JDK-7145024 : Crashes in ucrypto related to C2
  • Type: Bug
  • Component: hotspot
  • Sub-Component: compiler
  • Affected Version: hs23,8
  • Priority: P1
  • Status: Closed
  • Resolution: Fixed
  • OS: generic
  • CPU: generic
  • Submitted: 2012-02-13
  • Updated: 2013-06-26
  • Resolved: 2012-03-24
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 7 JDK 8 Other
7u4 b16Fixed 8Fixed hs23Fixed
Related Reports
Relates :  
JDK-7013347 - allow crypto functions to be called inline to enhance performance
Relates :  
JDK-7150051 - incorrect oopmap in critical native
Description
# A fatal error has been detected by the Java Runtime Environment:
#
#  Internal Error (frame.cpp:1158), pid=22981, tid=13
#  Error: ShouldNotReachHere()
#
# JRE version: 7.0_04-b11
# Java VM: Java HotSpot(TM) 64-Bit Server VM (23.0-b15-internal-201202102004.jcoomes.hs23-b15-jdk7u4-b12 mixed mode solaris-amd64 compressed oops)

Stack: [0xfffffd7ff0492000,0xfffffd7ff0592000],  sp=0xfffffd7ff0590c00,  free space=1019k
Native frames: (J=compiled Java code, j=interpreted, Vv=VM code, C=native code)
V  [libjvm.so+0x1087e5b]  void VMError::report(outputStream*)+0x8bb;;  void VMError::report(outputStream*)+0x8bb
V  [libjvm.so+0x1088f80]  void VMError::report_and_die()+0x4fc;;  void VMError::report_and_die()+0x4fc
V  [libjvm.so+0xa06a59]  void report_should_not_reach_here(const char*,int)+0x59;;  void report_should_not_reach_here(const char*,int)+0x59
V  [libjvm.so+0xa7a38e]  void frame::oops_do_internal(OopClosure*,CodeBlobClosure*,RegisterMap*,bool)+0x132;;  void frame::oops_do_internal(OopClosure*,CodeBlobClosure*,RegisterMap*,bool)+0x132
V  [libjvm.so+0x102fc1c]  void JavaThread::oops_do(OopClosure*,CodeBlobClosure*)+0x1b8;;  void JavaThread::oops_do(OopClosure*,CodeBlobClosure*)+0x1b8
V  [libjvm.so+0x470f97]  void ThreadRootsTask::do_it(GCTaskManager*,unsigned)+0x6b;;  void ThreadRootsTask::do_it(GCTaskManager*,unsigned)+0x6b
V  [libjvm.so+0x5ff4f4]  void GCTaskThread::run()+0x264;;  void GCTaskThread::run()+0x264
V  [libjvm.so+0xeee7fa]  java_start+0x9d2;;  java_start+0x9d2
C  [libc.so.1+0x121021]  _thrp_setup+0xa5;;  _thrp_setup+0xa5
C  [libc.so.1+0x1212c0]  _lwp_start+0x0;;  _lwp_start+0x0

JavaThread 0x0000000008c73800 (nid = 243) was being processed
Java frames: (J=compiled Java code, j=interpreted, Vv=VM code)
J  com.oracle.security.ucrypto.NativeDigest.nativeUpdate(IJ[BII)I
C  0xfffffd7f00000000

[error occurred during error reporting (printing target Java thread stack), id 0xb]
# A fatal error has been detected by the Java Runtime Environment:
#
#  Internal Error (/tmp/jprt/P1/200445.jcoomes/source/src/share/vm/compiler/oopMap.cpp:154), pid=26223, tid=1330
#  assert(_locs_used[reg->value()] == OopMapValue::unused_value) failed: cannot insert twice
#
# JRE version: 7.0_04-b11
# Java VM: Java HotSpot(TM) 64-Bit Server VM (23.0-b15-internal-201202102004.jcoomes.hs23-b15-jdk7u4-b12-fastdebug compiled mode solaris-amd64 compressed oops)
Stack: [0xfffffd7ffbb42000,0xfffffd7ffbc42000],  sp=0xfffffd7ffbc37980,  free space=982k
Native frames: (J=compiled Java code, j=interpreted, Vv=VM code, C=native code)
V  [libjvm.so+0x286e53c]  void VMError::report(outputStream*)+0x8c8;;  void VMError::report(outputStream*)+0x8c8
V  [libjvm.so+0x286f6ad]  void VMError::report_and_die()+0x4fd;;  void VMError::report_and_die()+0x4fd
V  [libjvm.so+0xf1ac1f]  void report_vm_error(const char*,int,const char*,const char*)+0x55f;;  void report_vm_error(const char*,int,const char*,const char*)+0x55f
V  [libjvm.so+0x2287859]  void OopMap::set_oop(VMRegImpl*)+0x181;;  void OopMap::set_oop(VMRegImpl*)+0x181
V  [libjvm.so+0x25742fb]  void save_or_restore_arguments(MacroAssembler*,int,int,int,OopMap*,VMRegPair*,BasicType*)+0x17a3;;  void save_or_restore_arguments(MacroAssembler*,int,int,int,OopMap*,VMRegPair*,BasicType*)+0x17a3
V  [libjvm.so+0x2575f41]  void check_needs_gc_for_critical_native(MacroAssembler*,int,int,int,int,OopMapSet*,VMRegPair*,BasicType*)+0x175;;  void check_needs_gc_for_critical_native(MacroAssembler*,int,int,int,int,OopMapSet*,VMRegPair*,BasicType*)+0x175
V  [libjvm.so+0x257ada7]  nmethod*SharedRuntime::generate_native_wrapper(MacroAssembler*,methodHandle,int,int,int,BasicType*,VMRegPair*,BasicType)+0x173f;;  nmethod*SharedRuntime::generate_native_wrapper(MacroAssembler*,methodHandle,int,int,int,BasicType*,VMRegPair*,BasicType)+0x173f
V  [libjvm.so+0x2552160]  nmethod*AdapterHandlerLibrary::create_native_wrapper(methodHandle,int)+0xae4;;  nmethod*AdapterHandlerLibrary::create_native_wrapper(methodHandle,int)+0xae4
V  [libjvm.so+0xd729bf]  nmethod*CompileBroker::compile_method(methodHandle,int,int,methodHandle,int,const char*,Thread*)+0x1467;;  nmethod*CompileBroker::compile_method(methodHandle,int,int,methodHandle,int,const char*,Thread*)+0x1467
V  [libjvm.so+0x1e1fccf]  void CallInfo::set_common(KlassHandle,KlassHandle,methodHandle,methodHandle,int,Thread*)+0xaef;;  void CallInfo::set_common(KlassHandle,KlassHandle,methodHandle,methodHandle,int,Thread*)+0xaef
V  [libjvm.so+0x1e2e3aa]  void LinkResolver::resolve_static_call(CallInfo&,KlassHandle&,Symbol*,Symbol*,KlassHandle,bool,bool,Thread*)+0xa46;;  void LinkResolver::resolve_static_call(CallInfo&,KlassHandle&,Symbol*,Symbol*,KlassHandle,bool,bool,Thread*)+0xa46
V  [libjvm.so+0x1e4610a]  void LinkResolver::resolve_invokestatic(CallInfo&,constantPoolHandle,int,Thread*)+0xa1e;;  void LinkResolver::resolve_invokestatic(CallInfo&,constantPoolHandle,int,Thread*)+0xa1e
V  [libjvm.so+0x1e44982]  void LinkResolver::resolve_invoke(CallInfo&,Handle,constantPoolHandle,int,Bytecodes::Code,Thread*)+0x7aa;;  void LinkResolver::resolve_invoke(CallInfo&,Handle,constantPoolHandle,int,Bytecodes::Code,Thread*)+0x7aa
V  [libjvm.so+0x253b134]  Handle SharedRuntime::find_callee_info_helper(JavaThread*,vframeStream&,Bytecodes::Code&,CallInfo&,Thread*)+0x135c;;  Handle SharedRuntime::find_callee_info_helper(JavaThread*,vframeStream&,Bytecodes::Code&,CallInfo&,Thread*)+0x135c
V  [libjvm.so+0x253e684]  methodHandle SharedRuntime::resolve_sub_helper(JavaThread*,bool,bool,Thread*)+0xb84;;  methodHandle SharedRuntime::resolve_sub_helper(JavaThread*,bool,bool,Thread*)+0xb84
V  [libjvm.so+0x253d671]  methodHandle SharedRuntime::resolve_helper(JavaThread*,bool,bool,Thread*)+0x35;;  methodHandle SharedRuntime::resolve_helper(JavaThread*,bool,bool,Thread*)+0x35
V  [libjvm.so+0x25417f6]  unsigned char*SharedRuntime::resolve_static_call_C(JavaThread*)+0x126;;  unsigned char*SharedRuntime::resolve_static_call_C(JavaThread*)+0x126
v  ~RuntimeStub::resolve_static_call
J  com.oracle.security.ucrypto.NativeKey$RSAPrivateCrt.<init>(Ljava/security/spec/KeySpec;)V
J  java.security.Signature$Delegate.engineInitSign(Ljava/security/PrivateKey;)V
V  [libjvm.so+0x15ef8d4]  void JavaCalls::call_helper(JavaValue*,methodHandle*,JavaCallArguments*,Thread*)+0x9d4;;  void JavaCalls::call_helper(JavaValue*,methodHandle*,JavaCallArguments*,Thread*)+0x9d4
V  [libjvm.so+0x15eeebc]  void JavaCalls::call(JavaValue*,methodHandle,JavaCallArguments*,Thread*)+0x44;;  void JavaCalls::call(JavaValue*,methodHandle,JavaCallArguments*,Thread*)+0x44
V  [libjvm.so+0x24b4459]  oop Reflection::invoke(instanceKlassHandle,methodHandle,Handle,bool,objArrayHandle,BasicType,objArrayHandle,bool,Thread*)+0x2fc5;;  oop Reflection::invoke(instanceKlassHandle,methodHandle,Handle,bool,objArrayHandle,BasicType,objArrayHandle,bool,Thread*)+0x2fc5
V  [libjvm.so+0x24b7295]  oop Reflection::invoke_method(oop,Handle,objArrayHandle,Thread*)+0xdd5;;  oop Reflection::invoke_method(oop,Handle,objArrayHandle,Thread*)+0xdd5
V  [libjvm.so+0x19abcce]  JVM_InvokeMethod+0xae2;;  JVM_InvokeMethod+0xae2
C  [libjava.so+0x1b83e]  Java_sun_reflect_NativeMethodAccessorImpl_invoke0+0x12;;  Java_sun_reflect_NativeMethodAccessorImpl_invoke0+0x12
J  sun.reflect.NativeMethodAccessorImpl.invoke0(Ljava/lang/reflect/Method;Ljava/lang/Object;[Ljava/lang/Object;)Ljava/lang/Object;

Java frames: (J=compiled Java code, j=interpreted, Vv=VM code)
v  ~RuntimeStub::resolve_static_call
J  com.oracle.security.ucrypto.NativeKey$RSAPrivateCrt.<init>(Ljava/security/spec/KeySpec;)V
J  com.oracle.security.ucrypto.NativeRSAKeyFactory.engineGeneratePrivate(Ljava/security/spec/KeySpec;)Ljava/security/PrivateKey;
j  com.oracle.security.ucrypto.NativeRSASignature.engineInitSign(Ljava/security/PrivateKey;)V+123
J  java.security.Signature$Delegate.engineInitSign(Ljava/security/PrivateKey;)V
J  javasoft.sqe.tests.api.java.security.Signature.updateTests.update001()Ljavasoft/sqe/javatest/Status;
v  ~StubRoutines::call_stub
J  sun.reflect.NativeMethodAccessorImpl.invoke0(Ljava/lang/reflect/Method;Ljava/lang/Object;[Ljava/lang/Object;)Ljava/lang/Object;
J  sun.reflect.NativeMethodAccessorImpl.invoke(Ljava/lang/Object;[Ljava/lang/Object;)Ljava/lang/Object;
J  sun.reflect.DelegatingMethodAccessorImpl.invoke(Ljava/lang/Object;[Ljava/lang/Object;)Ljava/lang/Object;
J  java.lang.reflect.Method.invoke(Ljava/lang/Object;[Ljava/lang/Object;)Ljava/lang/Object;
J  javasoft.sqe.jck.lib.ProviderTest.invokeTestCase(Ljava/lang/reflect/Method;)Ljavasoft/sqe/javatest/Status;
J  javasoft.sqe.javatest.lib.MultiTest.run([Ljava/lang/String;Ljava/io/PrintWriter;Ljava/io/PrintWriter;)Ljavasoft/sqe/javatest/Status;
J  javasoft.sqe.javatest.lib.MultiTest.run([Ljava/lang/String;Ljava/io/PrintStream;Ljava/io/PrintStream;)Ljavasoft/sqe/javatest/Status;
J  javasoft.sqe.tests.api.java.security.Signature.updateTests.main([Ljava/lang/String;)V
v  ~StubRoutines::call_stub
J  sun.reflect.NativeMethodAccessorImpl.invoke0(Ljava/lang/reflect/Method;Ljava/lang/Object;[Ljava/lang/Object;)Ljava/lang/Object;
J  sun.reflect.NativeMethodAccessorImpl.invoke(Ljava/lang/Object;[Ljava/lang/Object;)Ljava/lang/Object;
J  sun.reflect.DelegatingMethodAccessorImpl.invoke(Ljava/lang/Object;[Ljava/lang/Object;)Ljava/lang/Object;
J  java.lang.reflect.Method.invoke(Ljava/lang/Object;[Ljava/lang/Object;)Ljava/lang/Object;
J  runThese$TestRunner$1.run()V
v  ~StubRoutines::call_stub
Also this crash happened during SPECjbb2012 run on vmsqe-x4170-04:

#  Internal Error (frame.cpp:1158), pid=5695, tid=15
#  Error: ShouldNotReachHere()
#
# JRE version: 8.0-b26
# Java VM: Java HotSpot(TM) 64-Bit Server VM (23.0-b15 mixed mode solaris-amd64 )

Stack: [0x0000000000000000,0x0000000000000000],  sp=0xfffffd7ffdf37100,  free space=18014395825093852k
Native frames: (J=compiled Java code, j=interpreted, Vv=VM code, C=native code)
V  [libjvm.so+0x1087e5b]  void VMError::report(outputStream*)+0x8bb
V  [libjvm.so+0x1088f80]  void VMError::report_and_die()+0x4fc
V  [libjvm.so+0xa06a59]  void report_should_not_reach_here(const char*,int)+0x59
V  [libjvm.so+0xa7a38e]  void frame::oops_do_internal(OopClosure*,CodeBlobClosure*,RegisterMap*,bool)+0x132
V  [libjvm.so+0x102fc1c]  void JavaThread::oops_do(OopClosure*,CodeBlobClosure*)+0x1b8
V  [libjvm.so+0x1034861]  void Threads::possibly_parallel_oops_do(OopClosure*,CodeBlobClosure*)+0x9d
V  [libjvm.so+0xf7b55b]  void SharedHeap::process_strong_roots(bool,bool,SharedHeap::ScanningOption,OopClosure*,CodeBlobClosure*,OopsInGenClosure*)+0xbf
V  [libjvm.so+0xa922ae]  void G1CollectedHeap::g1_process_strong_roots(bool,SharedHeap::ScanningOption,OopClosure*,OopsInHeapRegionClosure*,OopsInGenClosure*,int)+0x202
V  [libjvm.so+0xa970ef]  void G1ParTask::work(unsigned)+0x6eb
V  [libjvm.so+0x109a545]  void GangWorker::loop()+0x99

hs_err file is attached.
Also happened with Specjvm2008 crypto subbenchmark on Solaris-i586 and Solaris-amd64

See comments for details
Comments
EVALUATION http://hg.openjdk.java.net/lambda/lambda/hotspot/rev/2ee7dcc77c63
22-03-2012
EVALUATION http://hg.openjdk.java.net/hsx/hsx23/hotspot/rev/ad0b499ddb18
08-03-2012
WORK AROUND -XX:-CriticalJNINatives
29-02-2012
EVALUATION 7145024: Crashes in ucrypto related to C2 Reviewed-by: kvn There are two issues here. The first issue, that resulted in the asserts was incorrect incrementing of the slots when building the oop map. Fixing that exposed the second issue which is that different signatures may require very different orders for the move to avoid clobbering other arguments. There's no simple way to order them safely so I resurrected some old C1 code for computing a safe order for issuing stores and break any cycles in those stores. The code itself is fairly general but it's not necessary on the other platforms so I kept it in the platform dependent code instead of moving it into a shared file. Tested with a new manual test that exercises all permutations of 8 arguments that mix primtives and arrays on Solaris, Linux and Windows. Also tested with failing javasoft.sqe.tests.api.java.security.Signature.updateTests test. The crashes in frame.cpp are likely caused by overwriting parts of the stack in the logic the logic that was miscounting the handle space. I attached a test case that exercises various signatures and caught the bug in the report.
29-02-2012
EVALUATION http://hg.openjdk.java.net/hsx/hotspot-comp/hotspot/rev/2ee7dcc77c63
28-02-2012