[Bug 55602] New: JRE crashes during websocket communication

Fri, 27 Sep 2013 07:28:44 -0700 

https://issues.apache.org/bugzilla/show_bug.cgi?id=55602

            Bug ID: 55602
           Summary: JRE crashes during websocket communication
           Product: Tomcat 7
           Version: unspecified
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: major
          Priority: P2
         Component: Connectors
          Assignee: dev@tomcat.apache.org
          Reporter: st.mailingli...@gmail.com

During some initial tests with the Websocket implementation in Tomcat 7.0.42
the jre crashed seemingly randomly with the following crash log.

We got the same crash 3 times during a full work day while testing an extended
version of the chat examples/ app in message (not binary) mode with a few
clients. No idea how to reproduce though as the crashes appeared seemingly
randomly. The chat had always been working fine for some time before the crash
occurred.

Using APR based Apache Tomcat Native library 1.1.27 using APR version 1.4.6.


#
# A fatal error has been detected by the Java Runtime Environment:
#
#  SIGSEGV (0xb) at pc=0x00007f4b6a72c9dd, pid=10100, tid=139961597916928
#
# JRE version: Java(TM) SE Runtime Environment (7.0_40-b43) (build
1.7.0_40-b43)
# Java VM: Java HotSpot(TM) 64-Bit Server VM (24.0-b56 mixed mode linux-amd64
compressed oops)
# Problematic frame:
# C  [libtcnative-1.so.0.1.27+0x129dd] 
Java_org_apache_tomcat_jni_Socket_send+0x15d
#
# Core dump written. Default location: /home/asok/myself/core or core.10100
#
# If you would like to submit a bug report, please visit:
#   http://bugreport.sun.com/bugreport/crash.jsp
# The crash happened outside the Java Virtual Machine in native code.
# See problematic frame for where to report the bug.
#

---------------  T H R E A D  ---------------

Current thread (0x00007f4928010000):  JavaThread "http-apr-10088-exec-7" daemon
[_thread_in_native, id=18750, stack(0x00007f4b59437000,0x00007f4b59538000)]

siginfo:si_signo=SIGSEGV: si_errno=0, si_code=1 (SEGV_MAPERR),
si_addr=0x0000000000000040

Registers:
RAX=0x0000000000000000, RBX=0x00007f49280011d0, RCX=0x0000000000000000,
RDX=0x00007f4b59534128
RSP=0x00007f4b59534110, RBP=0x00007f49280101e8, RSI=0x00007f4b59534130,
RDI=0x0000000000000000
R8 =0x00007f4b59534130, R9 =0x0000000000000001, R10=0x00007f4b8d01852d,
R11=0x00007f4b985e3ed0
R12=0x0000000000000000, R13=0x0000000000000000, R14=0x00007f4b59536210,
R15=0x00007f4928010000
RIP=0x00007f4b6a72c9dd, EFLAGS=0x0000000000010246, CSGSFS=0x0000000000000033,
ERR=0x0000000000000004
  TRAPNO=0x000000000000000e

Top of Stack: (sp=0x00007f4b59534110)
0x00007f4b59534110:   327473657547202a 6f6a207361682031
0x00007f4b59534120:   0000002e64656e69 0000000000000001
0x00007f4b59534130:   0000000000000081 0000000000000000
0x00007f4b59534140:   0000000000000000 0000000000000008
0x00007f4b59534150:   0000000000000000 0000000000000000
0x00007f4b59534160:   0000000000000000 0000000000000000
0x00007f4b59534170:   0000000000000000 0000000000000000
0x00007f4b59534180:   0000000000003528 0000000000000000
0x00007f4b59534190:   0000000000005978 0000000000000000
0x00007f4b595341a0:   0000000000005980 0000000000000000
0x00007f4b595341b0:   0000000000000008 0000000000000000
0x00007f4b595341c0:   0000000000000000 0000000000000000
0x00007f4b595341d0:   0000000000000000 0000000000000000
0x00007f4b595341e0:   0000000000000000 0000000000000000
0x00007f4b595341f0:   0000000000000000 0000000000000000
0x00007f4b59534200:   0000000000000000 0000000000000000
0x00007f4b59534210:   0000000000000000 00007f4b00000008
0x00007f4b59534220:   0000000000000000 00007f4b00000000
0x00007f4b59534230:   00007f4900000000 00007f4900000000
0x00007f4b59534240:   00007f4b00000000 00007f4b00000000
0x00007f4b59534250:   0000000000000000 0000000000000000
0x00007f4b59534260:   0000000000000000 0000000000000000
0x00007f4b59534270:   0000000000000000 0000000000000000
0x00007f4b59534280:   0000000000000000 0000000000000000
0x00007f4b59534290:   0000000000000000 0000000000000000
0x00007f4b595342a0:   0000000000000000 0000000000000000
0x00007f4b595342b0:   0000000000000000 0000000000000000
0x00007f4b595342c0:   0000000000000000 0000000000000b00
0x00007f4b595342d0:   0000000000000000 0000000000000000
0x00007f4b595342e0:   0000000000000000 0000000000000000
0x00007f4b595342f0:   0000000000000000 0000000000000000
0x00007f4b59534300:   0000000000000000 0000000000000000 

Instructions: (pc=0x00007f4b6a72c9dd)
0x00007f4b6a72c9bd:   89 ea 4c 89 f6 48 89 ef ff 90 40 06 00 00 48 8b
0x00007f4b6a72c9cd:   43 30 48 8b 7b 18 48 8d 54 24 18 48 8d 74 24 20
0x00007f4b6a72c9dd:   ff 50 40 89 c3 e9 47 ff ff ff be 58 00 00 00 48
0x00007f4b6a72c9ed:   89 ef e8 ec a1 ff ff b8 a8 ff ff ff e9 6a ff ff 

Register to memory mapping:

RAX=0x0000000000000000 is an unknown value
RBX=0x00007f49280011d0 is an unknown value
RCX=0x0000000000000000 is an unknown value
RDX=0x00007f4b59534128 is pointing into the stack for thread:
0x00007f4928010000
RSP=0x00007f4b59534110 is pointing into the stack for thread:
0x00007f4928010000
RBP=0x00007f49280101e8 is an unknown value
RSI=0x00007f4b59534130 is pointing into the stack for thread:
0x00007f4928010000
RDI=0x0000000000000000 is an unknown value
R8 =0x00007f4b59534130 is pointing into the stack for thread:
0x00007f4928010000
R9 =0x0000000000000001 is an unknown value
R10=0x00007f4b8d01852d is at code_begin+1197 in an Interpreter codelet
method entry point (kind = native)  [0x00007f4b8d018080, 0x00007f4b8d018e80] 
3584 bytes
R11=0x00007f4b985e3ed0: <offset 0x183ed0> in /lib/x86_64-linux-gnu/libc.so.6 at
0x00007f4b98460000
R12=0x0000000000000000 is an unknown value
R13=0x0000000000000000 is an unknown value
R14=0x00007f4b59536210 is pointing into the stack for thread:
0x00007f4928010000
R15=0x00007f4928010000 is a thread


Stack: [0x00007f4b59437000,0x00007f4b59538000],  sp=0x00007f4b59534110,  free
space=1012k
Native frames: (J=compiled Java code, j=interpreted, Vv=VM code, C=native code)
C  [libtcnative-1.so.0.1.27+0x129dd] 
Java_org_apache_tomcat_jni_Socket_send+0x15d

Java frames: (J=compiled Java code, j=interpreted, Vv=VM code)
j  org.apache.tomcat.jni.Socket.send(J[BII)I+0
j  org.apache.coyote.http11.upgrade.UpgradeAprProcessor.write(I)V+14
j  org.apache.coyote.http11.upgrade.UpgradeOutbound.write(I)V+5
j 
org.apache.catalina.websocket.WsOutbound.doWriteBytes(Ljava/nio/ByteBuffer;Z)V+68
j 
org.apache.catalina.websocket.WsOutbound.doWriteText(Ljava/nio/CharBuffer;Z)V+65
j 
org.apache.catalina.websocket.WsOutbound.writeTextMessage(Ljava/nio/CharBuffer;)V+44
j 
com.company.app.handler.log.chat.ChatWebSocketServlet.broadcast(Ljava/lang/String;)V+66
j 
com.company.app.handler.log.chat.ChatWebSocketServlet$ChatMessageInbound.onOpen(Lorg/apache/catalina/websocket/WsOutbound;)V+46
j  org.apache.catalina.websocket.StreamInbound.onUpgradeComplete()V+22
j 
org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(Lorg/apache/tomcat/util/net/SocketWrapper;Lorg/apache/tomcat/util/net/SocketStatus;)Lorg/apache/tomcat/util/net/AbstractEndpoint$Handler$SocketState;+224
j  org.apache.tomcat.util.net.AprEndpoint$SocketWithOptionsProcessor.run()V+167
j 
java.util.concurrent.ThreadPoolExecutor.runWorker(Ljava/util/concurrent/ThreadPoolExecutor$Worker;)V+95
j  java.util.concurrent.ThreadPoolExecutor$Worker.run()V+5
j  java.lang.Thread.run()V+11
v  ~StubRoutines::call_stub

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to