Bug ID: JDK-8169938 [AOT] SIGSEGV at ~BufferBlob::vtable chunks

Type: Bug
Component: hotspot
Sub-Component: compiler
Affected Version: 9

Priority: P3
Status: Resolved
Resolution: Fixed

Submitted: 2016-11-18
Updated: 2017-01-31
Resolved: 2016-12-21

JDK 9
9 b151Fixed

1 test crashed while running with aot-compiled java.base:

# Problematic frame:
# v  ~BufferBlob::vtable chunks

Can I remove Confidential from this bug?
18-12-2016
Suggested changes to have only Klass* or NULL in _metaspace_got: http://cr.openjdk.java.net/~kvn/8169938/webrev/ Added scan of c2i AOT stabs for Method* in metadata_do(). Uncommented call to got_metadata_do(). And small clean up.
17-12-2016
I was able to reproduce this crash.
16-12-2016
This is running jdk/test/java/util/Locale/Bug6989440.java test with next flags: -Xcomp -Xcomp -XX:MaxRAMFraction=8 -XX:+CreateCoredumpOnCrash -ea -esa -XX:CompileThreshold=100 -XX:+UnlockExperimentalVMOptions -server -XX:+TieredCompilation -XX:+IgnoreUnrecognizedVMOptions -XX:+DeoptimizeALot
16-12-2016
Thread 1 (Thread 0x7fdcb18d8700 (LWP 25981)): #0 0x00007fdd285f0989 in raise () from /lib64/libc.so.6 #1 0x00007fdd285f2098 in abort () from /lib64/libc.so.6 #2 0x00007fdd279e5c11 in os::abort (dump_core=<optimized out>, siginfo=<optimized out>, context=<optimized out>) at /opt/jprt/T/P1/091439.rbackman/s/hotspot/src/os/linux/vm/os_linux.cpp:1362 #3 0x00007fdd27d3d242 in VMError::report_and_die (id=id@entry=-536870912, message=message@entry=0x7fdd27e5cf40 "fatal error", detail_fmt=detail_fmt@entry=0x7fdd27f36208 "memory leak: allocating without ResourceMark", detail_args=detail_args@entry=0x7fdcb18d5528, thread=<optimized out>, pc=pc@entry=0x0, siginfo=0x0, context=0x0, filename=0x7fdd27dcbf90 "/opt/jprt/T/P1/091439.rbackman/s/hotspot/src/share/vm/memory/resourceArea.hpp", lineno=63, size=0) at /opt/jprt/T/P1/091439.rbackman/s/hotspot/src/share/vm/utilities/vmError.cpp:1359 #4 0x00007fdd27d3de3f in VMError::report_and_die (thread=<optimized out>, filename=filename@entry=0x7fdd27dcbf90 "/opt/jprt/T/P1/091439.rbackman/s/hotspot/src/share/vm/memory/resourceArea.hpp", lineno=lineno@entry=63, message=message@entry=0x7fdd27e5cf40 "fatal error", detail_fmt=detail_fmt@entry=0x7fdd27f36208 "memory leak: allocating without ResourceMark", detail_args=detail_args@entry=0x7fdcb18d5528) at /opt/jprt/T/P1/091439.rbackman/s/hotspot/src/share/vm/utilities/vmError.cpp:1128 #5 0x00007fdd2713184e in report_fatal ( file=file@entry=0x7fdd27dcbf90 "/opt/jprt/T/P1/091439.rbackman/s/hotspot/src/share/vm/memory/resourceArea.hpp", line=line@entry=63, detail_fmt=detail_fmt@entry=0x7fdd27f36208 "memory leak: allocating without ResourceMark") at /opt/jprt/T/P1/091439.rbackman/s/hotspot/src/share/vm/utilities/debug.cpp:234 #6 0x00007fdd27b3bd09 in allocate_bytes ( alloc_failmode=AllocFailStrategy::EXIT_OOM, size=29, this=0x7fdcc01c69a0) at /opt/jprt/T/P1/091439.rbackman/s/hotspot/src/share/vm/memory/resourceArea.hpp:63 #7 resource_allocate_bytes (size=size@entry=29, alloc_failmode=alloc_failmode@entry=AllocFailStrategy::EXIT_OOM) at /opt/jprt/T/P1/091439.rbackman/s/hotspot/src/share/vm/memory/resourceArea.cpp:38 #8 0x00007fdd27c34b44 in as_C_string (this=0x7fdcf09c7948) at /opt/jprt/T/P1/091439.rbackman/s/hotspot/src/share/vm/oops/symbol.cpp:139 #9 Symbol::as_klass_external_name (this=0x7fdcf09c7948) at /opt/jprt/T/P1/091439.rbackman/s/hotspot/src/share/vm/oops/symbol.cpp:213 #10 0x00007fdd27750fc4 in Klass::external_name (this=0x1000176e8) at /opt/jprt/T/P1/091439.rbackman/s/hotspot/src/share/vm/oops/klass.cpp:595 #11 0x00007fdd2790ff6c in Method::name_and_sig_as_C_string ( klass=<optimized out>, method_name=0x7fdcf0992aa8, signature=0x7fdcf09bb518) at /opt/jprt/T/P1/091439.rbackman/s/hotspot/src/share/vm/oops/method.cpp:147 #12 0x00007fdd2791005a in Method::name_and_sig_as_C_string ( this=<optimized out>) at /opt/jprt/T/P1/091439.rbackman/s/hotspot/src/share/vm/oops/method.cpp:139 #13 0x00007fdd26cb5f2a in print_on (msg=0x7fdd27de6d80 "AOTCompiledMethod", st=0x7fdd285a0300 <VMError::log>, this=0x7fdd202806a0) at /opt/jprt/T/P1/091439.rbackman/s/hotspot/src/share/vm/aot/aotCompiledMethod.cpp:335 #14 AOTCompiledMethod::print_on (this=0x7fdd202806a0, st=0x7fdd285a0300 <VMError::log>) at /opt/jprt/T/P1/091439.rbackman/s/hotspot/src/share/vm/aot/aotCompiledMethod.cpp:324 #15 0x00007fdd279dcbac in os::print_location ( st=st@entry=0x7fdd285a0300 <VMError::log>, x=140587122290368, verbose=verbose@entry=false) at /opt/jprt/T/P1/091439.rbackman/s/hotspot/src/share/vm/runtime/os.cpp:977 #16 0x00007fdd279f5a2b in os::print_register_info ( st=0x7fdd285a0300 <VMError::log>, context=0x7fdcb18d7380) at /opt/jprt/T/P1/091439.rbackman/s/hotspot/src/os_cpu/linux_x86/vm/os_linux_x86.cpp:878 #17 0x00007fdd27d3c368 in VMError::report ( st=st@entry=0x7fdd285a0300 <VMError::log>, _verbose=_verbose@entry=true) at /opt/jprt/T/P1/091439.rbackman/s/hotspot/src/share/vm/utilities/vmError.cpp:642 #18 0x00007fdd27d3d0c2 in VMError::report_and_die (id=id@entry=-536870912, message=message@entry=0x7fdd27e72450 "assert(nm->insts_contains(original_pc)) failed", detail_fmt=detail_fmt@entry=0x7fdd27e72428 "original PC must be in CompiledMethod", detail_args=detail_args@entry=0x7fdcb18d5a98, thread=0x7fdcc01c6000, pc=pc@entry=0x0, siginfo=0x0, context=0x0, filename=0x7fdd27e72480 "/opt/jprt/T/P1/091439.rbackman/s/hotspot/src/cpu/x86/vm/frame_x86.cpp", lineno=379, size=0) at /opt/jprt/T/P1/091439.rbackman/s/hotspot/src/share/vm/utilities/vmError.cpp:1264 #19 0x00007fdd27d3de3f in VMError::report_and_die (thread=<optimized out>, filename=filename@entry=0x7fdd27e72480 "/opt/jprt/T/P1/091439.rbackman/s/hotspot/src/cpu/x86/vm/frame_x86.cpp", lineno=lineno@entry=379, message=message@entry=0x7fdd27e72450 "assert(nm->insts_contains(original_pc)) failed", detail_fmt=detail_fmt@entry=0x7fdd27e72428 "original PC must be in CompiledMethod", detail_args=detail_args@entry=0x7fdcb18d5a98) at /opt/jprt/T/P1/091439.rbackman/s/hotspot/src/share/vm/utilities/vmError.cpp:1128 #20 0x00007fdd271316dd in report_vm_error ( file=file@entry=0x7fdd27e72480 "/opt/jprt/T/P1/091439.rbackman/s/hotspot/src/cpu/x86/vm/frame_x86.cpp", line=line@entry=379, error_msg=error_msg@entry=0x7fdd27e72450 "assert(nm->insts_contains(original_pc)) failed", detail_fmt=detail_fmt@entry=0x7fdd27e72428 "original PC must be in CompiledMethod") at /opt/jprt/T/P1/091439.rbackman/s/hotspot/src/share/vm/utilities/debug.cpp:220 #21 0x00007fdd272827d3 in verify_deopt_original_pc ( unextended_sp=<optimized out>, nm=<optimized out>) at /opt/jprt/T/P1/091439.rbackman/s/hotspot/src/cpu/x86/vm/frame_x86.cpp:379 #22 frame::adjust_unextended_sp (this=this@entry=0x7fdcb18d5c40) at /opt/jprt/T/P1/091439.rbackman/s/hotspot/src/cpu/x86/vm/frame_x86.cpp:396 #23 0x00007fdd279f3cb1 in init ( pc=0x7fdd08078c04 "I\272\004\214\a\b\335\177", fp=<optimized out>, sp=<optimized out>, this=0x7fdcb18d5c40) at /opt/jprt/T/P1/091439.rbackman/s/hotspot/src/cpu/x86/vm/frame_x86.inline.hpp:51 #24 frame (pc=0x7fdd08078c04 "I\272\004\214\a\b\335\177", fp=<optimized out>, sp=<optimized out>, this=0x7fdcb18d5c40) at /opt/jprt/T/P1/091439.rbackman/s/hotspot/src/cpu/x86/vm/frame_x86.inline.hpp:63 #25 os::get_sender_for_C_frame (fr=fr@entry=0x7fdcb18d6ef0) at /opt/jprt/T/P1/091439.rbackman/s/hotspot/src/os_cpu/linux_x86/vm/os_linux_x86.cpp:227 #26 0x00007fdd2713b1fd in print_native_stack ( st=st@entry=0x7fdd285a0300 <VMError::log>, fr=..., t=0x7fdcc01c6000, buf=buf@entry=0x7fdd285a1c00 <VMError::report(outputStream*, bool)::buf> "flags\t\t: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat clflush mmx fxsr sse sse2 ht syscall nx lm constant_tsc rep_good nopl pni ssse3 cx16 sse4_1 sse4_2 hypervisor lahf_lm\n", buf_size=buf_size@entry=2000) at /opt/jprt/T/P1/091439.rbackman/s/hotspot/src/share/vm/utilities/debug.cpp:798 #27 0x00007fdd27d3b9e2 in VMError::report ( st=st@entry=0x7fdd285a0300 <VMError::log>, _verbose=_verbose@entry=true) at /opt/jprt/T/P1/091439.rbackman/s/hotspot/src/share/vm/utilities/vmError.cpp:600 #28 0x00007fdd27d3d0c2 in VMError::report_and_die (id=11, message=message@entry=0x0, detail_fmt=detail_fmt@entry=0x7fdd27e8c597 "%s", detail_args=detail_args@entry=0x7fdcb18d7128, thread=thread@entry=0x7fdcc01c6000, pc=pc@entry=0x7fdd07c192f0 "E\213\232", <incomplete sequence \304>, siginfo=0x7fdcb18d74b0, context=0x7fdcb18d7380, filename=0x0, lineno=0, size=0) at /opt/jprt/T/P1/091439.rbackman/s/hotspot/src/share/vm/utilities/vmError.cpp:1264 #29 0x00007fdd27d3dcfb in VMError::report_and_die ( thread=thread@entry=0x7fdcc01c6000, sig=sig@entry=11, pc=pc@entry=0x7fdd07c192f0 "E\213\232", <incomplete sequence \304>, siginfo=siginfo@entry=0x7fdcb18d74b0, context=context@entry=0x7fdcb18d7380, detail_fmt=detail_fmt@entry=0x7fdd27e8c597 "%s") at /opt/jprt/T/P1/091439.rbackman/s/hotspot/src/share/vm/utilities/vmError.cpp:1103 #30 0x00007fdd27d3dd2e in VMError::report_and_die ( thread=thread@entry=0x7fdcc01c6000, sig=sig@entry=11, pc=pc@entry=0x7fdd07c192f0 "E\213\232", <incomplete sequence \304>, siginfo=siginfo@entry=0x7fdcb18d74b0, context=context@entry=0x7fdcb18d7380) at /opt/jprt/T/P1/091439.rbackman/s/hotspot/src/share/vm/utilities/vmError.cpp:1109 #31 0x00007fdd279f3f0e in JVM_handle_linux_signal (sig=11, info=0x7fdcb18d74b0, ucVoid=0x7fdcb18d7380, abort_if_unrecognized=<optimized out>) at /opt/jprt/T/P1/091439.rbackman/s/hotspot/src/os_cpu/linux_x86/vm/os_linux_x86.cpp:610 #32 0x00007fdd279e2202 in signalHandler (sig=11, info=0x7fdcb18d74b0, uc=0x7fdcb18d7380) at /opt/jprt/T/P1/091439.rbackman/s/hotspot/src/os/linux/vm/os_linux.cpp:4206 #33 <signal handler called> #34 0x00007fdd07c192f0 in ?? () #35 0x00007fdcfd7bef24 in java.util.AbstractCollection.addAll(Ljava/util/Collection;)Z () from /export/home/aurora/CommonData/TEST_JAVA_HOME/lib/libjava.base-coop.so #36 0x00007fdcc01c6000 in ?? () #37 0x00007fdcb18d77b8 in ?? ()
16-12-2016
Looks like bad oop. The AOT code loads compressed class from oop, shift it and load through it: ;; 00007fdd07c192e8 44 8b 56 08 mov 0x8(%rsi),%r10d ;; 00007fdd07c192ec 49 c1 e2 03 shl $0x3,%r10 ;; --------------- ;; 00007fdd07c192f0 45 8b 9a c4 00 00 00 mov 0xc4(%r10),%r11d But RSI has bad value: RSI=0x00000000b36cd5c0 is an unallocated location in the heap
29-11-2016