-
Bug
-
Resolution: Fixed
-
P3
-
22
-
b19
#
# A fatal error has been detected by the Java Runtime Environment:
#
# SIGSEGV (0xb) at pc=0x00007f3db3c490aa, pid=3932685, tid=3932735
#
# JRE version: Java(TM) SE Runtime Environment (22.0+1) (fastdebug build 22-galahad+1-52)
# Java VM: Java HotSpot(TM) 64-Bit Server VM (fastdebug 22-galahad+1-52, mixed mode, sharing, jvmci, jvmci compiler, compressed oops, compressed class ptrs, serial gc, linux-amd64)
# Problematic frame:
# V [libjvm.so+0x10940aa] JVMCIEnv::initialize_installed_code(JVMCIObject, CodeBlob*, JVMCIEnv*)+0x8a
#
Current thread (0x00007f3524034a90): JavaThread "JVMCI-native CompilerThread2" daemon [_thread_in_vm, id=3932735, stack(0x00007f3db10e3000,0x00007f3db12e4000) (2052K)]
Current CompileTask:
JVMCI-native: 24756 433 % nsk.share.test.LocalRandom::nextBytes @ 22 (62 bytes)
Stack: [0x00007f3db10e3000,0x00007f3db12e4000], sp=0x00007f3db12e1680, free space=2041k
Native frames: (J=compiled Java code, j=interpreted, Vv=VM code, C=native code)
V [libjvm.so+0x10940aa] JVMCIEnv::initialize_installed_code(JVMCIObject, CodeBlob*, JVMCIEnv*)+0x8a (jvmciEnv.cpp:1673)
V [libjvm.so+0x1054025] c2v_installCode0(JNIEnv_*, _jobject*, long, long, bool, _jobject*, _jobjectArray*, _jobject*, long, _jbyteArray*)+0x6e5 (jvmciCompilerToVM.cpp:1138)
C [libjvmcicompiler.so+0xf60da1] int jdk.vm.ci.hotspot.CompilerToVM::installCode0(long, long, bool, jdk.vm.ci.hotspot.HotSpotCompiledCode*, java.lang.Object[]*, jdk.vm.ci.code.InstalledCode*, long, byte[]*)+0x171
C [libjvmcicompiler.so+0xf60b50] int jdk.vm.ci.hotspot.CompilerToVM::installCode(jdk.vm.ci.hotspot.HotSpotCompiledCode*, jdk.vm.ci.code.InstalledCode*, long, byte[]*)+0x170
C [libjvmcicompiler.so+0xf65fb7] jdk.vm.ci.code.InstalledCode* jdk.vm.ci.hotspot.HotSpotCodeCacheProvider::installCode(jdk.vm.ci.meta.ResolvedJavaMethod*, jdk.vm.ci.code.CompiledCode*, jdk.vm.ci.code.InstalledCode*, jdk.vm.ci.meta.SpeculationLog*, bool)+0x167
C [libjvmcicompiler.so+0x1156ed4] jdk.vm.ci.code.InstalledCode* org.graalvm.compiler.core.target.Backend::createInstalledCode(org.graalvm.compiler.debug.DebugContext*, jdk.vm.ci.meta.ResolvedJavaMethod*, jdk.vm.ci.code.CompilationRequest*, org.graalvm.compiler.code.CompilationResult*, jdk.vm.ci.code.InstalledCode*, bool, java.lang.Object[]*)+0x654
C [libjvmcicompiler.so+0x123ab35] void org.graalvm.compiler.hotspot.CompilationTask::installMethod(org.graalvm.compiler.debug.DebugContext*, org.graalvm.compiler.nodes.StructuredGraph*, org.graalvm.compiler.code.CompilationResult*)+0x245
C [libjvmcicompiler.so+0x1238dd2] jdk.vm.ci.hotspot.HotSpotCompilationRequestResult* org.graalvm.compiler.hotspot.CompilationTask$HotSpotCompilationWrapper::performCompilation(org.graalvm.compiler.debug.DebugContext*)+0x2d2
C [libjvmcicompiler.so+0x1238aeb] java.lang.Object* org.graalvm.compiler.hotspot.CompilationTask$HotSpotCompilationWrapper::performCompilation(org.graalvm.compiler.debug.DebugContext*)+0x1b
C [libjvmcicompiler.so+0x1071912] java.lang.Object* org.graalvm.compiler.core.CompilationWrapper::run(org.graalvm.compiler.debug.DebugContext*)+0x62
C [libjvmcicompiler.so+0x123bf6c] jdk.vm.ci.hotspot.HotSpotCompilationRequestResult* org.graalvm.compiler.hotspot.CompilationTask::runCompilation(org.graalvm.compiler.debug.DebugContext*, org.graalvm.compiler.hotspot.CompilationTask$HotSpotCompilationWrapper*)+0x17c
C [libjvmcicompiler.so+0x123bb38] jdk.vm.ci.hotspot.HotSpotCompilationRequestResult* org.graalvm.compiler.hotspot.CompilationTask::runCompilation(org.graalvm.compiler.debug.DebugContext*)+0x58
C [libjvmcicompiler.so+0x1264e1e] jdk.vm.ci.code.CompilationRequestResult* org.graalvm.compiler.hotspot.HotSpotGraalCompiler::compileMethod(jdk.vm.ci.code.CompilationRequest*, bool, org.graalvm.compiler.options.OptionValues*)+0x52e
C [libjvmcicompiler.so+0x126480b] jdk.vm.ci.code.CompilationRequestResult* org.graalvm.compiler.hotspot.HotSpotGraalCompiler::compileMethod(org.graalvm.compiler.hotspot.HotSpotGraalCompiler*, jdk.vm.ci.code.CompilationRequest*)+0xbb
C [libjvmcicompiler.so+0xf83295] jdk.vm.ci.hotspot.HotSpotCompilationRequestResult* jdk.vm.ci.hotspot.HotSpotJVMCIRuntime::compileMethod(jdk.vm.ci.hotspot.HotSpotResolvedJavaMethod*, int, long, int)+0x145
C [libjvmcicompiler.so+0x747319] long com.oracle.svm.core.jni.JNIJavaCallWrapperHolder::invoke_AIJI_A(long, long, int, long, int, long, int)+0x279
C [libjvmcicompiler.so+0x730e37] long com.oracle.svm.core.jni.JNIJavaCallVariantWrapperHolder::invokeJJIJIJI_J_VA_LIST_Nonvirtual(long, long, long, long, long)+0x177
V [libjvm.so+0x10a29da] JNIEnv_::CallNonvirtualObjectMethod(_jobject*, _jclass*, _jmethodID*, ...)+0x7a (jni.h:1081)
V [libjvm.so+0x108e759] JVMCIEnv::call_HotSpotJVMCIRuntime_compileMethod(JVMCIObject, JVMCIObject, int, long, int)+0x2a9 (jvmciEnv.cpp:953)
V [libjvm.so+0x10edd37] JVMCIRuntime::compile_method(JVMCIEnv*, JVMCICompiler*, methodHandle const&, int)+0x117 (jvmciRuntime.cpp:2073)
V [libjvm.so+0x9fcc92] CompileBroker::invoke_compiler_on_method(CompileTask*)+0xf32 (compileBroker.cpp:2230)
V [libjvm.so+0x9fd428] CompileBroker::compiler_thread_loop()+0x4c8 (compileBroker.cpp:1946)
V [libjvm.so+0xebaf4c] JavaThread::thread_main_inner()+0xcc (javaThread.cpp:720)
V [libjvm.so+0x17a242a] Thread::call_run()+0xba (thread.cpp:220)
V [libjvm.so+0x14a763a] thread_native_entry(Thread*)+0x12a (os_linux.cpp:786)
Seen when running vmTestbase/nsk/sysdict/vm/stress/btree/btree011/btree011.java
The crash shown above is happening here: https://github.com/openjdk/jdk/blob/287b24322135b54641f013970c4545ce069c4350/src/hotspot/share/jvmci/jvmciEnv.cpp#L1673
Just prior to the crash, the caller also calls `cb->is_nmethod()`: https://github.com/openjdk/jdk/blob/287b24322135b54641f013970c4545ce069c4350/src/hotspot/share/jvmci/jvmciCompilerToVM.cpp#L1135
This implies that in between these 2 calls, at least one safepoint has occurred during which the CodeBlob pointed to by `cb` was reclaimed and so `cb` is pointing at random memory. There are safepoints for each call back into libgraal since they are JNI calls. The most obvious candidates in this case are https://github.com/openjdk/jdk/blob/287b24322135b54641f013970c4545ce069c4350/src/hotspot/share/jvmci/jvmciEnv.cpp#L1665 and https://github.com/openjdk/jdk/blob/287b24322135b54641f013970c4545ce069c4350/src/hotspot/share/jvmci/jvmciEnv.cpp#L1668 .
# A fatal error has been detected by the Java Runtime Environment:
#
# SIGSEGV (0xb) at pc=0x00007f3db3c490aa, pid=3932685, tid=3932735
#
# JRE version: Java(TM) SE Runtime Environment (22.0+1) (fastdebug build 22-galahad+1-52)
# Java VM: Java HotSpot(TM) 64-Bit Server VM (fastdebug 22-galahad+1-52, mixed mode, sharing, jvmci, jvmci compiler, compressed oops, compressed class ptrs, serial gc, linux-amd64)
# Problematic frame:
# V [libjvm.so+0x10940aa] JVMCIEnv::initialize_installed_code(JVMCIObject, CodeBlob*, JVMCIEnv*)+0x8a
#
Current thread (0x00007f3524034a90): JavaThread "JVMCI-native CompilerThread2" daemon [_thread_in_vm, id=3932735, stack(0x00007f3db10e3000,0x00007f3db12e4000) (2052K)]
Current CompileTask:
JVMCI-native: 24756 433 % nsk.share.test.LocalRandom::nextBytes @ 22 (62 bytes)
Stack: [0x00007f3db10e3000,0x00007f3db12e4000], sp=0x00007f3db12e1680, free space=2041k
Native frames: (J=compiled Java code, j=interpreted, Vv=VM code, C=native code)
V [libjvm.so+0x10940aa] JVMCIEnv::initialize_installed_code(JVMCIObject, CodeBlob*, JVMCIEnv*)+0x8a (jvmciEnv.cpp:1673)
V [libjvm.so+0x1054025] c2v_installCode0(JNIEnv_*, _jobject*, long, long, bool, _jobject*, _jobjectArray*, _jobject*, long, _jbyteArray*)+0x6e5 (jvmciCompilerToVM.cpp:1138)
C [libjvmcicompiler.so+0xf60da1] int jdk.vm.ci.hotspot.CompilerToVM::installCode0(long, long, bool, jdk.vm.ci.hotspot.HotSpotCompiledCode*, java.lang.Object[]*, jdk.vm.ci.code.InstalledCode*, long, byte[]*)+0x171
C [libjvmcicompiler.so+0xf60b50] int jdk.vm.ci.hotspot.CompilerToVM::installCode(jdk.vm.ci.hotspot.HotSpotCompiledCode*, jdk.vm.ci.code.InstalledCode*, long, byte[]*)+0x170
C [libjvmcicompiler.so+0xf65fb7] jdk.vm.ci.code.InstalledCode* jdk.vm.ci.hotspot.HotSpotCodeCacheProvider::installCode(jdk.vm.ci.meta.ResolvedJavaMethod*, jdk.vm.ci.code.CompiledCode*, jdk.vm.ci.code.InstalledCode*, jdk.vm.ci.meta.SpeculationLog*, bool)+0x167
C [libjvmcicompiler.so+0x1156ed4] jdk.vm.ci.code.InstalledCode* org.graalvm.compiler.core.target.Backend::createInstalledCode(org.graalvm.compiler.debug.DebugContext*, jdk.vm.ci.meta.ResolvedJavaMethod*, jdk.vm.ci.code.CompilationRequest*, org.graalvm.compiler.code.CompilationResult*, jdk.vm.ci.code.InstalledCode*, bool, java.lang.Object[]*)+0x654
C [libjvmcicompiler.so+0x123ab35] void org.graalvm.compiler.hotspot.CompilationTask::installMethod(org.graalvm.compiler.debug.DebugContext*, org.graalvm.compiler.nodes.StructuredGraph*, org.graalvm.compiler.code.CompilationResult*)+0x245
C [libjvmcicompiler.so+0x1238dd2] jdk.vm.ci.hotspot.HotSpotCompilationRequestResult* org.graalvm.compiler.hotspot.CompilationTask$HotSpotCompilationWrapper::performCompilation(org.graalvm.compiler.debug.DebugContext*)+0x2d2
C [libjvmcicompiler.so+0x1238aeb] java.lang.Object* org.graalvm.compiler.hotspot.CompilationTask$HotSpotCompilationWrapper::performCompilation(org.graalvm.compiler.debug.DebugContext*)+0x1b
C [libjvmcicompiler.so+0x1071912] java.lang.Object* org.graalvm.compiler.core.CompilationWrapper::run(org.graalvm.compiler.debug.DebugContext*)+0x62
C [libjvmcicompiler.so+0x123bf6c] jdk.vm.ci.hotspot.HotSpotCompilationRequestResult* org.graalvm.compiler.hotspot.CompilationTask::runCompilation(org.graalvm.compiler.debug.DebugContext*, org.graalvm.compiler.hotspot.CompilationTask$HotSpotCompilationWrapper*)+0x17c
C [libjvmcicompiler.so+0x123bb38] jdk.vm.ci.hotspot.HotSpotCompilationRequestResult* org.graalvm.compiler.hotspot.CompilationTask::runCompilation(org.graalvm.compiler.debug.DebugContext*)+0x58
C [libjvmcicompiler.so+0x1264e1e] jdk.vm.ci.code.CompilationRequestResult* org.graalvm.compiler.hotspot.HotSpotGraalCompiler::compileMethod(jdk.vm.ci.code.CompilationRequest*, bool, org.graalvm.compiler.options.OptionValues*)+0x52e
C [libjvmcicompiler.so+0x126480b] jdk.vm.ci.code.CompilationRequestResult* org.graalvm.compiler.hotspot.HotSpotGraalCompiler::compileMethod(org.graalvm.compiler.hotspot.HotSpotGraalCompiler*, jdk.vm.ci.code.CompilationRequest*)+0xbb
C [libjvmcicompiler.so+0xf83295] jdk.vm.ci.hotspot.HotSpotCompilationRequestResult* jdk.vm.ci.hotspot.HotSpotJVMCIRuntime::compileMethod(jdk.vm.ci.hotspot.HotSpotResolvedJavaMethod*, int, long, int)+0x145
C [libjvmcicompiler.so+0x747319] long com.oracle.svm.core.jni.JNIJavaCallWrapperHolder::invoke_AIJI_A(long, long, int, long, int, long, int)+0x279
C [libjvmcicompiler.so+0x730e37] long com.oracle.svm.core.jni.JNIJavaCallVariantWrapperHolder::invokeJJIJIJI_J_VA_LIST_Nonvirtual(long, long, long, long, long)+0x177
V [libjvm.so+0x10a29da] JNIEnv_::CallNonvirtualObjectMethod(_jobject*, _jclass*, _jmethodID*, ...)+0x7a (jni.h:1081)
V [libjvm.so+0x108e759] JVMCIEnv::call_HotSpotJVMCIRuntime_compileMethod(JVMCIObject, JVMCIObject, int, long, int)+0x2a9 (jvmciEnv.cpp:953)
V [libjvm.so+0x10edd37] JVMCIRuntime::compile_method(JVMCIEnv*, JVMCICompiler*, methodHandle const&, int)+0x117 (jvmciRuntime.cpp:2073)
V [libjvm.so+0x9fcc92] CompileBroker::invoke_compiler_on_method(CompileTask*)+0xf32 (compileBroker.cpp:2230)
V [libjvm.so+0x9fd428] CompileBroker::compiler_thread_loop()+0x4c8 (compileBroker.cpp:1946)
V [libjvm.so+0xebaf4c] JavaThread::thread_main_inner()+0xcc (javaThread.cpp:720)
V [libjvm.so+0x17a242a] Thread::call_run()+0xba (thread.cpp:220)
V [libjvm.so+0x14a763a] thread_native_entry(Thread*)+0x12a (os_linux.cpp:786)
Seen when running vmTestbase/nsk/sysdict/vm/stress/btree/btree011/btree011.java
The crash shown above is happening here: https://github.com/openjdk/jdk/blob/287b24322135b54641f013970c4545ce069c4350/src/hotspot/share/jvmci/jvmciEnv.cpp#L1673
Just prior to the crash, the caller also calls `cb->is_nmethod()`: https://github.com/openjdk/jdk/blob/287b24322135b54641f013970c4545ce069c4350/src/hotspot/share/jvmci/jvmciCompilerToVM.cpp#L1135
This implies that in between these 2 calls, at least one safepoint has occurred during which the CodeBlob pointed to by `cb` was reclaimed and so `cb` is pointing at random memory. There are safepoints for each call back into libgraal since they are JNI calls. The most obvious candidates in this case are https://github.com/openjdk/jdk/blob/287b24322135b54641f013970c4545ce069c4350/src/hotspot/share/jvmci/jvmciEnv.cpp#L1665 and https://github.com/openjdk/jdk/blob/287b24322135b54641f013970c4545ce069c4350/src/hotspot/share/jvmci/jvmciEnv.cpp#L1668 .
