Open JasonFengJ9 opened 1 year ago
There is no evidence, but in general please note that Balanced is using different object header type for Indexable Object (selected dynamically at JVM startup). In theory is it possible to get object header mismatch if it is not handled properly in code generation (missed place to check selected header type), and java.lang.ArrayIndexOutOfBoundsException
can be a symptom of this. High level components like JIT Server should respect object header difference too.
@hzongaro this was added to the milestone plan from the M1 testing.
Might be a duplicate of #17995, which also used Balanced GC policy.
I tried an internal grinder run with -Xdump:jit:events=throw,filter=java/lang/ArrayIndexOutOfBoundsException#java.lang.CharacterDataLatin1.getProperties
. There were two failures, but no jitdump files in the archive.
Trying again, and then I'll try seeing whether I can reproduce the failure locally.
It should be systhrow
rather than throw
.
It should be systhrow rather than throw.
I just tried a simple test case locally, and both throw
and systhrow
worked for me for ArrayIndexOutOfBoundsException
. However, I'll try both in another grinder run. Thanks!
I tried an internal grinder run with -Xdump:jit:events=throw,filter=java/lang/ArrayIndexOutOfBoundsException#java.lang.CharacterDataLatin1.getProperties. There were two failures, but no jitdump files in the archive.
Ugh! The filter should have been java/lang/ArrayIndexOutOfBoundsException#java/lang/CharacterDataLatin1.getProperties
I'm having difficulty reproducing the failure again. I strongly suspect that this is a duplicate of #17995 and likely several older issues: #11799, #14405, #15171 and #17063.
I would suggest we move this to the 0.43 release, while I continue to try to get to the root cause.
I managed to get a jitdump — jitdump.20230919.171138.8356.0001.dmp.txt — from a grinder run, which I've copied here for posterity.
There's nothing obviously wrong with it, so I'm going to continue trying to get a system core file with my -Xdump
option. (I had been trying to get both, but was having bad luck reproducing the failure again.)
I was able to capture both a jitdump and core file from a recent internal grinder run. Looking at the code for Character.toLowerCase
in the core file, I think I understand how the ArrayIndexOutOfBoundsException
comes to be thrown. However, the recompilation that appears in the jitdump did not reproduce the same problem, so I'm trying another grinder run with -Xjit:{java/lang/Character.toLowerCase*}(optDetails,log=jitdump.issue18102)
in hopes of capturing the problematic compilation.
If I'm unable to produce a log that shows the problem, I'll add details about what I observed in the core file.
@Spencer-Comin, here are the details that I had promised long ago. Sorry that it's a bit of a brain dump without any real conclusions. From some past analysis of a core file and jitdump on Windows — core.20230922.203654.34076.0001.dmp.gz and jitdump.20230922.203654.34076.0002.dmp.gz:
>.\jdk-11.0.21+5\bin\jdmpview -core core.20230922.203654.34076.0001.dmp
> !threads
!stack 0x20287869a00 !j9vmthread 0x20287869a00 !j9thread 0x202865d32f0 tid 0x1640 (5696) // (main)
!stack 0x2028795d800 !j9vmthread 0x2028795d800 !j9thread 0x202865d3c80 tid 0x63e0 (25568) // (JIT Compilation Thread-000 Suspended)
!stack 0x202879ce300 !j9vmthread 0x202879ce300 !j9thread 0x202878ec3d0 tid 0x7dc4 (32196) // (JIT Compilation Thread-001)
!stack 0x20287a2d200 !j9vmthread 0x20287a2d200 !j9thread 0x202878ec898 tid 0x665c (26204) // (JIT Compilation Thread-002 Suspended)
!stack 0x20287a37700 !j9vmthread 0x20287a37700 !j9thread 0x202878ecd60 tid 0x268c (9868) // (JIT Diagnostic Compilation Thread-003 Suspended)
!stack 0x202a4445600 !j9vmthread 0x202a4445600 !j9thread 0x202878ee3f0 tid 0x390c (14604) // (JIT-SamplerThread)
!stack 0x202a444d600 !j9vmthread 0x202a444d600 !j9thread 0x202878ee8b8 tid 0x5b14 (23316) // (IProfiler)
!stack 0x202a44feb00 !j9vmthread 0x202a44feb00 !j9thread 0x202878eed80 tid 0x3128 (12584) // (Common-Cleaner)
!stack 0x202a477dd00 !j9vmthread 0x202a477dd00 !j9thread 0x202878f3908 tid 0x40a0 (16544) // (Dedicated GC Main)
!stack 0x202a477f900 !j9vmthread 0x202a477f900 !j9thread 0x202878f3dd0 tid 0x44c4 (17604) // (GC Worker)
!stack 0x202a4781500 !j9vmthread 0x202a4781500 !j9thread 0x202878ed3e0 tid 0x3770 (14192) // (GC Worker)
!stack 0x202a4786800 !j9vmthread 0x202a4786800 !j9thread 0x202878ed8a8 tid 0x8144 (33092) // (GC Worker)
!stack 0x202a47c1900 !j9vmthread 0x202a47c1900 !j9thread 0x202878f5460 tid 0x379c (14236) // (Attach API wait loop)
!stack 0x202a4793500 !j9vmthread 0x202a4793500 !j9thread 0x202878edd70 tid 0x482c (18476) // (pool-1-thread-1)
!stack 0x202a5140900 !j9vmthread 0x202a5140900 !j9thread 0x202878f5928 tid 0x54fc (21756) // (Finalizer thread)
!stack 0x202a515d800 !j9vmthread 0x202a515d800 !j9thread 0x202878f5df0 tid 0x59d0 (22992) // (AgentVMThread)
> !stack 0x202a515d800
<202a515d800> known but unhandled frame type com.ibm.j9ddr.vm29.pointer.U8Pointer @ 0x00000005
FAULT FAULT FAULT FAULT FAULT FAULT FAULT FAULT FAULT FAULT FAULT FAULT FAULT FAULT FAULT FAULT
<202a515d800> !j9method 0x00000202A45EFA60 java/lang/CharacterDataLatin1.getProperties(I)I
<202a515d800> !j9method 0x00000202A45EFC40 java/lang/CharacterDataLatin1.toLowerCase(I)I
<202a515d800> !j9method 0x00000202A455E1A0 java/lang/Character.toLowerCase(I)I
<202a515d800> !j9method 0x00000202A455E180 java/lang/Character.toLowerCase(C)C
<202a515d800> !j9method 0x00000202A5211268 NonCharacterMapping.main([Ljava/lang/String;)V
<202a515d800> JNI call-in frame
<202a515d800> !j9method 0x00000202A462F450 jdk/internal/reflect/NativeMethodAccessorImpl.invoke0(Ljava/lang/reflect/Method;L
java/lang/Object;[Ljava/lang/Object;)Ljava/lang/Object;
<202a515d800> !j9method 0x00000202A462F450 jdk/internal/reflect/NativeMethodAccessorImpl.invoke0(Ljava/lang/reflect/Method;L
java/lang/Object;[Ljava/lang/Object;)Ljava/lang/Object;
<202a515d800> !j9method 0x00000202A462F410 jdk/internal/reflect/NativeMethodAccessorImpl.invoke(Ljava/lang/Object;[Ljava/lan
g/Object;)Ljava/lang/Object;
<202a515d800> !j9method 0x00000202A462F878 jdk/internal/reflect/DelegatingMethodAccessorImpl.invoke(Ljava/lang/Object;[Ljava
/lang/Object;)Ljava/lang/Object;
<202a515d800> !j9method 0x00000202A45693E8 java/lang/reflect/Method.invoke(Ljava/lang/Object;[Ljava/lang/Object;)Ljava/lang/
Object;
<202a515d800> !j9method 0x00000202A4FC76E8 com/sun/javatest/regtest/agent/MainActionHelper$AgentVMRunnable.run()V
<202a515d800> !j9method 0x00000202A45513B0 java/lang/Thread.run()V
<202a515d800> JNI call-in frame
<202a515d800> Native method frame
> !stackslots 0x202a515d800
<202a515d800> *** BEGIN STACK WALK, flags = 00400001 walkThread = 0x00000202A515D800 ***
<202a515d800> ITERATE_O_SLOTS
<202a515d800> RECORD_BYTECODE_PC_OFFSET
<202a515d800> Initial values: walkSP = 0x00000202A47D1AF8, PC = 0x0000000000000005, literals = 0x0000000000000000, A0 = 0x000002
02A47D1B18, j2iFrame = 0x0000000000000000, ELS = 0x0000008B1EC3F750, decomp = 0x0000000000000000
<202a515d800> JIT resolve frame: bp = 0x00000202A47D1B18, sp = 0x00000202A47D1AF8, pc = 0x0000000000000005, cp = 0x0000000000000
000, arg0EA = 0x00000202A47D1B18, flags = 0x0000000000080000
<202a515d800> Object push (savedJITException)
<202a515d800> O-Slot[0x00000202A47D1AF8] = 0x0000000000000000
<202a515d800> Generic resolve
<202a515d800> unwindSP initialized to 0x00000202A47D1B20
<202a515d800> JIT-Resolve-RegisterMap[0x0000008B1EC3F520] = U64(0x000000000000FFFF) (jit_rax)
<202a515d800> JIT-Resolve-RegisterMap[0x0000008B1EC3F528] = U64(0x00007FF774FF5B00) (jit_rbx)
<202a515d800> JIT-Resolve-RegisterMap[0x0000008B1EC3F530] = U64(0x00007FF774C49680) (jit_rcx)
<202a515d800> JIT-Resolve-RegisterMap[0x0000008B1EC3F538] = U64(0x000000000000FFFF) (jit_rdx)
<202a515d800> JIT-Resolve-RegisterMap[0x0000008B1EC3F540] = U64(0x00007FF774C49680) (jit_rdi)
<202a515d800> JIT-Resolve-RegisterMap[0x0000008B1EC3F548] = U64(0x00000202A5211268) (jit_rsi)
<202a515d800> JIT-Resolve-RegisterMap[0x0000008B1EC3F550] = U64(0x00000202A47D1A99) (jit_rbp)
<202a515d800> JIT-Resolve-RegisterMap[0x0000008B1EC3F558] = U64(0x00000202A47D1AD0) (jit_rsp)
<202a515d800> JIT-Resolve-RegisterMap[0x0000008B1EC3F560] = U64(0x000000000000FFFF) (jit_r8)
<202a515d800> JIT-Resolve-RegisterMap[0x0000008B1EC3F568] = U64(0x0000000000000000) (jit_r9)
<202a515d800> JIT-Resolve-RegisterMap[0x0000008B1EC3F570] = U64(0x0000008B1EC3F3B0) (jit_r10)
<202a515d800> JIT-Resolve-RegisterMap[0x0000008B1EC3F578] = U64(0x0000008B1EC3F828) (jit_r11)
<202a515d800> JIT-Resolve-RegisterMap[0x0000008B1EC3F580] = U64(0x0000008B1EC3F640) (jit_r12)
<202a515d800> JIT-Resolve-RegisterMap[0x0000008B1EC3F588] = U64(0x00007FF801B1AC8C) (jit_r13)
<202a515d800> JIT-Resolve-RegisterMap[0x0000008B1EC3F590] = U64(0x00000202A47D1580) (jit_r14)
<202a515d800> JIT-Resolve-RegisterMap[0x0000008B1EC3F598] = U64(0x0000ECC701038D1A) (jit_r15)
<202a515d800> JIT inline frame: bp = 0x00000202A47D1B58, pc = 0x00007FFFD3B69675, unwindSP = 0x00000202A47D1B20, cp = 0x00000202
A45EFDC0, arg0EA = 0x0000000000000000, jitInfo = 0x00000202A4C52A68
<202a515d800> Method: java/lang/CharacterDataLatin1.getProperties(I)I !j9method 0x00000202A45EFA60
<202a515d800> Bytecode index = 7, inlineDepth = 3, PC offset = 0x00000000000F1175
<202a515d800> JIT inline frame: bp = 0x00000202A47D1B58, pc = 0x00007FFFD3B69675, unwindSP = 0x00000202A47D1B20, cp = 0x00000202
A45EFDC0, arg0EA = 0x0000000000000000, jitInfo = 0x00000202A4C52A68
<202a515d800> Method: java/lang/CharacterDataLatin1.toLowerCase(I)I !j9method 0x00000202A45EFC40
<202a515d800> Bytecode index = 4, inlineDepth = 2, PC offset = 0x00000000000EDB55
<202a515d800> JIT inline frame: bp = 0x00000202A47D1B58, pc = 0x00007FFFD3B69675, unwindSP = 0x00000202A47D1B20, cp = 0x00000202
A455E5A0, arg0EA = 0x0000000000000000, jitInfo = 0x00000202A4C52A68
<202a515d800> Method: java/lang/Character.toLowerCase(I)I !j9method 0x00000202A455E1A0
<202a515d800> Bytecode index = 5, inlineDepth = 1, PC offset = 0x00000000000EE03D
<202a515d800> JIT frame: bp = 0x00000202A47D1B58, pc = 0x00007FFFD3B69675, unwindSP = 0x00000202A47D1B20, cp = 0x00000202A455E5A
0, arg0EA = 0x00000202A47D1B60, jitInfo = 0x00000202A4C52A68
<202a515d800> Method: java/lang/Character.toLowerCase(C)C !j9method 0x00000202A455E180
<202a515d800> Bytecode index = 5, inlineDepth = 0, PC offset = 0x00000000000002FD
<202a515d800> stackMap=0x00000202A4C52C23, slots=I16(0x0001) parmBaseOffset=I16(0x0010), parmSlots=U16(0x0000), localBaseOffse
t=I16(0xFFF8)
cribed JIT temps starting at 0x00000202A47D1B50 for IDATA(0x0000000000000001) slots
<202a515d800> I-Slot: : t0[0x00000202A47D1B50] = 0x00000202A5211268
<202a515d800> JIT-RegisterMap = UDATA(0x0000000000000000)
<202a515d800> JIT-Frame-RegisterMap[0x00000202A47D1B40] = UDATA(0x00007FF80AE11579) (jit_rbx)
<202a515d800> JIT-Frame-RegisterMap[0x00000202A47D1B48] = UDATA(0x0000000000000000) (jit_r9)
<202a515d800> JIT-Frame-RegisterMap[0x0000008B1EC3F570] = U64(0x0000008B1EC3F3B0) (jit_r10)
<202a515d800> JIT-Frame-RegisterMap[0x0000008B1EC3F578] = U64(0x0000008B1EC3F828) (jit_r11)
<202a515d800> JIT-Frame-RegisterMap[0x0000008B1EC3F580] = U64(0x0000008B1EC3F640) (jit_r12)
<202a515d800> JIT-Frame-RegisterMap[0x0000008B1EC3F588] = U64(0x00007FF801B1AC8C) (jit_r13)
<202a515d800> JIT-Frame-RegisterMap[0x0000008B1EC3F590] = U64(0x00000202A47D1580) (jit_r14)
<202a515d800> JIT-Frame-RegisterMap[0x0000008B1EC3F598] = U64(0x0000ECC701038D1A) (jit_r15)
<202a515d800> I2J values: PC = 0x00000202A45C8002, A0 = 0x00000202A47D1B88, walkSP = 0x00000202A47D1B70, literals = 0x00000202A5
211268, JIT PC = 0x00007FFFE7CF5DC0, pcAddress = 0x0000008B1EC3F778, decomp = 0x0000000000000000
<202a515d800> Bytecode frame: bp = 0x00000202A47D1B80, sp = 0x00000202A47D1B70, pc = 0x00000202A45C8002, cp = 0x00000202A52110C0
, arg0EA = 0x00000202A47D1B88, flags = 0x0000000000000000
<202a515d800> Method: NonCharacterMapping.main([Ljava/lang/String;)V !j9method 0x00000202A5211268
<202a515d800> Bytecode index = 2
<202a515d800> Using local mapper
<202a515d800> Locals starting at 0x00000202A47D1B88 for 0x0000000000000001 slots
<202a515d800> I-Slot: a0[0x00000202A47D1B88] = 0x00007FF775F03CF8
<202a515d800> JNI call-in frame: bp = 0x00000202A47D1BB0, sp = 0x00000202A47D1B90, pc = 0x00007FF801AE1680, cp = 0x0000000000000
000, arg0EA = 0x00000202A47D1BB0, flags = 0x0000000000030000
> !jitmetadatafrompc 0x00007FFFD3B69675
J9JITExceptionTable at 0x00000202A4C52A68 {
struct J9UTF8* className = !j9utf8 0x0000020290EDBC9A // java/lang/Character
struct J9UTF8* methodName = !j9utf8 0x0000020290EE3E2A // toLowerCase
struct J9UTF8* methodSignature = !j9utf8 0x0000020290EE3980 // (C)C
struct J9ConstantPool* constantPool = !j9constantpool 0x00000202A455E5A0
struct J9Method* ramMethod = !j9method 0x00000202A455E180 // java/lang/Character.toLowerCase(C)C
UDATA parm.startPC = 0x00007FFFD3B69378;
UDATA parm.endWarmPC = 0x00007FFFD3B69785;
UDATA parm.startColdPC = 0x0000000000000000;
UDATA parm.endPC = 0x00007FFFD3B69785;
> !classforname java/lang/CharacterDataLatin1
Searching for classes named 'java/lang/CharacterDataLatin1' in VM=202865f49f0
!j9class 0x00000202A45EF700 named java/lang/CharacterDataLatin1
Found 1 class(es) named java/lang/CharacterDataLatin1
> !j9class 0x00000202A45EF700
> !j9class 0x00000202A45EF700
J9Class at 0x202a45ef700 {
Fields for J9Class:
0x0: U64 eyecatcher = 0x0000000099669966 (2573637990)
0x8: class J9ROMClass* romClass = !j9romclass 0x0000020290FCDA18
0x10: void** superclasses = !j9x 0x00000202A45EF510
0x18: U64 classDepthAndFlags = 0x00000000000E0002 (917506)
0x20: U32 classDepthWithFlags = 0x00000000 (0)
0x24: U32 classFlags = 0x00000000 (0)
0x28: class J9ClassLoader* classLoader = !j9classloader 0x00000202876F0DC8
0x30: class J9Object* classObject = !j9object 0x00007FF774C54930 // java/lang/Class
0x38: volatile U64 initializeStatus = 0x0000000000000001 (1)
0x40: class J9Method* ramMethods = !j9method 0x00000202A45EFA60 // java/lang/CharacterDataLatin1.getProperties(I)I
0x48: U64* ramStatics = !j9x 0x00000202A45EEAA0
> hexdump 0x00007FFFD3B69378 800 // This is hexdump of code for java/lang/Character.toLowerCase(C)C
7fffd3b69378: 8b442408 483b6550 0f861003 00004883 |.D$.H;eP......H.|
7fffd3b69388: ec384c89 4c242848 895c2420 48b9a8ff |.8L.L$(H.\$ H...|
7fffd3b69398: 86870202 0000833c 0d000000 00010f84 |.......<........|
7fffd3b693a8: 33020000 0f1f4400 000f1f44 000081f8 |3.....D....D....|
7fffd3b693b8: 00010000 0f839100 000048b9 b0ea5ea4 |..........H...^.|
7fffd3b693c8: 02020000 488b3c0d 00000000 f607000f |....H.<.........|
7fffd3b693d8: 1f440000 488bdf4c 8bc0458b c00f1f44 |.D..H..L..E....D|
7fffd3b693e8: 00004c8b c00f1f44 000048b9 b8ea5ea4 |..L....D..H...^.|
7fffd3b693f8: 02020000 488b0c0d 00000000 8b79088b |....H........y..|
7fffd3b69408: d00fb7d2 3bfa0f86 59020000 8b7c9118 |....;...Y....|..|
7fffd3b69418: f7c70000 0200741e 8bcf81e1 0000fc07 |......t.........|
7fffd3b69428: 81f90000 fc07740e 4c8bc741 c1e00541 |......t.L..A...A|
7fffd3b69438: c1f81744 03c0498b c00fb7c0 4c8b4c24 |...D..I.....L.L$|
7fffd3b69448: 28488b5c 24204883 c438c38b d0c1ea10 |(H.\$ H..8......|
7fffd3b69458: 83fa110f 83860000 00488d0d 48feffff |.........H..H...| <<< 48 8d 0d 48 fe ff is at address 0x7fffd3b69461
7fffd3b69468: ff24d10f 1f440000 48b978c4 16a50202 |.$...D..H.x.....|
7fffd3b69478: 0000488b 3c0d0000 0000e94d ffffff90 |..H.<......M....|
7fffd3b69488: e8460200 00000000 0000488b 3c0d0000 |.F........H.<...|
7fffd3b69498: 0000e935 ffffff90 e84a0200 00000000 |...5.....J......|
7fffd3b694a8: 0000488b 3c0d0000 0000e91d ffffff90 |..H.<...........|
7fffd3b694b8: e84e0200 00000000 0000488b 3c0d0000 |.N........H.<...|
7fffd3b694c8: 0000e905 ffffff90 e8520200 00000000 |.........R......|
7fffd3b694d8: 0000488b 3c0d0000 0000e9ed feffff90 |..H.<...........|
7fffd3b694e8: e8560200 00000000 0000488b 3c0d0000 |.V........H.<...|
7fffd3b694f8: 0000e9d5 feffff48 8bf04889 7c243048 |.......H..H.|$0H|
7fffd3b69508: 8b442430 488b4c24 30488b39 4881e700 |.D$0H.L$0H.9H...|
7fffd3b69518: ffffffff 9760ffff ff0fb7c0 4c8b4c24 |.....`......L.L$|
7fffd3b69528: 28488b5c 24204883 c438c348 8bcb4d8b |(H.\$ H..8.H..M.|
7fffd3b69538: c8488bd8 48894c24 30488b44 24308bf3 |.H..H.L$0H.D$0..|
7fffd3b69548: 488b5424 30488b0a 4881e100 ffffffff |H.T$0H..H.......|
7fffd3b69558: 9100ffff ff4887c3 4d8bc148 8bfb8bff |.....H..M..H....|
7fffd3b69568: f7c70000 02000f84 cafeffff 8bcf81e1 |................|
7fffd3b69578: 0000fc07 81f90000 fc070f84 b6feffff |................|
7fffd3b69588: e9a3feff ff488bd8 8bc3660f 1f440000 |.....H....f..D..|
7fffd3b69598: e8c20100 004887c3 488bfb48 897c2430 |.....H..H..H.|$0|
7fffd3b695a8: f607000f 1f440000 488bdf4c 8bc0458b |.....D..H..L..E.|
7fffd3b695b8: c00f1f44 00004c8b c0e927fe ffff6690 |...D..L...'...f.|
7fffd3b695c8: e8a50100 000fb7c0 4c8b4c24 28488b5c |........L.L$(H.\|
7fffd3b695d8: 24204883 c438c348 b9682cc5 a4020200 |$ H..8.H.h'.....|
7fffd3b695e8: 008b0c0d 00000000 83e90148 ba682cc5 |...........H.h'.|
7fffd3b695f8: a4020200 00890c15 00000000 83f9000f |................|
7fffd3b69608: 8f9ffdff ff488bc8 48ba682c c5a40202 |.....H..H.h'....|
7fffd3b69618: 0000c704 15000000 00ffffff 7f48baa5 |.............H..|
7fffd3b69628: 93b6d3ff 7f0000c6 04150000 00000248 |...............H|
7fffd3b69638: ba80e155 a4020200 00488d04 15000000 |...U.....H......|
7fffd3b69648: 0048ba78 93b6d3ff 7f000048 8d341500 |.H.x.......H.4..|
7fffd3b69658: 000000ba 00000800 e82b9e18 14488bc1 |.........+...H..|
7fffd3b69568: f7c70000 02000f84 cafeffff 8bcf81e1 |................|
7fffd3b69578: 0000fc07 81f90000 fc070f84 b6feffff |................|
7fffd3b69588: e9a3feff ff488bd8 8bc3660f 1f440000 |.....H....f..D..|
7fffd3b69598: e8c20100 004887c3 488bfb48 897c2430 |.....H..H..H.|$0|
7fffd3b695a8: f607000f 1f440000 488bdf4c 8bc0458b |.....D..H..L..E.|
7fffd3b695b8: c00f1f44 00004c8b c0e927fe ffff6690 |...D..L...'...f.|
7fffd3b695c8: e8a50100 000fb7c0 4c8b4c24 28488b5c |........L.L$(H.\|
7fffd3b695d8: 24204883 c438c348 b9682cc5 a4020200 |$ H..8.H.h'.....|
7fffd3b695e8: 008b0c0d 00000000 83e90148 ba682cc5 |...........H.h'.|
7fffd3b695f8: a4020200 00890c15 00000000 83f9000f |................|
7fffd3b69608: 8f9ffdff ff488bc8 48ba682c c5a40202 |.....H..H.h'....|
7fffd3b69618: 0000c704 15000000 00ffffff 7f48baa5 |.............H..|
7fffd3b69628: 93b6d3ff 7f0000c6 04150000 00000248 |...............H|
7fffd3b69638: ba80e155 a4020200 00488d04 15000000 |...U.....H......|
7fffd3b69648: 0048ba78 93b6d3ff 7f000048 8d341500 |.H.x.......H.4..|
7fffd3b69658: 000000ba 00000800 e82b9e18 14488bc1 |.........+...H..|
7fffd3b69668: e93ffdff ff488bf9 837f0800 752f3957 |.?...H......u/9W| <<<< Exception thrown from 0x7FFFD3B69675 (Offset 0x2FD)
7fffd3b69678: 0c763348 63ca48c1 f911488b 4ccf1848 |.v3Hc.H...H.L..H|
7fffd3b69688: 81e2ffff 01008b3c 91e982fd ffffbf38 |.......<.......8|
Looks like different amounts of inlining happened? Code generated by jitdump is not as long Disassembly of code for java/lang/Character.toLowerCase(C)C
0: 8b 44 24 08 mov eax,DWORD PTR [rsp+0x8]
4: 48 3b 65 50 cmp rsp,QWORD PTR [rbp+0x50]
8: 0f 86 10 03 00 00 jbe 0x31e
e: 48 83 ec 38 sub rsp,0x38
12: 4c 89 4c 24 28 mov QWORD PTR [rsp+0x28],r9
17: 48 89 5c 24 20 mov QWORD PTR [rsp+0x20],rbx
1c: 48 b9 a8 ff 86 87 02 movabs rcx,0x2028786ffa8
23: 02 00 00
26: 83 3c 0d 00 00 00 00 cmp DWORD PTR [rcx*1+0x0],0x1
2d: 01
2e: 0f 84 33 02 00 00 je 0x267
34: 0f 1f 44 00 00 nop DWORD PTR [rax+rax*1+0x0]
39: 0f 1f 44 00 00 nop DWORD PTR [rax+rax*1+0x0]
3e: 81 f8 00 01 00 00 cmp eax,0x100
44: 0f 83 91 00 00 00 jae 0xdb
4a: 48 b9 b0 ea 5e a4 02 movabs rcx,0x202a45eeab0
51: 02 00 00
54: 48 8b 3c 0d 00 00 00 mov rdi,QWORD PTR [rcx*1+0x0]
5b: 00
5c: f6 07 00 test BYTE PTR [rdi],0x0 # Come from 0x10a - rdi = 0x7ff774ff5b00 ??? Is this the right place to be branching?
5f: 0f 1f 44 00 00 nop DWORD PTR [rax+rax*1+0x0]
64: 48 8b df mov rbx,rdi # rbx <- 0x7ff774ff5b00
67: 4c 8b c0 mov r8,rax # r8 <- 0x0000ffff
6a: 45 8b c0 mov r8d,r8d
6d: 0f 1f 44 00 00 nop DWORD PTR [rax+rax*1+0x0]
72: 4c 8b c0 mov r8,rax
75: 0f 1f 44 00 00 nop DWORD PTR [rax+rax*1+0x0]
7a: 48 b9 b8 ea 5e a4 02 movabs rcx,0x202a45eeab8 <<<< This is CharacterDataLatin1
81: 02 00 00
84: 48 8b 0c 0d 00 00 00 mov rcx,QWORD PTR [rcx*1+0x0] # rcx <- 0x7ff774c49608
8b: 00
8c: 8b 79 08 mov edi,DWORD PTR [rcx+0x8]
8f: 8b d0 mov edx,eax
91: 0f b7 d2 movzx edx,dx
94: 3b fa cmp edi,edx
96: 0f 86 59 02 00 00 jbe 0x2f5
9c: 8b 7c 91 18 mov edi,DWORD PTR [rcx+rdx*4+0x18]
a0: f7 c7 00 00 02 00 test edi,0x20000
a6: 74 1e je 0xc6
a8: 8b cf mov ecx,edi
aa: 81 e1 00 00 fc 07 and ecx,0x7fc0000
b0: 81 f9 00 00 fc 07 cmp ecx,0x7fc0000
b6: 74 0e je 0xc6
b8: 4c 8b c7 mov r8,rdi
bb: 41 c1 e0 05 shl r8d,0x5
bf: 41 c1 f8 17 sar r8d,0x17
c3: 44 03 c0 add r8d,eax
c6: 49 8b c0 mov rax,r8
c9: 0f b7 c0 movzx eax,ax
cc: 4c 8b 4c 24 28 mov r9,QWORD PTR [rsp+0x28]
d1: 48 8b 5c 24 20 mov rbx,QWORD PTR [rsp+0x20]
d6: 48 83 c4 38 add rsp,0x38
da: c3 ret
db: 8b d0 mov edx,eax
dd: c1 ea 10 shr edx,0x10
e0: 83 fa 11 cmp edx,0x11
e3: 0f 83 86 00 00 00 jae 0x16f
e9: 48 8d 0d 48 fe ff ff lea rcx,[rip+0xfffffffffffffe48] # This is at 0x7FFFD3B69461+7, so rcx = 0x7FFFD3B692B0
f0: ff 24 d1 jmp QWORD PTR [rcx+rdx*8] # Address at offset zero is 0x7fffd3b6946b - which offset 0xF3 from start of method
f3: 0f 1f 44 00 00 nop DWORD PTR [rax+rax*1+0x0]
f8: 48 b9 78 c4 16 a5 02 movabs rcx,0x202a516c478 # java/lang/CharacterData00
ff: 02 00 00
102: 48 8b 3c 0d 00 00 00 mov rdi,QWORD PTR [rcx*1+0x0] # Value at 0x202a516c478 is 0x7ff774ff5b00
109: 00
10a: e9 4d ff ff ff jmp 0x5c
10f: 90 nop
110: e8 46 02 00 00 call 0x35b
115: 00 00 add BYTE PTR [rax],al
117: 00 00 add BYTE PTR [rax],al
119: 00 48 8b add BYTE PTR [rax-0x75],cl
11c: 3c 0d cmp al,0xd
11e: 00 00 add BYTE PTR [rax],al
120: 00 00 add BYTE PTR [rax],al
122: e9 35 ff ff ff jmp 0x5c
127: 90 nop
128: e8 4a 02 00 00 call 0x377
12d: 00 00 add BYTE PTR [rax],al
12f: 00 00 add BYTE PTR [rax],al
131: 00 48 8b add BYTE PTR [rax-0x75],cl
134: 3c 0d cmp al,0xd
136: 00 00 add BYTE PTR [rax],al
138: 00 00 add BYTE PTR [rax],al
13a: e9 1d ff ff ff jmp 0x5c
13f: 90 nop
140: e8 4e 02 00 00 call 0x393
145: 00 00 add BYTE PTR [rax],al
147: 00 00 add BYTE PTR [rax],al
149: 00 48 8b add BYTE PTR [rax-0x75],cl
14c: 3c 0d cmp al,0xd
14e: 00 00 add BYTE PTR [rax],al
150: 00 00 add BYTE PTR [rax],al
152: e9 05 ff ff ff jmp 0x5c
157: 90 nop
158: e8 52 02 00 00 call 0x3af
15d: 00 00 add BYTE PTR [rax],al
15f: 00 00 add BYTE PTR [rax],al
161: 00 48 8b add BYTE PTR [rax-0x75],cl
164: 3c 0d cmp al,0xd
166: 00 00 add BYTE PTR [rax],al
168: 00 00 add BYTE PTR [rax],al
16a: e9 ed fe ff ff jmp 0x5c
16f: 90 nop
170: e8 56 02 00 00 call 0x3cb
175: 00 00 add BYTE PTR [rax],al
177: 00 00 add BYTE PTR [rax],al
179: 00 48 8b add BYTE PTR [rax-0x75],cl
17c: 3c 0d cmp al,0xd
17e: 00 00 add BYTE PTR [rax],al
180: 00 00 add BYTE PTR [rax],al
182: e9 d5 fe ff ff jmp 0x5c
187: 48 8b f0 mov rsi,rax
18a: 48 89 7c 24 30 mov QWORD PTR [rsp+0x30],rdi
18f: 48 8b 44 24 30 mov rax,QWORD PTR [rsp+0x30]
194: 48 8b 4c 24 30 mov rcx,QWORD PTR [rsp+0x30]
199: 48 8b 39 mov rdi,QWORD PTR [rcx]
19c: 48 81 e7 00 ff ff ff and rdi,0xffffffffffffff00
1a3: ff 97 60 ff ff ff call QWORD PTR [rdi-0xa0]
1a9: 0f b7 c0 movzx eax,ax
1ac: 4c 8b 4c 24 28 mov r9,QWORD PTR [rsp+0x28]
1b1: 48 8b 5c 24 20 mov rbx,QWORD PTR [rsp+0x20]
1b6: 48 83 c4 38 add rsp,0x38
1ba: c3 ret
1bb: 48 8b cb mov rcx,rbx
1be: 4d 8b c8 mov r9,r8
1c1: 48 8b d8 mov rbx,rax
1c4: 48 89 4c 24 30 mov QWORD PTR [rsp+0x30],rcx
1c9: 48 8b 44 24 30 mov rax,QWORD PTR [rsp+0x30]
1ce: 8b f3 mov esi,ebx
1d0: 48 8b 54 24 30 mov rdx,QWORD PTR [rsp+0x30]
1d5: 48 8b 0a mov rcx,QWORD PTR [rdx]
1d8: 48 81 e1 00 ff ff ff and rcx,0xffffffffffffff00
1df: ff 91 00 ff ff ff call QWORD PTR [rcx-0x100]
1e5: 48 87 c3 xchg rbx,rax
1e8: 4d 8b c1 mov r8,r9
1eb: 48 8b fb mov rdi,rbx
1ee: 8b ff mov edi,edi
1f0: f7 c7 00 00 02 00 test edi,0x20000
1f6: 0f 84 ca fe ff ff je 0xc6
1fc: 8b cf mov ecx,edi
1fe: 81 e1 00 00 fc 07 and ecx,0x7fc0000
204: 81 f9 00 00 fc 07 cmp ecx,0x7fc0000
20a: 0f 84 b6 fe ff ff je 0xc6
210: e9 a3 fe ff ff jmp 0xb8
215: 48 8b d8 mov rbx,rax
218: 8b c3 mov eax,ebx
21a: 66 0f 1f 44 00 00 nop WORD PTR [rax+rax*1+0x0]
220: e8 c2 01 00 00 call 0x3e7
225: 48 87 c3 xchg rbx,rax
228: 48 8b fb mov rdi,rbx
22b: 48 89 7c 24 30 mov QWORD PTR [rsp+0x30],rdi
230: f6 07 00 test BYTE PTR [rdi],0x0
233: 0f 1f 44 00 00 nop DWORD PTR [rax+rax*1+0x0]
238: 48 8b df mov rbx,rdi
23b: 4c 8b c0 mov r8,rax
23e: 45 8b c0 mov r8d,r8d
241: 0f 1f 44 00 00 nop DWORD PTR [rax+rax*1+0x0]
246: 4c 8b c0 mov r8,rax
249: e9 27 fe ff ff jmp 0x75
24e: 66 90 xchg ax,ax
250: e8 a5 01 00 00 call 0x3fa
255: 0f b7 c0 movzx eax,ax
258: 4c 8b 4c 24 28 mov r9,QWORD PTR [rsp+0x28]
25d: 48 8b 5c 24 20 mov rbx,QWORD PTR [rsp+0x20]
262: 48 83 c4 38 add rsp,0x38
266: c3 ret
267: 48 b9 68 2c c5 a4 02 movabs rcx,0x202a4c52c68
26e: 02 00 00
271: 8b 0c 0d 00 00 00 00 mov ecx,DWORD PTR [rcx*1+0x0]
278: 83 e9 01 sub ecx,0x1
27b: 48 ba 68 2c c5 a4 02 movabs rdx,0x202a4c52c68
282: 02 00 00
285: 89 0c 15 00 00 00 00 mov DWORD PTR [rdx*1+0x0],ecx
28c: 83 f9 00 cmp ecx,0x0
28f: 0f 8f 9f fd ff ff jg 0x34
295: 48 8b c8 mov rcx,rax
298: 48 ba 68 2c c5 a4 02 movabs rdx,0x202a4c52c68
29f: 02 00 00
2a2: c7 04 15 00 00 00 00 mov DWORD PTR [rdx*1+0x0],0x7fffffff
2a9: ff ff ff 7f
2ad: 48 ba a5 93 b6 d3 ff movabs rdx,0x7fffd3b693a5
2b4: 7f 00 00
2b7: c6 04 15 00 00 00 00 mov BYTE PTR [rdx*1+0x0],0x2
2be: 02
2bf: 48 ba 80 e1 55 a4 02 movabs rdx,0x202a455e180
2c6: 02 00 00
2c9: 48 8d 04 15 00 00 00 lea rax,[rdx*1+0x0]
2d0: 00
2d1: 48 ba 78 93 b6 d3 ff movabs rdx,0x7fffd3b69378
2d8: 7f 00 00
2db: 48 8d 34 15 00 00 00 lea rsi,[rdx*1+0x0]
2e2: 00
2e3: ba 00 00 08 00 mov edx,0x80000
2e8: e8 2b 9e 18 14 call 0x1418a118
2ed: 48 8b c1 mov rax,rcx
2f0: f7 c7 00 00 02 00 test edi,0x20000
2f6: 0f 84 ca fe ff ff je 0x1c6
2fc: 8b cf mov ecx,edi <<<<
2fe: 81 e1 00 00 fc 07 and ecx,0x7fc0000
304: 81 f9 00 00 fc 07 cmp ecx,0x7fc0000
30a: 0f 84 b6 fe ff ff je 0x1c6
310: e9 a3 fe ff ff jmp 0x1b8
315: 48 8b d8 mov rbx,rax
318: 8b c3 mov eax,ebx
31a: 66 0f 1f 44 00 00 nop WORD PTR [rax+rax*1+0x0]
320: e8 c2 01 00 00 call 0x4e7
325: 48 87 c3 xchg rbx,rax
328: 48 8b fb mov rdi,rbx
32b: 48 89 7c 24 30 mov QWORD PTR [rsp+0x30],rdi
330: f6 07 00 test BYTE PTR [rdi],0x0
333: 0f 1f 44 00 00 nop DWORD PTR [rax+rax*1+0x0]
338: 48 8b df mov rbx,rdi
33b: 4c 8b c0 mov r8,rax
33e: 45 8b c0 mov r8d,r8d
341: 0f 1f 44 00 00 nop DWORD PTR [rax+rax*1+0x0]
346: 4c 8b c0 mov r8,rax
349: e9 27 fe ff ff jmp 0x175
34e: 66 90 xchg ax,ax
350: e8 a5 01 00 00 call 0x4fa
355: 0f b7 c0 movzx eax,ax
358: 4c 8b 4c 24 28 mov r9,QWORD PTR [rsp+0x28]
35d: 48 8b 5c 24 20 mov rbx,QWORD PTR [rsp+0x20]
362: 48 83 c4 38 add rsp,0x38
366: c3 ret
367: 48 b9 68 2c c5 a4 02 movabs rcx,0x202a4c52c68
36e: 02 00 00
371: 8b 0c 0d 00 00 00 00 mov ecx,DWORD PTR [rcx*1+0x0]
378: 83 e9 01 sub ecx,0x1
37b: 48 ba 68 2c c5 a4 02 movabs rdx,0x202a4c52c68
382: 02 00 00
385: 89 0c 15 00 00 00 00 mov DWORD PTR [rdx*1+0x0],ecx
38c: 83 f9 00 cmp ecx,0x0
38f: 0f 8f 9f fd ff ff jg 0x134
395: 48 8b c8 mov rcx,rax
398: 48 ba 68 2c c5 a4 02 movabs rdx,0x202a4c52c68
39f: 02 00 00
3a2: c7 04 15 00 00 00 00 mov DWORD PTR [rdx*1+0x0],0x7fffffff
3a9: ff ff ff 7f
3ad: 48 ba a5 93 b6 d3 ff movabs rdx,0x7fffd3b693a5
3b4: 7f 00 00
3b7: c6 04 15 00 00 00 00 mov BYTE PTR [rdx*1+0x0],0x2
3be: 02
3bf: 48 ba 80 e1 55 a4 02 movabs rdx,0x202a455e180
3c6: 02 00 00
3c9: 48 8d 04 15 00 00 00 lea rax,[rdx*1+0x0]
3d0: 00
3d1: 48 ba 78 93 b6 d3 ff movabs rdx,0x7fffd3b69378
3d8: 7f 00 00
3db: 48 8d 34 15 00 00 00 lea rsi,[rdx*1+0x0]
3e2: 00
3e3: ba 00 00 08 00 mov edx,0x80000
3e8: e8 2b 9e 18 14 call 0x1418a218
3ed: 48 8b c1 mov rax,rcx
3f0: e9 3f fd ff ff jmp 0x134
3f5: 48 8b f9 mov rdi,rcx
3f8: 83 7f 08 00 cmp DWORD PTR [rdi+0x8],0x0
3fc: 75 2f jne 0x42d
3fe: 39 57 0c cmp DWORD PTR [rdi+0xc],edx
401: 76 33 jbe 0x436
403: 48 63 ca movsxd rcx,edx
406: 48 c1 f9 11 sar rcx,0x11
40a: 48 8b 4c cf 18 mov rcx,QWORD PTR [rdi+rcx*8+0x18]
40f: 48 81 e2 ff ff 01 00 and rdx,0x1ffff
416: 8b 3c 91 mov edi,DWORD PTR [rcx+rdx*4]
419: e9 82 fd ff ff jmp 0x1a0
41e: bf .byte 0xbf
41f: 38 .byte 0x38
Table for tableswitch at 0x7FFFD3B692B0
> hexdump 0x7FFFD3B692B0 256
7fffd3b692b0: 6b94b6d3 ff7f0000 8794b6d3 ff7f0000 |k...............| - Address at offset zero is 0x7fffd3b6946b
7fffd3b692c0: 9f94b6d3 ff7f0000 e794b6d3 ff7f0000 |................|
7fffd3b692d0: e794b6d3 ff7f0000 e794b6d3 ff7f0000 |................|
7fffd3b692e0: e794b6d3 ff7f0000 e794b6d3 ff7f0000 |................|
7fffd3b692f0: e794b6d3 ff7f0000 e794b6d3 ff7f0000 |................|
7fffd3b69300: e794b6d3 ff7f0000 e794b6d3 ff7f0000 |................|
7fffd3b69310: e794b6d3 ff7f0000 e794b6d3 ff7f0000 |................|
7fffd3b69320: b794b6d3 ff7f0000 cf94b6d3 ff7f0000 |................|
7fffd3b69330: cf94b6d3 ff7f0000 00000000 00000000 |................|
> !j9object 0x7ff774ff5b00
!J9Object 0x00007FF774FF5B00 {
struct J9Class* clazz = !j9class 0x202A516ED00 // java/lang/CharacterData00
Object flags = 0x00000000;
J lockword = 0x0000000000000000 (offset = 0) (java/lang/Object) <hidden>
}
> !j9class 0x202A516ED00
J9Class at 0x202a516ed00 {
Fields for J9Class:
0x0: U64 eyecatcher = 0x0000000099669966 (2573637990)
0x8: class J9ROMClass* romClass = !j9romclass 0x0000020291420AC0
0x10: void** superclasses = !j9x 0x00000202A516DB90
0x18: U64 classDepthAndFlags = 0x00000000000E0002 (917506)
0x20: U32 classDepthWithFlags = 0x00000000 (0)
0x24: U32 classFlags = 0x00000000 (0)
0x28: class J9ClassLoader* classLoader = !j9classloader 0x00000202876F0DC8
0x30: class J9Object* classObject = !j9object 0x00007FF774FF6A00 // java/lang/Class
0x38: volatile U64 initializeStatus = 0x0000000000000001 (1)
0x40: class J9Method* ramMethods = !j9method 0x00000202A516F068 // java/lang/CharacterData00.getProperties(I)I
0x48: U64* ramStatics = !j9x 0x00000202A516C478
...
It looks like after getting CharacterData00.instance
from tableswitch, code is branching to inline code associated with
CharacterDataLatin1.getProperties
.
2023-10-02:
2023-10-11:
The NOP guard should likely be patched when it's seen that additional methods overriding java/lang/CharacterData.toLowerCase
are encountered.
That should likely happen at the point of a ResolveCHK
for the reference to CharacterData00.instance
, which happens through a call to jitResolveStaticField
.
Failure link
From an internal build(
win19x86-rt2-1
):Rerun in Grinder - Change TARGET to run only the failed test targets.
Optional info
Failure output (captured from console output)
50x internal grinder - 2/50 reproduced