[jira] Commented: (HARMONY-3062) [drlvm][interpreter][eclipse] EHWA 3.1.1 crashes

["Gregory Shimansky (JIRA)" <ji...@apache.org>]

    [ https://issues.apache.org/jira/browse/HARMONY-3062?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12499032 ] 

Gregory Shimansky commented on HARMONY-3062:
--------------------------------------------

I am reproducing the bug on today build of VM right in the way it was described. When I built fontconfig library with debug info I found out that the crash happens in the function FcPatternBuild prolog on line 1134:

1132    FcPattern *
1133    FcPatternBuild (FcPattern *orig, ...)
1134    {
1135        va_list     va;
1136
1137        va_start (va, orig);
1138        FcPatternVapBuild (orig, orig, va);

The instruction which causes the crash is at address 0x2aabb2af54:

0x0000002aabb2aecf <FcPatternBuild+0>:  push   %rbp
0x0000002aabb2aed0 <FcPatternBuild+1>:  mov    %rsp,%rbp
0x0000002aabb2aed3 <FcPatternBuild+4>:  sub    $0x160,%rsp
0x0000002aabb2aeda <FcPatternBuild+11>: mov    %rsi,0xffffffffffffff58(%rbp)
0x0000002aabb2aee1 <FcPatternBuild+18>: mov    %rdx,0xffffffffffffff60(%rbp)
0x0000002aabb2aee8 <FcPatternBuild+25>: mov    %rcx,0xffffffffffffff68(%rbp)
0x0000002aabb2aeef <FcPatternBuild+32>: mov    %r8,0xffffffffffffff70(%rbp)
0x0000002aabb2aef6 <FcPatternBuild+39>: mov    %r9,0xffffffffffffff78(%rbp)
0x0000002aabb2aefd <FcPatternBuild+46>: movzbl %al,%eax
0x0000002aabb2af00 <FcPatternBuild+49>: mov    %rax,0xfffffffffffffef8(%rbp)
0x0000002aabb2af07 <FcPatternBuild+56>: mov    0xfffffffffffffef8(%rbp),%rdx
0x0000002aabb2af0e <FcPatternBuild+63>: lea    0x0(,%rdx,4),%rax
0x0000002aabb2af16 <FcPatternBuild+71>: lea    59(%rip),%rdx        # 0x2aabb2af58 <FcPatternBuild+137>
0x0000002aabb2af1d <FcPatternBuild+78>: mov    %rdx,0xfffffffffffffef8(%rbp)
0x0000002aabb2af24 <FcPatternBuild+85>: sub    %rax,0xfffffffffffffef8(%rbp)
0x0000002aabb2af2b <FcPatternBuild+92>: lea    0xffffffffffffffff(%rbp),%rax
0x0000002aabb2af2f <FcPatternBuild+96>: mov    0xfffffffffffffef8(%rbp),%rdx
0x0000002aabb2af36 <FcPatternBuild+103>:        jmpq   *%edx
0x0000002aabb2af38 <FcPatternBuild+105>:        movaps %xmm7,0xfffffffffffffff1(%rax)
0x0000002aabb2af3c <FcPatternBuild+109>:        movaps %xmm6,0xffffffffffffffe1(%rax)
0x0000002aabb2af40 <FcPatternBuild+113>:        movaps %xmm5,0xffffffffffffffd1(%rax)
0x0000002aabb2af44 <FcPatternBuild+117>:        movaps %xmm4,0xffffffffffffffc1(%rax)
0x0000002aabb2af48 <FcPatternBuild+121>:        movaps %xmm3,0xffffffffffffffb1(%rax)
0x0000002aabb2af4c <FcPatternBuild+125>:        movaps %xmm2,0xffffffffffffffa1(%rax)
0x0000002aabb2af50 <FcPatternBuild+129>:        movaps %xmm1,0xffffffffffffff91(%rax)
0x0000002aabb2af54 <FcPatternBuild+133>:        movaps %xmm0,0xffffffffffffff81(%rax)
0x0000002aabb2af58 <FcPatternBuild+137>:        mov    %rdi,0xffffffffffffff48(%rbp)
0x0000002aabb2af5f <FcPatternBuild+144>:        movl   $0x8,0xffffffffffffff20(%rbp)
0x0000002aabb2af69 <FcPatternBuild+154>:        movl   $0x30,0xffffffffffffff24(%rbp)
0x0000002aabb2af73 <FcPatternBuild+164>:        lea    0x10(%rbp),%rax

It is still not clear why this code crashes, it doesn't seem to be a stack overflow in the native code because on SLES9 x86_64 there is no stack limit at all:

$ ulimit -s
unlimited

I am going to continue investigation and build libraries up the stack which call FcPatternBuild with debug info to see what is going on in that code. The native code stack that is called from Eclipse SWT looks like this:

#0  0x0000002aab674756 in FcPatternBuild () from /usr/lib64/libfontconfig.so.1
#1  0x0000002aaa8e73b5 in pango_fc_font_map_get_patterns () from /opt/gnome/lib64/libpangoxft-1.0.so.0
#2  0x0000002aaa8e76c5 in pango_fc_font_map_load_fontset () from /opt/gnome/lib64/libpangoxft-1.0.so.0
#3  0x0000002aaab26ce5 in pango_font_map_load_fontset () from /opt/gnome/lib64/libpango-1.0.so.0
#4  0x0000002aaab25434 in pango_itemize () from /opt/gnome/lib64/libpango-1.0.so.0
#5  0x0000002aaab2b526 in pango_layout_check_lines () from /opt/gnome/lib64/libpango-1.0.so.0
#6  0x0000002aaab2cf05 in pango_layout_get_iter () from /opt/gnome/lib64/libpango-1.0.so.0
#7  0x0000002aaa578122 in gdk_draw_layout_with_colors () from /opt/gnome/lib64/libgdk-x11-2.0.so.0
#8  0x0000002aa9d80ce0 in Java_org_eclipse_swt_internal_gtk_OS__1gdk_1draw_1layout_1with_1colors ()
   from /nfs/ims/home/gashiman/work/eclipse-3.1.1-x86_64/configuration/org.eclipse.osgi/bundles/94/1/.cp/libswt-pi-gtk-3139.so
#9  0x0000002a98bb4901 in invokeJNI ()


> [drlvm][interpreter][eclipse] EHWA 3.1.1 crashes
> ------------------------------------------------
>
>                 Key: HARMONY-3062
>                 URL: https://issues.apache.org/jira/browse/HARMONY-3062
>             Project: Harmony
>          Issue Type: Bug
>          Components: App-Oriented Bug Reports, DRLVM
>         Environment: SUSE9@x86_64
>            Reporter: Alexey Varlamov
>            Priority: Minor
>
> Eclipse HelloWorld scenario works on JIT but fails on interpreter. To reproduce: 
> working_vm/build/>sh build.sh ehwa.test -Dehwa.test.mode=int 
> ...
>      [echo]
>      [echo]         ==================================
>      [echo]         Run Eclipse HelloWorld using interpreter
>      [echo]         ==================================
>      [echo]
>      [java] Java Result: 139

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.