United StatesChange Country, Oracle Worldwide Web Sites Communities I am a... I want to...
Bug ID: JDK-7090976 Eclipse/CDT causes a JVM crash while indexing C++ code
JDK-7090976 : Eclipse/CDT causes a JVM crash while indexing C++ code

Submit Date:
Updated Date:
Project Name:
Resolved Date:
Affected Versions:
Fixed Versions:
hs23 (b13)

Related Reports

Sub Tasks

$ java -version
java version "1.7.0"
Java(TM) SE Runtime Environment (build 1.7.0-b147)
Java HotSpot(TM) Client VM (build 21.0-b17, mixed mode, sharing)

Under certain high-load conditions, Eclipse/CDT will cause the JVM to crash. We've seen it crash consistently in our test suites which create/build/deletes lots of CDT projects.

As far as I can tell from the crash report, it crashes while JIT-compiling a method called org.eclipse.cdt.internal.core.dom.parser.cpp.semantics.CPPVisitor::createType.

Specifying -XX:CompileCommand=exclude,org/eclipse/cdt/internal/core/dom/parser/cpp/semantics/CPPVisitor,createType to the JVM seems to avoid the crash.

# A fatal error has been detected by the Java Runtime Environment:
#  EXCEPTION_ACCESS_VIOLATION (0xc0000005) at pc=0x62874451, pid=6764, tid=8892
# JRE version: 7.0-b147
# Java VM: Java HotSpot(TM) Client VM (21.0-b17 mixed mode windows-x86 )
# Problematic frame:
# V  [jvm.dll+0x224451]
# Failed to write core dump. Minidumps are not enabled by default on client versions of Windows
# If you would like to submit a bug report, please visit:
#   http://bugreport.sun.com/bugreport/crash.jsp

---------------  T H R E A D  ---------------

Current thread (0x54b77c00):  JavaThread "C1 CompilerThread0" daemon [_thread_in_native, id=8892, stack(0x54f00000,0x54f50000)]

siginfo: ExceptionCode=0xc0000005, reading address 0x00000010

EAX=0x00000000, EBX=0x59479e58, ECX=0x54f4f518, EDX=0x628ef924
ESP=0x54f4f4d4, EBP=0x54f4f4f4, ESI=0x59449aa0, EDI=0x59479d50
EIP=0x62874451, EFLAGS=0x00010212

  Top of Stack: (sp=0x54f4f4d4)
0x54f4f4d4:   54f4f674 59479e58 59449710 54f4f4fc
0x54f4f4e4:   54f4f4f8 628727be 54f4f500 54f4f518
0x54f4f4f4:   54f4f500 62872e2e 59449aa0 54f4f530
0x54f4f504:   6287a862 54f4f518 59479d50 54f4f674
0x54f4f514:   59479e58 628ef924 54f4f84c 59449aa0
0x54f4f524:   0000015a 00000000 59449a00 54f4f558
0x54f4f534:   6287c13c 59449aa0 0000015a 59449a00
0x54f4f544:   54f4f674 00000099 59479d50 59479e58

Instructions: (pc=0x62874451)
0x62874431:   ff 5f 5e 5b 8b e5 5d c2 04 00 cc cc cc cc cc 55
0x62874441:   8b ec 83 ec 18 53 56 8b 75 08 8b 46 3c 89 4d fc
0x62874451:   8b 48 10 8b 11 8b 42 0c 57 ff d0 84 c0 74 1b 8b
0x62874461:   46 3c 8b 4e 44 8b 56 40 52 89 4e 3c 89 46 44 e8

Register to memory mapping:

EAX=0x00000000 is an unknown value
EBX=0x59479e58 is an unknown value
ECX=0x54f4f518 is pointing into the stack for thread: 0x54b77c00
EDX=0x628ef924 is an unknown value
ESP=0x54f4f4d4 is pointing into the stack for thread: 0x54b77c00
EBP=0x54f4f4f4 is pointing into the stack for thread: 0x54b77c00
ESI=0x59449aa0 is an unknown value
EDI=0x59479d50 is an unknown value

Stack: [0x54f00000,0x54f50000],  sp=0x54f4f4d4,  free space=317k
Native frames: (J=compiled Java code, j=interpreted, Vv=VM code, C=native code)
V  [jvm.dll+0x224451]
V  [jvm.dll+0x222e2e]
V  [jvm.dll+0x22a862]
V  [jvm.dll+0x22c13c]
V  [jvm.dll+0x22c351]
V  [jvm.dll+0x231439]
V  [jvm.dll+0x232081]
V  [jvm.dll+0x234d36]
V  [jvm.dll+0x234e99]
V  [jvm.dll+0x224f82]
V  [jvm.dll+0x2256b3]
V  [jvm.dll+0x2257da]
V  [jvm.dll+0x225937]
V  [jvm.dll+0x225bbd]
V  [jvm.dll+0x43795]
V  [jvm.dll+0x43bf4]
V  [jvm.dll+0x14433f]
V  [jvm.dll+0x171549]
C  [msvcr100.dll+0x5c6de]  endthreadex+0x3a
C  [msvcr100.dll+0x5c788]  endthreadex+0xe4
C  [kernel32.dll+0x13677]  BaseThreadInitThunk+0x12
C  [ntdll.dll+0x39f02]  RtlInitializeExceptionChain+0x63
C  [ntdll.dll+0x39ed5]  RtlInitializeExceptionChain+0x36

Current CompileTask:
C1:  42149 4809             org.eclipse.cdt.internal.core.dom.parser.cpp.semantics.CPPVisitor::createType (363 bytes)

---------------  P R O C E S S  ---------------

Java Threads: ( => current thread )
  0x5928c400 JavaThread "lwcache" daemon [_thread_blocked, id=9256, stack(0x5d400000,0x5d450000)]
  0x592a0c00 JavaThread "lwcache" daemon [_thread_blocked, id=9632, stack(0x5d780000,0x5d7d0000)]
  0x59238c00 JavaThread "lwcache" daemon [_thread_blocked, id=8176, stack(0x5cec0000,0x5cf10000)]
  0x59239c00 JavaThread "lwcache" daemon [_thread_blocked, id=9236, stack(0x57a80000,0x57ad0000)]
  0x5923a400 JavaThread "lwcache" daemon [_thread_blocked, id=7912, stack(0x5d0a0000,0x5d0f0000)]
  0x59239000 JavaThread "lwcache" daemon [_thread_blocked, id=9780, stack(0x5d290000,0x5d2e0000)]
  0x59239800 JavaThread "lwcache" daemon [_thread_blocked, id=9556, stack(0x5d140000,0x5d190000)]
  0x5923ac00 JavaThread "lwcache" daemon [_thread_blocked, id=8356, stack(0x5d1b0000,0x5d200000)]
  0x5923b800 JavaThread "lwcache" daemon [_thread_blocked, id=10228, stack(0x5d040000,0x5d090000)]
  0x592a1400 JavaThread "lwcache" daemon [_thread_blocked, id=7776, stack(0x5cf80000,0x5cfd0000)]
  0x592a2000 JavaThread "lwcache" daemon [_thread_blocked, id=7836, stack(0x5cf10000,0x5cf60000)]
  0x592a3800 JavaThread "lwcache" daemon [_thread_blocked, id=8796, stack(0x574e0000,0x57530000)]
  0x5927d800 JavaThread "[ThreadPool Manager] - Idle Thread" daemon [_thread_blocked, id=9876, stack(0x56ed0000,0x56f20000)]
  0x5928cc00 JavaThread "Worker-5" [_thread_blocked, id=1928, stack(0x57010000,0x57060000)]
  0x592a1800 JavaThread "pool-2-thread-8" [_thread_blocked, id=6124, stack(0x57ad0000,0x57b20000)]
  0x5928c000 JavaThread "pool-2-thread-7" [_thread_blocked, id=7104, stack(0x5d570000,0x5d5c0000)]
  0x5927f000 JavaThread "pool-2-thread-6" [_thread_blocked, id=6756, stack(0x5bfc0000,0x5c010000)]
  0x5927c400 JavaThread "pool-2-thread-5" [_thread_blocked, id=7992, stack(0x57a30000,0x57a80000)]
  0x5927c000 JavaThread "pool-2-thread-4" [_thread_blocked, id=4348, stack(0x57210000,0x57260000)]
  0x5927b800 JavaThread "pool-2-thread-3" [_thread_blocked, id=7808, stack(0x57940000,0x57990000)]
  0x5923c400 JavaThread "pool-2-thread-2" [_thread_blocked, id=9920, stack(0x57890000,0x578e0000)]
  0x5923bc00 JavaThread "pool-2-thread-1" [_thread_blocked, id=6876, stack(0x57730000,0x57780000)]
  0x564bd800 JavaThread "Worker-4" [_thread_blocked, id=6420, stack(0x57060000,0x570b0000)]
  0x564be000 JavaThread "ReaderThread" [_thread_in_native, id=4280, stack(0x5ce40000,0x5ce90000)]
  0x564bd400 JavaThread "Background Startup" [_thread_blocked, id=9912, stack(0x5cb60000,0x5cbb0000)]
  0x564bcc00 JavaThread "Worker-3" [_thread_blocked, id=10200, stack(0x5cd40000,0x5cd90000)]
  0x564bc800 JavaThread "Log4j property reader thread" daemon [_thread_blocked, id=5116, stack(0x5ccb0000,0x5cd00000)]
  0x564bc000 JavaThread "Worker-2" [_thread_blocked, id=10076, stack(0x5b9f0000,0x5ba40000)]
  0x564bb800 JavaThread "Worker-1" [_thread_in_native_trans, id=7380, stack(0x5bdb0000,0x5be00000)]
  0x564bb400 JavaThread "WorkbenchTestable" [_thread_blocked, id=7680, stack(0x5ca50000,0x5caa0000)]
  0x55b08800 JavaThread "Java indexing" daemon [_thread_blocked, id=9944, stack(0x589e0000,0x58a30000)]
  0x55d9f000 JavaThread "Worker-0" [_thread_blocked, id=7024, stack(0x56c90000,0x56ce0000)]
  0x55b58800 JavaThread "Worker-JM" [_thread_blocked, id=4324, stack(0x569f0000,0x56a40000)]
  0x562be400 JavaThread "[Timer] - Main Queue Handler" daemon [_thread_blocked, id=9956, stack(0x567b0000,0x56800000)]
  0x55da1c00 JavaThread "Bundle File Closer" daemon [_thread_blocked, id=8960, stack(0x55630000,0x55680000)]
  0x55a5d000 JavaThread "Start Level Event Dispatcher" daemon [_thread_blocked, id=2612, stack(0x55ef0000,0x55f40000)]
  0x55a0a000 JavaThread "Framework Event Dispatcher" daemon [_thread_blocked, id=10236, stack(0x55f50000,0x55fa0000)]
  0x54b93800 JavaThread "Service Thread" daemon [_thread_blocked, id=7988, stack(0x559a0000,0x559f0000)]
=>0x54b77c00 JavaThread "C1 CompilerThread0" daemon [_thread_in_native, id=8892, stack(0x54f00000,0x54f50000)]
  0x54b6a000 JavaThread "JDWP Command Reader" daemon [_thread_in_native, id=7848, stack(0x55750000,0x557a0000)]
  0x54b68c00 JavaThread "JDWP Event Helper Thread" daemon [_thread_blocked, id=9804, stack(0x549a0000,0x549f0000)]
  0x54b5c400 JavaThread "JDWP Transport Listener: dt_socket" daemon [_thread_blocked, id=4896, stack(0x553c0000,0x55410000)]
  0x54b59400 JavaThread "Attach Listener" daemon [_thread_blocked, id=4780, stack(0x54f50000,0x54fa0000)]
  0x54b56000 JavaThread "Signal Dispatcher" daemon [_thread_blocked, id=6148, stack(0x54a00000,0x54a50000)]
  0x0049f400 JavaThread "Finalizer" daemon [_thread_blocked, id=8968, stack(0x54d30000,0x54d80000)]
  0x0049a000 JavaThread "Reference Handler" daemon [_thread_blocked, id=9924, stack(0x54910000,0x54960000)]
  0x004cb000 JavaThread "main" [_thread_blocked, id=8168, stack(0x00aa0000,0x00af0000)]

Other Threads:
  0x00494800 VMThread [stack: 0x54a50000,0x54aa0000] [id=3768]
  0x54b94800 WatcherThread [stack: 0x55930000,0x55980000] [id=8528]

VM state:not at safepoint (normal execution)

VM Mutex/Monitor currently owned by a thread: None

 def new generation   total 33792K, used 28343K [0x04560000, 0x06a00000, 0x19ab0000)
  eden space 30080K,  87% used [0x04560000, 0x05f2cdd0, 0x062c0000)
  from space 3712K,  51% used [0x06660000, 0x068410f0, 0x06a00000)
  to   space 3712K,   0% used [0x062c0000, 0x062c0000, 0x06660000)
 tenured generation   total 74784K, used 45397K [0x19ab0000, 0x1e3b8000, 0x44560000)
   the space 74784K,  60% used [0x19ab0000, 0x1c705640, 0x1c705800, 0x1e3b8000)
 compacting perm gen  total 43264K, used 43021K [0x44560000, 0x46fa0000, 0x54560000)
   the space 43264K,  99% used [0x44560000, 0x46f63450, 0x46f63600, 0x46fa0000)
No shared spaces configured.

Code Cache  [0x02560000, 0x02e58000, 0x04560000)
 total_blobs=4912 nmethods=4698 adapters=153 free_code_cache=23608Kb largest_free_block=24164608

Dynamic libraries:
0x00d30000 - 0x00d5f000 	C:\Program Files (x86)\Java\jdk1.7.0\bin\javaw.exe
0x77810000 - 0x77990000 	C:\Windows\SysWOW64\ntdll.dll
0x769f0000 - 0x76af0000 	C:\Windows\syswow64\kernel32.dll
0x769a0000 - 0x769e6000 	C:\Windows\syswow64\KERNELBASE.dll
0x76b30000 - 0x76bd0000 	C:\Windows\syswow64\ADVAPI32.dll
0x76800000 - 0x768ac000 	C:\Windows\syswow64\msvcrt.dll
0x750d0000 - 0x750e9000 	C:\Windows\SysWOW64\sechost.dll
0x768b0000 - 0x769a0000 	C:\Windows\syswow64\RPCRT4.dll
0x74f10000 - 0x74f70000 	C:\Windows\syswow64\SspiCli.dll
0x74f00000 - 0x74f0c000 	C:\Windows\syswow64\CRYPTBASE.dll
0x75120000 - 0x75220000 	C:\Windows\syswow64\USER32.dll
0x76e30000 - 0x76ec0000 	C:\Windows\syswow64\GDI32.dll
0x76bd0000 - 0x76bda000 	C:\Windows\syswow64\LPK.dll
0x76d60000 - 0x76dfd000 	C:\Windows\syswow64\USP10.dll
0x735c0000 - 0x7375e000 	C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\COMCTL32.dll
0x76be0000 - 0x76c37000 	C:\Windows\syswow64\SHLWAPI.dll
0x75f40000 - 0x75fa0000 	C:\Windows\system32\IMM32.DLL
0x764d0000 - 0x7659c000 	C:\Windows\syswow64\MSCTF.dll
0x67f40000 - 0x67ffe000 	C:\Program Files (x86)\Java\jdk1.7.0\jre\bin\msvcr100.dll
0x62650000 - 0x62971000 	C:\Program Files (x86)\Java\jdk1.7.0\jre\bin\client\jvm.dll
0x749b0000 - 0x749b7000 	C:\Windows\system32\WSOCK32.dll
0x76740000 - 0x76775000 	C:\Windows\syswow64\WS2_32.dll
0x75110000 - 0x75116000 	C:\Windows\syswow64\NSI.dll
0x747d0000 - 0x74802000 	C:\Windows\system32\WINMM.dll
0x75ea0000 - 0x75ea5000 	C:\Windows\syswow64\PSAPI.DLL
0x733e0000 - 0x733ec000 	C:\Program Files (x86)\Java\jdk1.7.0\jre\bin\verify.dll
0x72d90000 - 0x72db0000 	C:\Program Files (x86)\Java\jdk1.7.0\jre\bin\java.dll
0x6a650000 - 0x6a67a000 	C:\Program Files (x86)\Java\jdk1.7.0\jre\bin\jdwp.dll
0x6a640000 - 0x6a647000 	C:\Program Files (x86)\Java\jdk1.7.0\jre\bin\npt.dll
0x73290000 - 0x732a3000 	C:\Program Files (x86)\Java\jdk1.7.0\jre\bin\zip.dll
0x6a630000 - 0x6a638000 	C:\Program Files (x86)\Java\jdk1.7.0\jre\bin\dt_socket.dll
0x71730000 - 0x71740000 	C:\Windows\system32\NLAapi.dll
0x74530000 - 0x7456c000 	C:\Windows\System32\mswsock.dll
0x74390000 - 0x743d4000 	C:\Windows\system32\DNSAPI.dll
0x71030000 - 0x71038000 	C:\Windows\System32\winrnr.dll
0x71020000 - 0x71030000 	C:\Windows\system32\napinsp.dll
0x70e40000 - 0x70e52000 	C:\Windows\system32\pnrpnsp.dll
0x70c10000 - 0x70c1d000 	C:\Windows\system32\wshbth.dll
0x71060000 - 0x71081000 	C:\Program Files (x86)\Bonjour\mdnsNSP.dll
0x74500000 - 0x7451c000 	C:\Windows\system32\Iphlpapi.DLL
0x744f0000 - 0x744f7000 	C:\Windows\system32\WINNSI.DLL
0x6f640000 - 0x6f678000 	C:\Windows\System32\fwpuclnt.dll
0x71050000 - 0x71056000 	C:\Windows\system32\rasadhlp.dll
0x74520000 - 0x74525000 	C:\Windows\System32\wshtcpip.dll
0x74350000 - 0x74366000 	C:\Windows\system32\CRYPTSP.dll
0x74310000 - 0x7434b000 	C:\Windows\system32\rsaenh.dll
0x74980000 - 0x74997000 	C:\Windows\system32\USERENV.dll
0x74970000 - 0x7497b000 	C:\Windows\system32\profapi.dll
0x72d50000 - 0x72d64000 	C:\Program Files (x86)\Java\jdk1.7.0\jre\bin\net.dll
0x74450000 - 0x74456000 	C:\Windows\System32\wship6.dll
0x73760000 - 0x7376f000 	C:\Program Files (x86)\Java\jdk1.7.0\jre\bin\nio.dll
0x72000000 - 0x7200d000 	C:\Users\jesperes\workspace\.metadata\.plugins\org.eclipse.pde.core\.bundle_pool\plugins\org.eclipse.equinox.launcher.win32.win32.x86_1.1.2.R36x_v20101222\eclipse_1312.dll
0x74850000 - 0x74859000 	C:\Windows\system32\VERSION.dll
0x55e30000 - 0x55e93000 	C:\Users\jesperes\workspace\.metadata\.plugins\org.eclipse.pde.core\pde-junit\org.eclipse.osgi\bundles\349\1\.cp\swt-win32-3659.dll
0x75fa0000 - 0x760fc000 	C:\Windows\syswow64\ole32.dll
0x75eb0000 - 0x75f3f000 	C:\Windows\syswow64\OLEAUT32.dll
0x76780000 - 0x767fb000 	C:\Windows\syswow64\comdlg32.dll
0x75220000 - 0x75e69000 	C:\Windows\syswow64\SHELL32.dll
0x76c40000 - 0x76d5a000 	C:\Windows\syswow64\WININET.dll
0x76af0000 - 0x76af3000 	C:\Windows\syswow64\Normaliz.dll
0x76160000 - 0x76318000 	C:\Windows\syswow64\iertutil.dll
0x74fc0000 - 0x750d0000 	C:\Windows\syswow64\urlmon.dll
0x730e0000 - 0x73160000 	C:\Windows\system32\uxtheme.dll
0x72dc0000 - 0x72dd3000 	C:\Windows\system32\dwmapi.dll
0x004a0000 - 0x004bd000 	C:\Users\jesperes\workspace\.metadata\.plugins\org.eclipse.pde.core\pde-junit\org.eclipse.osgi\bundles\349\1\.cp\swt-gdip-win32-3659.dll
0x714e0000 - 0x71670000 	C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll
0x71740000 - 0x7183b000 	C:\Windows\system32\WindowsCodecs.dll
0x72df0000 - 0x72e2c000 	C:\Windows\system32\oleacc.dll
0x6efb0000 - 0x6f0a5000 	C:\Windows\system32\propsys.dll
0x76ec0000 - 0x76f43000 	C:\Windows\syswow64\CLBCatQ.DLL
0x69ed0000 - 0x6a03f000 	C:\Windows\system32\explorerframe.dll
0x6a940000 - 0x6a96f000 	C:\Windows\system32\DUser.dll
0x6a7d0000 - 0x6a882000 	C:\Windows\system32\DUI70.dll
0x72de0000 - 0x72dee000 	C:\Windows\system32\RpcRtRemote.dll
0x6d970000 - 0x6e2b5000 	C:\Windows\SysWOW64\ieframe.dll
0x70ce0000 - 0x70d3f000 	C:\Windows\system32\SXS.DLL
0x738e0000 - 0x7392b000 	C:\Windows\system32\apphelp.dll
0x74410000 - 0x74418000 	C:\Windows\system32\Secur32.dll
0x6e3f0000 - 0x6efa9000 	C:\Windows\SysWOW64\mshtml.dll
0x74c30000 - 0x74c35000 	C:\Windows\system32\msimg32.dll
0x71040000 - 0x7104b000 	C:\Windows\system32\msimtf.dll
0x70e60000 - 0x70e8b000 	C:\Windows\system32\msls31.dll
0x765a0000 - 0x7673d000 	C:\Windows\syswow64\setupapi.dll
0x76b00000 - 0x76b27000 	C:\Windows\syswow64\CFGMGR32.dll
0x750f0000 - 0x75102000 	C:\Windows\syswow64\DEVOBJ.dll
0x70c20000 - 0x70cda000 	C:\Windows\system32\d2d1.dll
0x6f780000 - 0x6f88a000 	C:\Windows\system32\DWrite.dll
0x6f6f0000 - 0x6f773000 	C:\Windows\system32\dxgi.dll
0x75e70000 - 0x75e9d000 	C:\Windows\syswow64\WINTRUST.dll
0x763b0000 - 0x764cc000 	C:\Windows\syswow64\CRYPT32.dll
0x777e0000 - 0x777ec000 	C:\Windows\syswow64\MSASN1.dll
0x6f6c0000 - 0x6f6ec000 	C:\Windows\system32\d3d10_1.dll
0x6f680000 - 0x6f6ba000 	C:\Windows\system32\d3d10_1core.dll
0x6e2c0000 - 0x6e3ec000 	C:\Windows\system32\D3D10Warp.dll
0x69d90000 - 0x69dbe000 	C:\Windows\system32\MLANG.dll
0x718a0000 - 0x718f2000 	C:\Windows\system32\RASAPI32.dll
0x71880000 - 0x71895000 	C:\Windows\system32\rasman.dll
0x71870000 - 0x7187d000 	C

( This report has more than 16,000 characters and has been truncated. )



I pinged the submitter but haven't heard anything back.  Looking more closely at the crash log, here's the disassembly:

;; 62874441 8b ec                   mov    %esp,%ebp
;; 62874443 83 ec 18                sub    $0x18,%esp
;; 62874446 53                      push   %ebx
;; 62874447 56                      push   %esi
;; 62874448 8b 75 08                mov    0x8(%ebp),%esi
;; 6287444b 8b 46 3c                mov    0x3c(%esi),%eax
;; 6287444e 89 4d fc                mov    %ecx,0xfffffffc(%ebp)
;; ---------------
;; 62874451 8b 48 10                mov    0x10(%eax),%ecx

eax == 0 so we crash.  This is the very beginning on the function:

V  [jvm.dll+0x224451];;  ?do_If@Canonicalizer@@UAEXPAVIf@@@Z+0x11

so I believe we're one this x->x()->type() part with x->x() == NULL.

void Canonicalizer::do_If(If* x) {
  // move const to right                                                                                                                                
  if (x->x()->type()->is_constant()) x->swap_operands();

This shouldn't be possible.  From the rest of the stack trace, we've just parsed the if from the bytecodes:

V  [jvm.dll+0x224451];;  ?do_If@Canonicalizer@@UAEXPAVIf@@@Z+0x11
V  [jvm.dll+0x222e2e];;  ?visit@If@@UAEXPAVInstructionVisitor@@@Z+0xe
V  [jvm.dll+0x22a862];;  ?append_with_bci@GraphBuilder@@AAEPAVInstruction@@PAV2@H@Z+0x32
V  [jvm.dll+0x22c13c];;  ?if_node@GraphBuilder@@AAEXPAVInstruction@@W4Condition@2@0PAVValueStack@@@Z+0xcc

so unless the bytecodes are bad there must be values there.  I'm not sure how this could happen.

I was able to reproduce it using replay and it appears to be a bug with the optimization of invokeinterface calls.  It's doing something slightly incorrect that's won't end up doing anything unsafe but happens to crashs because it creates a type mismatch on the stack.  Basically invokeinterface checking for interfaces with a single concrete implementator and emitting a guarded inline.  In this case it's getting confused by a complex interface hierarchy and picking types which aren't really singleton.  The guards it emits keeps it from every executing wrong code but the inlining created for two sites causes unrelated field loads to common since they occur at the same offset.  This screws up the expression stack which causes the later crash.  There are several things which should probably be fixed.  The invokeinterface should be more conservative in the presence of complex interface inheritance, LoadField HASHING2 should take into account the real type and the invokeinterface optimization should probably replace the receiver with the typecheck variant.



Hardware and Software, Engineered to Work Together