JDK-8145137 : Incorrect call signature can be used in nmethod::preserve_callee_argument_oops
  • Type: Bug
  • Component: hotspot
  • Sub-Component: compiler
  • Affected Version: 9
  • Priority: P2
  • Status: Closed
  • Resolution: Fixed
  • Submitted: 2015-12-10
  • Updated: 2017-07-26
  • Resolved: 2015-12-11
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 9
9 b103Fixed
Related Reports
Relates :  
JDK-8072008 - Emit direct call instead of linkTo* for recursive indy/MH.invoke* calls
Description
For the case when C2 inlines through MH.linkTo*/invokeBasic adapters (JDK-8072008), attached method should be used, since bytecode information is inaccurate. But nmethod::preserve_callee_argument_oops doesn't do that. For MH.linkTo* case it means stack scanning tries to extract appendix MemberName argument, but generated code omits pushing it on stack. It usually leads to a crash later in GC when garbage oop is dereferenced.
Comments
verified by nightly testing
26-07-2017
Sample stack trace with ParallelGC: V [libjvm.so+0x3cbf01] oopDesc::mark() const+0x1f V [libjvm.so+0x5e181d] oopDesc::is_forwarded() const+0x27 V [libjvm.so+0x106008d] void PSPromotionManager::copy_and_push_safe_barrier<oopDesc*, false>(oopDesc**)+0x81 V [libjvm.so+0x10672c6] void PSRootsClosure<false>::do_oop_work<oopDesc*>(oopDesc**)+0x46 V [libjvm.so+0x1067222] PSRootsClosure<false>::do_oop(oopDesc**)+0x32 V [libjvm.so+0xa800ce] CompiledArgumentOopFinder::handle_oop_offset()+0x8c V [libjvm.so+0xa80018] CompiledArgumentOopFinder::set(int, BasicType)+0x44 V [libjvm.so+0x66d052] SignatureInfo::do_object(int, int)+0x42 V [libjvm.so+0x10dfb4b] SignatureIterator::parse_type()+0x37b V [libjvm.so+0x10dfe50] SignatureIterator::iterate_parameters()+0x58 V [libjvm.so+0xa80347] CompiledArgumentOopFinder::oops_do()+0x5b V [libjvm.so+0xa7ce6a] frame::oops_compiled_arguments_do(Symbol*, bool, bool, RegisterMap const*, OopClosure*)+0xd0 V [libjvm.so+0xf7cc45] nmethod::preserve_callee_argument_oops(frame, RegisterMap const*, OopClosure*)+0x199 V [libjvm.so+0xa7cd56] frame::oops_code_blob_do(OopClosure*, CodeBlobClosure*, RegisterMap const*)+0x108 V [libjvm.so+0xa7d58b] frame::oops_do_internal(OopClosure*, CLDClosure*, CodeBlobClosure*, RegisterMap*, bool)+0xdf V [libjvm.so+0x11a69c0] frame::oops_do(OopClosure*, CLDClosure*, CodeBlobClosure*, RegisterMap*)+0x54 V [libjvm.so+0x119fff9] JavaThread::oops_do(OopClosure*, CLDClosure*, CodeBlobClosure*)+0x315 V [libjvm.so+0x106766d] ThreadRootsTask::do_it(GCTaskManager*, unsigned int)+0xdf V [libjvm.so+0xb25588] GCTaskThread::run()+0x22c V [libjvm.so+0xfb620d] java_start(Thread*)+0x15d
10-12-2015