apt binary anymore for new releases (deprecated upstream).
  * Let openjdk-7-source replace openjdk-7-jdk, widening the version range.
  * Update the hotspot for AArch64, rev 778cb4032983.
 -- Jamie Strandboge <email address hidden> Mon, 25 Aug 2014 12:53:54 -0500

Changed in openjdk-7 (Ubuntu Utopic):
status: Fix Committed → Fix Released
Revision history for this message
Gnu-andrew (gnu-andrew) wrote :

A new release, 2.5.2 (http://bitly.com/it20502), is now available, which includes this fix.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.