Leaving frysk doing absolutly nothing: Program received signal SIGSEGV, Segmentation fault. unmark_for_gc (obj=0x1142a80, ref_table=Variable "ref_table" is not available. ) at ../../../libjava/jni.cc:197 197 jint val = refcount->intValue () - 1; Current language: auto; currently c++ (gdb) list 192 JvSynchronize sync (ref_table); 193 194 using namespace java::lang; 195 Integer *refcount = (Integer *) ref_table->get (obj); 196 JvAssert (refcount); 197 jint val = refcount->intValue () - 1; 198 JvAssert (val >= 0); 199 if (val == 0) 200 ref_table->remove (obj); 201 else (gdb) bt #0 unmark_for_gc (obj=0x1142a80, ref_table=Variable "ref_table" is not available. ) at ../../../libjava/jni.cc:197 #1 0x008e38c7 in cleanup () from /usr/lib/frysk/libgtkjni-2.8.so #2 0x008e3a44 in Java_org_gnu_glib_Timer_stop_1timer () from /usr/lib/frysk/libgtkjni-2.8.so #3 0x057e7c67 in org::gnu::glib::Timer::stop_timer () from /usr/lib/frysk/libgtkjava-2.8.so #4 0x057e7ce4 in org::gnu::glib::Timer::stop () from /usr/lib/frysk/libgtkjava-2.8.so #5 0x057e7d2d in org::gnu::glib::Timer::finalize () from /usr/lib/frysk/libgtkjava-2.8.so #6 0x0272dac5 in _Jv_FinalizeObject (obj=0x1142a80) at ../../../libjava/java/lang/natObject.cc:121 #7 0x02743d8b in call_finalizer (obj=0x1142a80, client_data=0x272daa6) at ../../../libjava/boehm.cc:518 #8 0x02aa2995 in GC_invoke_finalizers () at ../../../boehm-gc/finalize.c:787 #9 0x02743de9 in _Jv_RunFinalizers () at ../../../libjava/boehm.cc:531 #10 0x02722db9 in gnu::gcj::runtime::FinalizerThread::run (this=0x4c348) at ../../../libjava/gnu/gcj/runtime/natFinalizerThread.cc:60 #11 0x02733209 in _Jv_ThreadRun (thread=0x4c348) at ../../../libjava/java/lang/natThread.cc:296 #12 0x027456c8 in really_start (x=0xb3fd8) at ../../../libjava/posix-threads.cc:430 #13 0x02aace9f in GC_start_routine (arg=0x43dc0) at ../../../boehm-gc/pthread_support.c:1185 #14 0x00510b80 in start_thread (arg=0xb7ce8bb0) at pthread_create.c:261 #15 0x003669ce in ?? () from /lib/libc.so.6 (gdb) signal SIGSEGV Continuing with signal SIGSEGV. Program received signal SIGABRT, Aborted. 0x00574402 in __kernel_vsyscall () (gdb) bt #0 0x00574402 in __kernel_vsyscall () #1 0x002c4118 in *__GI_raise (sig=0x6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:67 #2 0x002c5888 in *__GI_abort () at ../sysdeps/generic/abort.c:88 #3 0x02703079 in _Jv_Throw (value=0x1417ca8) at ../../../libjava/exception.cc:113 #4 0x026f78a6 in catch_segv (_dummy=Could not find the frame base for "catch_segv". ) at ../../../libjava/prims.cc:152 #5 <signal handler called> #6 0x02700898 in unmark_for_gc (obj=0x1142a80, ref_table=Variable "ref_table" is not available. ) at ../../../libjava/jni.cc:197 #7 0x008e38c7 in cleanup () from /usr/lib/frysk/libgtkjni-2.8.so #8 0x008e3a44 in Java_org_gnu_glib_Timer_stop_1timer () from /usr/lib/frysk/libgtkjni-2.8.so #9 0x057e7c67 in org::gnu::glib::Timer::stop_timer () from /usr/lib/frysk/libgtkjava-2.8.so #10 0x057e7ce4 in org::gnu::glib::Timer::stop () from /usr/lib/frysk/libgtkjava-2.8.so #11 0x057e7d2d in org::gnu::glib::Timer::finalize () from /usr/lib/frysk/libgtkjava-2.8.so #12 0x0272dac5 in _Jv_FinalizeObject (obj=0x1142a80) at ../../../libjava/java/lang/natObject.cc:121 #13 0x02743d8b in call_finalizer (obj=0x1142a80, client_data=0x272daa6) at ../../../libjava/boehm.cc:518 #14 0x02aa2995 in GC_invoke_finalizers () at ../../../boehm-gc/finalize.c:787 #15 0x02743de9 in _Jv_RunFinalizers () at ../../../libjava/boehm.cc:531 #16 0x02722db9 in gnu::gcj::runtime::FinalizerThread::run (this=0x4c348) at ../../../libjava/gnu/gcj/runtime/natFinalizerThread.cc:60 #17 0x02733209 in _Jv_ThreadRun (thread=0x4c348) at ../../../libjava/java/lang/natThread.cc:296 #18 0x027456c8 in really_start (x=0xb3fd8) at ../../../libjava/posix-threads.cc:430 #19 0x02aace9f in GC_start_routine (arg=0x43dc0) at ../../../boehm-gc/pthread_support.c:1185 #20 0x00510b80 in start_thread (arg=0xb7ce8bb0) at pthread_create.c:261 #21 0x003669ce in ?? () from /lib/libc.so.6
Upstream? Tracker: http://bugzilla.gnome.org/show_bug.cgi?id=331052
This code happened when we added the splashcreen. This code (though correct from a GTK usage standpoint) WindowManager.theManager.splashScreen.showAll(); Timer timer = new Timer(2000, new Fireable() { public boolean fire() { WindowManager.theManager.splashScreen.hideAll(); WindowManager.theManager.mainWindow.showAll(); return false; } Causes the following GDB bt during GC of that Timer object Program received signal SIGSEGV, Segmentation fault. 0x02700576 in _Jv_JNI_NewWeakGlobalRef () from /usr/lib/libgcj.so.6 (gdb) bt #0 0x02700576 in _Jv_JNI_NewWeakGlobalRef () from /usr/lib/libgcj.so.6 #1 0x00701a07 in cleanup (env=0x898a580, obj=0x74add20) at /usr/src/debug/libgtk-java-2.8.3/src/jni/org_gnu_glib_Timer.c:26 #2 0x00701b4a in Java_org_gnu_glib_Timer_stop_1timer (env=0x898a580, obj=0x74add20, handle=-1) at /usr/src/debug/libgtk-java-2.8.3/src/jni/org_gnu_glib_Timer.c:86 #3 0x05dbbb8a in org.gnu.glib.Timer.stop_timer(int) (this=0x74add20, handle=-1) at /usr/src/debug/libgtk-java-2.8.3/src/java/org/gnu/glib/Timer.java:116 #4 0x05dbbbee in org.gnu.glib.Timer.stop() (this=0x74add20) at /usr/src/debug/libgtk-java-2.8.3/src/java/org/gnu/glib/Timer.java:109 #5 0x05dbbc33 in org.gnu.glib.Timer.finalize() (this=0x74add20) at /usr/src/debug/libgtk-java-2.8.3/src/java/org/gnu/glib/Timer.java:117 #6 0x0272d745 in _Jv_FinalizeObject () from /usr/lib/libgcj.so.6 #7 0x02743a8b in _Jv_AllocRawObj () from /usr/lib/libgcj.so.6 #8 0x02aa2265 in GC_invoke_finalizers () from /usr/lib/libgcj.so.6 #9 0x02743ae9 in _Jv_RunFinalizers () from /usr/lib/libgcj.so.6 #10 0x02722a5c in gnu::gcj::runtime::FinalizerThread::run () from /usr/lib/libgcj.so.6 #11 0x02732eef in _Jv_ThreadRun () from /usr/lib/libgcj.so.6 #12 0x027453ca in _Jv_ThreadUnRegister () from /usr/lib/libgcj.so.6 #13 0x02aac793 in GC_start_routine () from /usr/lib/libgcj.so.6 #14 0x00c38341 in start_thread () from /lib/tls/libpthread.so.0 However replace with this code, and Frysk runs fine: WindowManager.theManager.splashScreen.showAll(); TimerEvent timerEvent = new TimerEvent(0, 5000){ public void execute() { WindowManager.theManager.splashScreen.hideAll(); WindowManager.theManager.mainWindow.showAll(); Manager.eventLoop.remove(this); } }; Manager.eventLoop.add (timerEvent); } }); // CustomEvents.addEvent(new Runnable() { // public void run() { // WindowManager.theManager.splashScreen.showAll(); // Timer timer = new Timer(2000, new Fireable() { // public boolean fire() { // WindowManager.theManager.splashScreen.hideAll(); // WindowManager.theManager.mainWindow.showAll(); // return false; // } // }); // timer.start(); // } // });
We avoided the issue by using this code in the RHEL4-U3 cut. This avoids use of the troublesome glib timers. However, this is not a fix but a workaround, and we should track upstream. CustomEvents.addEvent(new Runnable() { public void run() { WindowManager.theManager.splashScreen.showAll(); } }); TimerEvent timerEvent = new TimerEvent(0, 5000){ public void execute() { CustomEvents.addEvent(new Runnable() { public void run() { WindowManager.theManager.mainWindow.showAll(); WindowManager.theManager.splashScreen.hideAll(); } }); Manager.eventLoop.remove(this); } }; Manager.eventLoop.add (timerEvent);
After further investigation, it seems a double global reference is cleaned: In the method fire_method_invoker(gpointer data) in the source libgtk-java-2.8.3/src/jni/org_gnu_glib_Timer.c There is a bit o code that does if (keepFiring == JNI_FALSE) { cleanup(env, obj); However if you look at the Timer.java source, you will see it has a finalize() that calls stop() that calls stop_timer() If you look at that (stop_timer) method in org_gnu_glib_Timer.c you will see that also calls cleanup. As this is a result of a finalize() it always gets called. Therefore if the cleanup() gets called in fire_method_invoker() as well, this call will try to cleanup a null pointer However, the first conditional cleanup has to be called when an exception is thrown in that method code as there is a global reference there that will prevent finalization of the object, so it has to do cleanup. However this cleanup on exception sets up the sigsegv for the second cleanup on finalize(). Propose we conditional check the state of the global reference, and only clean if there is a valid reason to do so.
Filed upstream bug and added a patch: http://bugzilla.gnome.org/show_bug.cgi?id=334039
Upstream bug fixed http://bugzilla.gnome.org/show_bug.cgi?id=334039