JDK-8258229 : Crash in nmethod::reloc_string_for
  • Type: Bug
  • Component: hotspot
  • Sub-Component: compiler
  • Affected Version: 16,17,21,24
  • Priority: P4
  • Status: Resolved
  • Resolution: Fixed
  • Submitted: 2020-12-14
  • Updated: 2025-07-03
  • Resolved: 2025-05-06
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 25
25 b22Fixed
Related Reports
Causes :  
JDK-8357017 - UnexpectedDeoptimizationAllTest.java crashes in C1 during nmethod registration
Causes :  
JDK-8356310 - compiler/print/TestPrintAssemblyDeoptRace.java fails with Improperly specified VM option 'DeoptimizeALot'
Duplicate :  
JDK-8352655 - C2 crash: assert(which == call32_operand) failed: call has no disp32 or imm
Relates :  
JDK-8361259 - JDK25: Backout JDK-8258229
Relates :  
JDK-8357017 - UnexpectedDeoptimizationAllTest.java crashes in C1 during nmethod registration
Relates :  
JDK-8345784 - SIGSEGV on macOS in PcDescContainer::find_pc_desc_internal
Description
Running test/jdk/com/sun/crypto/provider/Cipher/RSA/TestOAEPPadding.java with -XX:CompileCommand=print,java.math.BitSieve::bit crashes:

# A fatal error has been detected by the Java Runtime Environment:
#
#  SIGSEGV (0xb) at pc=0x00007fddd64dc590, pid=436001, tid=436017
#
# JRE version: Java(TM) SE Runtime Environment (17.0) (build 17-internal+0-2020-10-05-1305423.tobias...)
# Java VM: Java HotSpot(TM) 64-Bit Server VM (17-internal+0-2020-10-05-1305423.tobias..., mixed mode, tiered, compressed oops, g1 gc, linux-amd64)
# Problematic frame:
# V  [libjvm.so+0xba3590]  nmethod::reloc_string_for(unsigned char*, unsigned char*)+0x240

Current CompileTask:
C2:    392  336       4       java.math.BitSieve::bit (7 bytes)

Stack: [0x00007fdd96c36000,0x00007fdd96d37000],  sp=0x00007fdd96d34b20,  free space=1018k
Native frames: (J=compiled Java code, A=aot compiled Java code, j=interpreted, Vv=VM code, C=native code)
V  [libjvm.so+0xba3590]  nmethod::reloc_string_for(unsigned char*, unsigned char*)+0x240
V  [libjvm.so+0xba3a2e]  nmethod::has_code_comment(unsigned char*, unsigned char*)+0x10e
V  [libjvm.so+0x65ab4f]  event_to_env(void*, char const*, void*)+0x26f

Crash happens here:

nmethod::reloc_string_for (this=this@entry=0x7fffe8b02c90, begin=begin@entry=0x7fffe8b02e20 "\351[\223", <incomplete sequence \370>, 
    end=end@entry=0x7fffe8b02e24 <incomplete sequence \370>) at /oracle/jdk/open/src/hotspot/share/code/nmethod.cpp:3007
3007	          else obj->print_value_on(&st);
(gdb) print obj
$1 = (Metadata *) 0x800f854935b
(gdb) print *obj
Cannot access memory at address 0x800f854935b
(gdb) list
3002	          stringStream st;
3003	          metadata_Relocation* r = iter.metadata_reloc();
3004	          Metadata* obj = r->metadata_value();
3005	          st.print("metadata(");
3006	          if (obj == NULL) st.print("NULL");
3007	          else obj->print_value_on(&st);
3008	          st.print(")");
3009	          return st.as_string();
3010	        }
3011	        case relocInfo::runtime_call_type:
Comments
The issue is fixed by JDK-8358821 in JDK26. The old fix has been reverted, so JDK25 is still affected until we backport that one.
03-07-2025
[~dlong], yes, let's back it out to be safe.
01-07-2025
[~mhaessig], [~mdoerr] is proposing that we back-out this change, because it caused JDK-8357017. What do you think? See also comments in JDK-8357017 and https://github.com/openjdk/jdk/pull/25764.
30-06-2025
Changeset: 1eee15ee Branch: master Author: Manuel Hässig <manuel.hassig@oracle.com> Committer: SendaoYan <syan@openjdk.org> Date: 2025-05-06 09:05:37 +0000 URL: https://git.openjdk.org/jdk/commit/1eee15eea692f57e35dd785bdd491411746ae3f1
06-05-2025
A pull request was submitted for review. Branch: master URL: https://git.openjdk.org/jdk/pull/24831 Date: 2025-04-23 15:12:54 +0000
24-04-2025
Nice work getting to the bottom of this, Manuel!
23-04-2025
Printing the assembly for a compiled method happens after the compiled code has been set as runnable. Hence, it can happen that the code deopts --- often due to class initialization, which happens quite quickly --- while the assembly is still printing. This leads to a race between the printing code and `make_not_entrant`. If `make_not_entrant`executes `patch_verified_entry` before printing the assembly code of the method prolog, we get this crash, because the relocation info for that pc (in this case metadata) does not match the jump instruction.
22-04-2025
Seems to be x86_64 specific. I cannot reproduce it on my ARM Mac.
14-01-2025
This is likely related to JDK-8345784 or even a duplicate. Targeting to JDK 25 to finally get this fixed.
10-12-2024
With the compiler/jvmci/jdk.vm.ci.runtime.test/src/jdk/vm/ci/runtime/test/* tests I'm hitting this: # A fatal error has been detected by the Java Runtime Environment: # # Internal Error (/opt/mach5/mesos/work_dir/slaves/8862186e-67f1-442a-b654-15b802343ea2-S15/frameworks/1735e8a2-a1db-478c-8104-60c8b0af87dd-0196/executors/4eeadd9d-f42f-48d5-8cf3-22f10b0f2f4f/runs/747f2f90-6700-4247-aa0a-7d05cf671027/workspace/open/src/hotspot/cpu/x86/assembler_x86.cpp:1179), pid=2232803, tid=2232822 # assert(which == call32_operand) failed: call has no disp32 or imm # # JRE version: Java(TM) SE Runtime Environment (25.0+2) (fastdebug build 25-ea+2-LTS-34) # Java VM: Java HotSpot(TM) 64-Bit Server VM (fastdebug 25-ea+2-LTS-34, mixed mode, sharing, tiered, jvmci, compressed oops, compressed class ptrs, g1 gc, linux-amd64) # Problematic frame: # V [libjvm.so+0x64142f] Assembler::locate_operand(unsigned char*, Assembler::WhichOperand)+0x5cf # # Core dump will be written. Default location: Core dumps may be processed with "/opt/core.sh %p" (or dumping to /opt/mach5/mesos/work_dir/slaves/77d1c7fe-b54e-4bf3-8aa9-ff6abf69eabc-S167/frameworks/1735e8a2-a1db-478c-8104-60c8b0af87dd-0196/executors/9dfbe747-2a52-4d33-97bf-4028a00417bd/runs/7510d1d0-7ff3-411b-8ca0-8a26d6a86d69/testoutput/test-support/jtreg_open_test_hotspot_jtreg_tier1_compiler_2/scratch/3/core.2232803) # # If you would like to submit a bug report, please visit: # https://bugreport.java.com/bugreport/crash.jsp # Current CompileTask: C2:5785 816 4 jdk.vm.ci.runtime.test.TypeUniverse::addClass (202 bytes) Stack: [0x00007f87c866d000,0x00007f87c876d000], sp=0x00007f87c87688e0, free space=1006k Native frames: (J=compiled Java code, j=interpreted, Vv=VM code, C=native code) V [libjvm.so+0x64142f] Assembler::locate_operand(unsigned char*, Assembler::WhichOperand)+0x5cf (assembler_x86.cpp:1179) V [libjvm.so+0x1679466] metadata_Relocation::metadata_value()+0x16 (relocInfo.cpp:578) V [libjvm.so+0x14d71a9] nmethod::reloc_string_for(unsigned char*, unsigned char*)+0x1d9 (nmethod.cpp:3571) V [libjvm.so+0x14d894b] nmethod::decode2(outputStream*) const+0x74b (nmethod.cpp:3794) V [libjvm.so+0x14d90bd] nmethod::print_nmethod(bool)+0x2bd (nmethod.cpp:1663) V [libjvm.so+0x929145] ciEnv::register_method(ciMethod*, int, CodeOffsets*, int, CodeBuffer*, int, OopMapSet*, ExceptionHandlerTable*, ImplicitExceptionTable*, AbstractCompiler*, bool, bool, bool, bool, int)+0x805 (ciEnv.cpp:1128) V [libjvm.so+0x1578955] PhaseOutput::install_code(ciMethod*, int, AbstractCompiler*, bool, bool)+0x125 (output.cpp:3447) V [libjvm.so+0xa5657b] Compile::Code_Gen()+0x5cb (compile.cpp:3030) V [libjvm.so+0xa5926f] Compile::Compile(ciEnv*, ciMethod*, int, Options, DirectiveSet*)+0x1c6f (compile.cpp:885) V [libjvm.so+0x8a20c5] C2Compiler::compile_method(ciEnv*, ciMethod*, int, bool, DirectiveSet*)+0x1d5 (c2compiler.cpp:142) V [libjvm.so+0xa65358] CompileBroker::invoke_compiler_on_method(CompileTask*)+0x928 (compileBroker.cpp:2319) V [libjvm.so+0xa66098] CompileBroker::compiler_thread_loop()+0x528 (compileBroker.cpp:1977) V [libjvm.so+0xf35c5c] JavaThread::thread_main_inner()+0xcc (javaThread.cpp:776) V [libjvm.so+0x187d3a6] Thread::call_run()+0xb6 (thread.cpp:232) V [libjvm.so+0x1557b28] thread_native_entry(Thread*)+0x128 (os_linux.cpp:860)
10-12-2024
Running tier1-tier4 with -XX:+UnlockDiagnosticVMOptions -XX:+PrintAssembly, I also hit this with various tests: Current CompileTask: C2:3085 1103 4 sun.security.ec.ECOperations$Secp256R1GeneratorMontgomeryMultiplier::bit (13 bytes) Stack: [0x00007fa98eb5f000,0x00007fa98ec5f000], sp=0x00007fa98ec5b060, free space=1008k Native frames: (J=compiled Java code, j=interpreted, Vv=VM code, C=native code) V [libjvm.so+0xd07549] nmethod::reloc_string_for(unsigned char*, unsigned char*)+0x319 (nmethod.cpp:3574) V [libjvm.so+0xd08a3b] nmethod::decode2(outputStream*) const+0x6cb (nmethod.cpp:3794) V [libjvm.so+0xd08eeb] nmethod::print_nmethod(bool)+0xdb (nmethod.cpp:1663) V [libjvm.so+0x5ea021] ciEnv::register_method(ciMethod*, int, CodeOffsets*, int, CodeBuffer*, int, OopMapSet*, ExceptionHandlerTable*, ImplicitExceptionTable*, AbstractCompiler*, bool, bool, bool, bool, int)+0x4b1 (ciEnv.cpp:1128) V [libjvm.so+0xd5914c] PhaseOutput::install_code(ciMethod*, int, AbstractCompiler*, bool, bool)+0xec (output.cpp:3447) V [libjvm.so+0x687556] Compile::Code_Gen()+0x6a6 (compile.cpp:3030) V [libjvm.so+0x68add7] Compile::Compile(ciEnv*, ciMethod*, int, Options, DirectiveSet*)+0x14a7 (compile.cpp:885) V [libjvm.so+0x5ae139] C2Compiler::compile_method(ciEnv*, ciMethod*, int, bool, DirectiveSet*)+0x1b9 (c2compiler.cpp:142) V [libjvm.so+0x69079a] CompileBroker::invoke_compiler_on_method(CompileTask*)+0xafa (compileBroker.cpp:2319) V [libjvm.so+0x693998] CompileBroker::compiler_thread_loop()+0x518 (compileBroker.cpp:1977) V [libjvm.so+0x94e768] JavaThread::thread_main_inner() [clone .part.0]+0xb8 (javaThread.cpp:776) V [libjvm.so+0xf3373f] Thread::call_run()+0x9f (thread.cpp:232) V [libjvm.so+0xd43926] thread_native_entry(Thread*)+0xd6 (os_linux.cpp:860) Current CompileTask: C2:5385 1372 4 java.math.BitSieve::bit (7 bytes) Stack: [0x00007f0713442000,0x00007f0713542000], sp=0x00007f071353e060, free space=1008k Native frames: (J=compiled Java code, j=interpreted, Vv=VM code, C=native code) V [libjvm.so+0xd07549] nmethod::reloc_string_for(unsigned char*, unsigned char*)+0x319 (nmethod.cpp:3574) V [libjvm.so+0xd08a3b] nmethod::decode2(outputStream*) const+0x6cb (nmethod.cpp:3794) V [libjvm.so+0xd08eeb] nmethod::print_nmethod(bool)+0xdb (nmethod.cpp:1663) V [libjvm.so+0x5ea021] ciEnv::register_method(ciMethod*, int, CodeOffsets*, int, CodeBuffer*, int, OopMapSet*, ExceptionHandlerTable*, ImplicitExceptionTable*, AbstractCompiler*, bool, bool, bool, bool, int)+0x4b1 (ciEnv.cpp:1128) V [libjvm.so+0xd5914c] PhaseOutput::install_code(ciMethod*, int, AbstractCompiler*, bool, bool)+0xec (output.cpp:3447) V [libjvm.so+0x687556] Compile::Code_Gen()+0x6a6 (compile.cpp:3030) V [libjvm.so+0x68add7] Compile::Compile(ciEnv*, ciMethod*, int, Options, DirectiveSet*)+0x14a7 (compile.cpp:885) V [libjvm.so+0x5ae139] C2Compiler::compile_method(ciEnv*, ciMethod*, int, bool, DirectiveSet*)+0x1b9 (c2compiler.cpp:142) V [libjvm.so+0x69079a] CompileBroker::invoke_compiler_on_method(CompileTask*)+0xafa (compileBroker.cpp:2319) V [libjvm.so+0x693998] CompileBroker::compiler_thread_loop()+0x518 (compileBroker.cpp:1977) V [libjvm.so+0x94e768] JavaThread::thread_main_inner() [clone .part.0]+0xb8 (javaThread.cpp:776) V [libjvm.so+0xf3373f] Thread::call_run()+0x9f (thread.cpp:232) V [libjvm.so+0xd43926] thread_native_entry(Thread*)+0xd6 (os_linux.cpp:860) Current CompileTask: C2:7574 1468 4 java.math.BitSieve::unitIndex (5 bytes) Stack: [0x00007f528023a000,0x00007f528033a000], sp=0x00007f5280336060, free space=1008k Native frames: (J=compiled Java code, j=interpreted, Vv=VM code, C=native code) V [libjvm.so+0xd07549] nmethod::reloc_string_for(unsigned char*, unsigned char*)+0x319 (nmethod.cpp:3574) V [libjvm.so+0xd08a3b] nmethod::decode2(outputStream*) const+0x6cb (nmethod.cpp:3794) V [libjvm.so+0xd08eeb] nmethod::print_nmethod(bool)+0xdb (nmethod.cpp:1663) V [libjvm.so+0x5ea021] ciEnv::register_method(ciMethod*, int, CodeOffsets*, int, CodeBuffer*, int, OopMapSet*, ExceptionHandlerTable*, ImplicitExceptionTable*, AbstractCompiler*, bool, bool, bool, bool, int)+0x4b1 (ciEnv.cpp:1128) V [libjvm.so+0xd5914c] PhaseOutput::install_code(ciMethod*, int, AbstractCompiler*, bool, bool)+0xec (output.cpp:3447) V [libjvm.so+0x687556] Compile::Code_Gen()+0x6a6 (compile.cpp:3030) V [libjvm.so+0x68add7] Compile::Compile(ciEnv*, ciMethod*, int, Options, DirectiveSet*)+0x14a7 (compile.cpp:885) V [libjvm.so+0x5ae139] C2Compiler::compile_method(ciEnv*, ciMethod*, int, bool, DirectiveSet*)+0x1b9 (c2compiler.cpp:142) V [libjvm.so+0x69079a] CompileBroker::invoke_compiler_on_method(CompileTask*)+0xafa (compileBroker.cpp:2319) V [libjvm.so+0x693998] CompileBroker::compiler_thread_loop()+0x518 (compileBroker.cpp:1977) V [libjvm.so+0x94e768] JavaThread::thread_main_inner() [clone .part.0]+0xb8 (javaThread.cpp:776) V [libjvm.so+0xf3373f] Thread::call_run()+0x9f (thread.cpp:232) V [libjvm.so+0xd43926] thread_native_entry(Thread*)+0xd6 (os_linux.cpp:860)
10-12-2024
This still reproduces: ~/Documents/jtreg/bin/jtreg -va -s -jdk:/home/emanuel/Documents/fork4-jdk/build/linux-x64-slowdebug/jdk/ -javaoptions:"-XX:CompileCommand=print,java.math.BitSieve::bit -XX:+UnlockDiagnosticVMOptions -XX:-TieredCompilation" -J-Djavatest.maxOutputSize=1000000 -timeoutFactor:10 ~/Documents/fork4-jdk/open/test/jdk/com/sun/crypto/provider/Cipher/RSA/TestOAEPPadding.java # Internal Error (/home/emanuel/Documents/fork4-jdk/open/src/hotspot/cpu/x86/assembler_x86.cpp:1119), pid=1239041, tid=1239057 # assert(which == call32_operand) failed: call has no disp32 or imm Also the smaller test: ./java -XX:CompileCommand=print,java.math.BitSieve::bit -XX:+UnlockDiagnosticVMOptions -XX:-TieredCompilation Test.java # Internal Error (/home/emanuel/Documents/fork4-jdk/open/src/hotspot/cpu/x86/assembler_x86.cpp:1119), pid=1239238, tid=1239251 # assert(which == call32_operand) failed: call has no disp32 or imm
23-01-2023
Updated ILW = Crash during nmethod printing, intermittent but reproducible with -XX:+PrintAssembly, no workaround but disable diagnostic output = MLM = P4
06-04-2021
Crash happened during the execution of "jmpq" instruction Compiled method (c2) 798 205 java.math.BitSieve::bit (7 bytes) total in heap [0x00007ffbd115c490,0x00007ffbd115c7b8] = 808 relocation [0x00007ffbd115c608,0x00007ffbd115c630] = 40 main code [0x00007ffbd115c640,0x00007ffbd115c700] = 192 ... (gdb) x/192i 0x00007ffbd115c640 0x7ffbd115c640: jmpq 0x7ffbd1115320 0x7ffbd115c645: add %cl,(%rax) 0x7ffbd115c647: add %al,(%rax) 0x7ffbd115c649: add %al,-0x80(%rcx) 0x7ffbd115c64c: mov $0x143,%edx 0x7ffbd115c651: add $0xf,%al 0x7ffbd115c653: test %dl,(%rdx) 0x7ffbd115c655: add %al,(%rax) 0x7ffbd115c657: add %cl,0x3b(%rbp) 0x7ffbd115c65a: mov $0x148,%edx 0x7ffbd115c65f: je 0x7ffbd115c66a 0x7ffbd115c665: jmpq 0x7ffbd1115320 0x7ffbd115c66a: mov %eax,-0x16000(%rsp) 0x7ffbd115c671: push %rbp 0x7ffbd115c672: sub $0x10,%rsp 0x7ffbd115c676: movabs $0x8000afba8,%r10 jmpq instruction at "0x7ffbd115c640" has resulted into crash, whereas same jmpq at "0x7ffbd115c665" has no issues
05-04-2021
The crash started occuring with the change of JDK-8225429, which has changed diagnostic printing options of disassembling a single instruction. Changeset causing the failure src/hotspot/share/compiler/abstractDisassembler.cpp -bool AbstractDisassembler::_align_instr = false; +bool AbstractDisassembler::_align_instr = true; bool AbstractDisassembler::_show_pc = true; bool AbstractDisassembler::_show_offset = false; -bool AbstractDisassembler::_show_structs = false; -bool AbstractDisassembler::_show_comment = false; -bool AbstractDisassembler::_show_block_comment = false; +bool AbstractDisassembler::_show_structs = true; +bool AbstractDisassembler::_show_comment = true; +bool AbstractDisassembler::_show_block_comment = true; The below one liner change is sufficient to cause the crash +bool AbstractDisassembler::_show_comment = true; Rather than calling it as regression, it has enabled additional printing that has lead this crash. Investigating more for the crash.
17-03-2021
This regression started in 13 ea b25 onwards. 13 ea b24 - No crash 13 ea b25 - Crash Looking into all the possible changes for regression
16-03-2021
Smaller testcase to reproduce the problem (Test.java attached) java -XX:CompileCommand=print,java.math.BitSieve::bit -XX:+UnlockDiagnosticVMOptions -XX:+PrintAssembly -XX:-TieredCompilation Test
12-03-2021
With fastdebug, I'm now seeing this: /home/tobias/programs/jtreg/bin/jtreg -jdk:/home/tobias/Downloads/jdk-17/fastdebug/ -verbose:all -javaoptions:"-XX:CompileCommand=print,java.math.BitSieve::bit -XX:+UnlockDiagnosticVMOptions -XX:-TieredCompilation" -J-Djavatest.maxOutputSize=1000000 -e:LD_LIBRARY_PATH=/oracle/documents/misc/ -timeoutFactor:10 test/jdk/com/sun/crypto/provider/Cipher/RSA/TestOAEPPadding.java # A fatal error has been detected by the Java Runtime Environment: # # Internal Error (workspace/open/src/hotspot/cpu/x86/assembler_x86.cpp:1060), pid=715815, tid=715837 # assert(which == call32_operand) failed: call has no disp32 or immCurrent CompileTask: C2: 321 107 java.math.BitSieve::bit (7 bytes) Stack: [0x00007fd4b78f8000,0x00007fd4b79f9000], sp=0x00007fd4b79f7430, free space=1021k Native frames: (J=compiled Java code, A=aot compiled Java code, j=interpreted, Vv=VM code, C=native code) V [libjvm.so+0x5f1b6b] Assembler::locate_operand(unsigned char*, Assembler::WhichOperand)+0x3bb V [libjvm.so+0x1663383] RelocIterator::print_current()+0x533 V [libjvm.so+0x1663f20] RelocIterator::print()+0x270 V [libjvm.so+0x14b2ae1] nmethod::print_relocations()+0x81 V [libjvm.so+0x14b752d] nmethod::print_nmethod(bool)+0x27d V [libjvm.so+0xa1fe96] CompileBroker::invoke_compiler_on_method(CompileTask*)+0x7e6 V [libjvm.so+0xa21278] CompileBroker::compiler_thread_loop()+0x5a8 V [libjvm.so+0x1841c51] JavaThread::thread_main_inner()+0x271 V [libjvm.so+0x1849ea0] Thread::call_run()+0x100 V [libjvm.so+0x15354e6] thread_native_entry(Thread*)+0x116
12-03-2021
ILW = Crash during nmethod printing, intermittent but reproducible with -XX:+PrintAssembly, no workaround but disable diagnostic output = MMM = P3
14-12-2020