Skip to content
This repository has been archived by the owner on Apr 24, 2023. It is now read-only.
/ jdk20 Public archive

8294744: AArch64: applications/kitchensink/Kitchensink.java crashed: assert(oopDesc::is_oop(obj)) failed: not an oop #85

Closed
wants to merge 3 commits into from

Conversation

pchilano
Copy link
Contributor

@pchilano pchilano commented Jan 5, 2023

Please review the following patch. The value we set initially for extended_sp on natives frames doesn't account for the oop that could be pushed to the stack in case the method throws an exception. This can create a situation in Interpreter::_throw_exception_entry where we push an exception oop to the Java expression stack below the actual physical stack pointer. When JFR is present though a JavaThread could receive a suspend signal right after that push. On Linux aarch64, because there is no red zone defined (nor implemented it seems), the pushed oop gets overwritten during the setup and execution of the signal handler. This later leads to a crash when popping the oop back and rethrowing in the caller of the native method. There are more details in the bug comments.

To fix it I used the same technique we use for normal Java frames, i.e. add extra space to extended_sp when creating the frame to account for the max space needed.



I tested the patch by running Kitchensink.java around 150 times on mach5 with no failures (without the patch 50 runs would already show ~10 failures on average). I also run tiers1-6 for sanity check.

Thanks,
Patricio


Progress

  • Change must be properly reviewed (1 review required, with at least 1 Reviewer)
  • Change must not contain extraneous whitespace
  • Commit message must refer to an issue

Issue

  • JDK-8294744: AArch64: applications/kitchensink/Kitchensink.java crashed: assert(oopDesc::is_oop(obj)) failed: not an oop

Reviewers

Contributors

  • Fei Yang <fyang@openjdk.org>

Reviewing

Using git

Checkout this PR locally:
$ git fetch https://git.openjdk.org/jdk20 pull/85/head:pull/85
$ git checkout pull/85

Update a local copy of the PR:
$ git checkout pull/85
$ git pull https://git.openjdk.org/jdk20 pull/85/head

Using Skara CLI tools

Checkout this PR locally:
$ git pr checkout 85

View PR using the GUI difftool:
$ git pr show -t 85

Using diff file

Download this PR as a diff file:
https://git.openjdk.org/jdk20/pull/85.diff

@bridgekeeper
Copy link

bridgekeeper bot commented Jan 5, 2023

👋 Welcome back pchilanomate! A progress list of the required criteria for merging this PR into master will be added to the body of your pull request. There are additional pull request commands available for use with this pull request.

@openjdk
Copy link

openjdk bot commented Jan 5, 2023

@pchilano The following label will be automatically applied to this pull request:

  • hotspot

When this pull request is ready to be reviewed, an "RFR" email will be sent to the corresponding mailing list. If you would like to change these labels, use the /label pull request command.

@openjdk openjdk bot added the hotspot hotspot-dev@openjdk.org label Jan 5, 2023
@pchilano pchilano marked this pull request as ready for review January 5, 2023 20:50
@openjdk openjdk bot added the rfr Pull request is ready for review label Jan 5, 2023
@mlbridge
Copy link

mlbridge bot commented Jan 5, 2023

Webrevs

@pchilano pchilano changed the title 8294744: applications/kitchensink/Kitchensink.java crashed: assert(oopDesc::is_oop(obj)) failed: not an oop 8294744: AArch64: applications/kitchensink/Kitchensink.java crashed: assert(oopDesc::is_oop(obj)) failed: not an oop Jan 6, 2023
@openjdk
Copy link

openjdk bot commented Jan 7, 2023

@pchilano This change now passes all automated pre-integration checks.

ℹ️ This project also has non-automated pre-integration requirements. Please see the file CONTRIBUTING.md for details.

After integration, the commit message for the final commit will be:

8294744: AArch64: applications/kitchensink/Kitchensink.java crashed: assert(oopDesc::is_oop(obj)) failed: not an oop

Co-authored-by: Fei Yang <fyang@openjdk.org>
Reviewed-by: aph, fyang, dcubed

You can use pull request commands such as /summary, /contributor and /issue to adjust it as needed.

At the time when this comment was updated there had been 4 new commits pushed to the master branch:

  • 21d468e: 8299733: AArch64: "unexpected literal addressing mode" assertion failure with -XX:+PrintC1Statistics
  • 5826a07: 8299693: Change to Xcode12.4+1.1 devkit for building on macOS at Oracle
  • d49851a: 8299689: Make use of JLine for Console as "opt-in"
  • 1f141bd: 8299705: JCov coverage runs depend on jdk_symbols

Please see this link for an up-to-date comparison between the source branch of this pull request and the master branch.
As there are no conflicts, your changes will automatically be rebased on top of these commits when integrating. If you prefer to avoid this automatic rebasing, please check the documentation for the /integrate command for further details.

➡️ To integrate this PR with the above commit message to the master branch, type /integrate in a new comment.

@openjdk openjdk bot added the ready Pull request is ready to be integrated label Jan 7, 2023
@RealFYang
Copy link
Member

RealFYang commented Jan 9, 2023

Looks good to me.
JVM on linux-riscv64 bears the same problem as it has the same code flow as aarch64 on this part [1][2]. And linux-riscv64 doesn't have a redzone defined/implemented either, which I have verified with a small C program with inline assembly like you do for x86 and aarch64. So I have prepared a fix for linux-riscv64. This has passed sanity tests on HiFive Unmatched.
Could you please add this change while you are on it?

diff --git a/src/hotspot/cpu/riscv/templateInterpreterGenerator_riscv.cpp b/src/hotspot/cpu/riscv/templateInterpreterGenerator_riscv.cpp
index 49a2b87c232..213e360c20e 100644
--- a/src/hotspot/cpu/riscv/templateInterpreterGenerator_riscv.cpp
+++ b/src/hotspot/cpu/riscv/templateInterpreterGenerator_riscv.cpp
@@ -776,8 +776,12 @@ void TemplateInterpreterGenerator::generate_fixed_frame(bool native_call) {
     // Move SP out of the way
     __ mv(sp, t0);
   } else {
-    __ sd(sp, Address(sp, 5 * wordSize));
+    // Make sure there is room for the exception oop pushed in case method throws
+    // an exception (see TemplateInterpreterGenerator::generate_throw_exception())
+    __ sub(t0, sp, 2 * wordSize);
+    __ sd(t0, Address(sp, 5 * wordSize));
     __ sd(zr, Address(sp, 4 * wordSize));
+    __ mv(sp, t0);
   }
 }

[1] https://bugs.openjdk.org/browse/JDK-8290280
[2] openjdk/jdk@4dd236b

@pchilano
Copy link
Contributor Author

pchilano commented Jan 9, 2023

Looks good to me. JVM on linux-riscv64 bears the same problem as it has the same code flow as aarch64 on this part [1][2]. And linux-riscv64 doesn't have a redzone defined/implemented either, which I have verified with a small C program with inline assembly like you do for x86 and aarch64. So I have prepared a fix for linux-riscv64. This has passed sanity tests on HiFive Unmatched. Could you please add this change while you are on it?

diff --git a/src/hotspot/cpu/riscv/templateInterpreterGenerator_riscv.cpp b/src/hotspot/cpu/riscv/templateInterpreterGenerator_riscv.cpp
index 49a2b87c232..213e360c20e 100644
--- a/src/hotspot/cpu/riscv/templateInterpreterGenerator_riscv.cpp
+++ b/src/hotspot/cpu/riscv/templateInterpreterGenerator_riscv.cpp
@@ -776,8 +776,12 @@ void TemplateInterpreterGenerator::generate_fixed_frame(bool native_call) {
     // Move SP out of the way
     __ mv(sp, t0);
   } else {
-    __ sd(sp, Address(sp, 5 * wordSize));
+    // Make sure there is room for the exception oop pushed in case method throws
+    // an exception (see TemplateInterpreterGenerator::generate_throw_exception())
+    __ sub(t0, sp, 2 * wordSize);
+    __ sd(t0, Address(sp, 5 * wordSize));
     __ sd(zr, Address(sp, 4 * wordSize));
+    __ mv(sp, t0);
   }
 }

[1] https://bugs.openjdk.org/browse/JDK-8290280 [2] openjdk/jdk@4dd236b

Sure, added.

@pchilano
Copy link
Contributor Author

pchilano commented Jan 9, 2023

/contributor add @RealFYang

@openjdk
Copy link

openjdk bot commented Jan 9, 2023

@pchilano
Contributor Fei Yang <fyang@openjdk.org> successfully added.

Copy link
Member

@dcubed-ojdk dcubed-ojdk left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thumbs up. Wonderful analysis in the bug report. You may want to attach
your standalone reproducers to the bug report for future spelunkers.

Thanks for including the testing information.

__ mov(rscratch1, sp);
} else {
// Make sure there is room for the exception oop pushed in case method throws
// an exception (see TemplateInterpreterGenerator::generate_throw_exception())
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I was going to request that you add a '.' to the end of this sentence,
but it seems that lack of punctuation is the prevalent style in this file.

@pchilano
Copy link
Contributor Author

Thumbs up. Wonderful analysis in the bug report. You may want to attach your standalone reproducers to the bug report for future spelunkers.

Thanks for including the testing information.

Thanks Dan!

@pchilano
Copy link
Contributor Author

Thanks for the reviews @theRealAph, @RealFYang and @dcubed-ojdk!

@pchilano
Copy link
Contributor Author

/integrate

@openjdk
Copy link

openjdk bot commented Jan 10, 2023

Going to push as commit 151450e.
Since your change was applied there have been 4 commits pushed to the master branch:

  • 21d468e: 8299733: AArch64: "unexpected literal addressing mode" assertion failure with -XX:+PrintC1Statistics
  • 5826a07: 8299693: Change to Xcode12.4+1.1 devkit for building on macOS at Oracle
  • d49851a: 8299689: Make use of JLine for Console as "opt-in"
  • 1f141bd: 8299705: JCov coverage runs depend on jdk_symbols

Your commit was automatically rebased without conflicts.

@openjdk openjdk bot added the integrated Pull request has been integrated label Jan 10, 2023
@openjdk openjdk bot closed this Jan 10, 2023
@openjdk openjdk bot removed ready Pull request is ready to be integrated rfr Pull request is ready for review labels Jan 10, 2023
@openjdk
Copy link

openjdk bot commented Jan 10, 2023

@pchilano Pushed as commit 151450e.

💡 You may see a message that your pull request was closed with unmerged commits. This can be safely ignored.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
hotspot hotspot-dev@openjdk.org integrated Pull request has been integrated
Development

Successfully merging this pull request may close these issues.

4 participants