United StatesChange Country, Oracle Worldwide Web Sites Communities I am a... I want to...
JDK-6987991 : JSR 292 phpreboot test/testtracefun2.phpr segfaults

Details
Type:
Bug
Submit Date:
2010-09-28
Status:
Closed
Updated Date:
2011-07-29
Project Name:
JDK
Resolved Date:
2011-04-25
Component:
hotspot
OS:
generic
Sub-Component:
compiler
CPU:
generic
Priority:
P4
Resolution:
Fixed
Affected Versions:
hs20
Fixed Versions:
hs21 (b09)

Related Reports
Backport:

Sub Tasks

Description
Putting the libraries on the system classpath (instead of the boot classpath) makes the VM crash.

$ gamma -XX:+UnlockExperimentalVMOptions -XX:+EnableInvokeDynamic -cp lib/phpreboot.jar:lib/tatoo-runtime.jar:lib/asm-all-3.2.jar:lib/grizzly-servlet-webserver-1.9.18-k.jar:. com.googlecode.phpreboot.Main test/testtracefun2.phpr

Program received signal SIGSEGV, Segmentation fault.
0xf719b73e in oopDesc::klass (this=0x0) at /home/twisti/hotspot-comp/hotspot/src/share/vm/oops/oop.inline.hpp:40
40	    return _metadata._klass;
(gdb) where
#0  0xf719b73e in oopDesc::klass (this=0x0) at /home/twisti/hotspot-comp/hotspot/src/share/vm/oops/oop.inline.hpp:40
#1  0xf719b762 in oopDesc::blueprint (this=0x0) at /home/twisti/hotspot-comp/hotspot/src/share/vm/oops/oop.inline.hpp:102
#2  0xf719b7f8 in oopDesc::is_klass (this=0x0) at /home/twisti/hotspot-comp/hotspot/src/share/vm/oops/oop.inline.hpp:113
#3  0xf719b54d in Klass::cast (k=0x0) at /home/twisti/hotspot-comp/hotspot/src/share/vm/oops/klass.hpp:483
#4  0xf76a83d6 in MethodHandles::class_cast_needed (src=0xb282f578, dst=0x0) at /home/twisti/hotspot-comp/hotspot/src/share/vm/prims/methodHandles.cpp:938
#5  0xf76a922f in MethodHandles::check_argument_type_change (src_type=T_OBJECT, src_klass=0xb282f578, dst_type=T_OBJECT, dst_klass=0x0, argnum=1, raw=false)
    at /home/twisti/hotspot-comp/hotspot/src/share/vm/prims/methodHandles.cpp:1256
#6  0xf76a8a20 in MethodHandles::verify_method_signature (m=..., mtype=..., first_ptype_pos=0, insert_ptype=..., __the_thread__=0x8068000)
    at /home/twisti/hotspot-comp/hotspot/src/share/vm/prims/methodHandles.cpp:1070
#7  0xf76a8c37 in MethodHandles::verify_method_type (m=..., mtype=..., has_bound_recv=false, bound_recv_type=..., __the_thread__=0x8068000)
    at /home/twisti/hotspot-comp/hotspot/src/share/vm/prims/methodHandles.cpp:1112
#8  0xf76a9977 in MethodHandles::verify_DirectMethodHandle (mh=..., m=..., __the_thread__=0x8068000) at /home/twisti/hotspot-comp/hotspot/src/share/vm/prims/methodHandles.cpp:1385
#9  0xf76a9ad2 in MethodHandles::init_DirectMethodHandle (mh=..., m=..., do_dispatch=false, __the_thread__=0x8068000) at /home/twisti/hotspot-comp/hotspot/src/share/vm/prims/methodHandles.cpp:1405
#10 0xf76ac503 in MHI_init_DMH (env=0x8068134, igcls=0xffffa5e4, mh_jh=0xffffa5f8, target_jh=0xffffa5f4, do_dispatch=0 '\000', caller_jh=0xffffa5ec)
    at /home/twisti/hotspot-comp/hotspot/src/share/vm/prims/methodHandles.cpp:2217
<snip>
The current version of phpreboot still fails with the same error on JDK 7 b136:

intelsdv03:~/mlvm/phpreboot-read-only/phpreboot$ java -XX:+UnlockExperimentalVMOptions -XX:+EnableInvokeDynamic -Xbootclasspath/p:lib/phpreboot.jar:lib/tatoo-runtime.jar:lib/asm-all-4.0.jar:lib/jaxen-1.1.2.jar:lib/grizzly-servlet-webserver-1.9.18-k.jar:lib/derby.jar com.googlecode.phpreboot.Main test/testtracefun2.phpr 
VM option '+UnlockExperimentalVMOptions'
VM option '+EnableInvokeDynamic'
i = 300000

intelsdv03:~/mlvm/phpreboot-read-only/phpreboot$ java -XX:+UnlockExperimentalVMOptions -XX:+EnableInvokeDynamic -cp lib/phpreboot.jar:lib/tatoo-runtime.jar:lib/asm-all-4.0.jar:lib/jaxen-1.1.2.jar:lib/grizzly-servlet-webserver-1.9.18-k.jar:lib/derby.jar com.googlecode.phpreboot.Main test/testtracefun2.phpr 
VM option '+UnlockExperimentalVMOptions'
VM option '+EnableInvokeDynamic'
#
# A fatal error has been detected by the Java Runtime Environment:
#
#  SIGSEGV (0xb) at pc=0x00ecc587, pid=20705, tid=11262832
#
# JRE version: 7.0-b136
# Java VM: Java HotSpot(TM) Server VM (21.0-b06-fastdebug mixed mode linux-x86 )
# Problematic frame:
# V  [libjvm.so+0x281587]  Klass::cast(klassOopDesc*)+0x17
#
# Failed to write core dump. Core dumps have been disabled. To enable core dumping, try "ulimit -c unlimited" before starting Java again
#
# An error report file with more information is saved as:
# /home/twisti/mlvm/phpreboot-read-only/phpreboot/hs_err_pid20705.log
#
# If you would like to submit a bug report, please visit:
#   http://java.sun.com/webapps/bugreport/crash.jsp
#

                                    

Comments
EVALUATION

http://hg.openjdk.java.net/jdk7/hotspot-rt/hotspot/rev/328926869b15
                                     
2011-04-23
EVALUATION

John Rose said: Make MH verification tests more correct, robust, and informative. Fix lingering symbol refcount problems.
                                     
2011-04-11
EVALUATION

http://hg.openjdk.java.net/jdk7/hotspot-comp/hotspot/rev/328926869b15
                                     
2011-04-10
EVALUATION

The logic of MethodHandles::verify_method_signature tries to resolve each class in the method signature with the loader and protection domain of the method holder class.  

The method signature is:

(dbx) p m->signature()->print()
Symbol: '(Lcom/googlecode/phpreboot/interpreter/EvalEnv;ILcom/googlecode/phpreboot/model/Var;)Z' count 1

The method holder class is:

(dbx) p m->method_holder()->print()
{instance class} 
 - klass: {other class}
 - instance size:     2
 - klass size:        86
 - access:            public final 
 - state:             linked
 - name:              'GenStub$0$trace'
 - super:             'java/lang/Object'
 - sub:               
 - arrays:            NULL
 - methods:           a 'java/lang/Object'[2] 
 - method ordering:   [I
 - local interfaces:  a 'java/lang/Object'[0] 
 - trans. interfaces: a 'java/lang/Object'[0] 
 - constants:         constant pool [39] for 'GenStub$0$trace' cache=0xb6a750d0
 - class loader:      NULL
 - protection domain: NULL
 - host class:        'sun/reflect/NativeConstructorAccessorImpl'
 - signers:           NULL
 - source file:       'script'
 - inner classes:     [S
 - java mirror:       a 'java/lang/Class' = 'GenStub$0$trace'
 - vtable length      5  (start addr: 0xb6a75038)
 - itable length      2 (start addr: 0xb6a75050)
 - ---- static fields (0 words):
 - ---- non-static fields (0 words):
 - non-static oop maps: 

Since the com/googlecode/phpreboot/* classes are loaded with the system class loader, the resolve fails, resulting in a null value, which is then passed on leading to the crash.
                                     
2011-03-21



Hardware and Software, Engineered to Work Together