Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8267235

[macos_aarch64] InterpreterRuntime::throw_pending_exception messing up LR results in crash

    XMLWordPrintable

    Details

    • Subcomponent:
    • Resolved In Build:
      b24
    • CPU:
      aarch64
    • OS:
      os_x
    • Verification:
      Not verified

      Backports

        Description

        I have found an issue in hotspot for macos_aarch64
        it was sitting there since jep-391 integration, but only got discovered in macos 11.4beta

        so, InterpreterRuntime::throw_pending_exception ends this way
        libjvm.dylib`InterpreterRuntime::throw_pending_exception:
        -> 0x105c67ecc <+268>: b 0x105fc099c ; os::current_thread_enable_wx(WXMode)

        it's destructor of ThreadWXEnable __wx(WXWrite, current) from JRT_ENTRY block

        os::current_thread_enable_wx ends up calling pthread_jit_write_protect_np in same manner, but since 11.4b, pthread_jit_write_protect_np does pacibsp as it's very first instruction, making LR register poisoned with PAC signature:

        libsystem_pthread.dylib`pthread_jit_write_protect_np:
        -> 0x1888c84ec <+0>: pacibsp
          0x1888c84f0 <+4>: stp x29, x30, [sp, #-0x10]!
        Lr before pacibsp:
           lr = 0x00000001279c1a5c
        Lr after pacibsp
           lr = 0x74588001279c1a5c

        after some time, this lr is passed to
        address SharedRuntime::raw_exception_handler_for_return_address
        as return_address value
        (via forward exception stub)
         as a result, raw_exception_handler_for_return_address processes PAC-poisoined pointer and crashes at should_not_reach_here

        Dumping bad pointer with additional logging at the end of raw_exception_handler_for_return_address
        reveals it's the same pointer:

        No exception handler found for exception at 0x74588001279c1a5c - potential problems:

        Happens only on release build, fastdebug build has some additional code which prevents that.

        While I believe the pacibsp in arm64 ( not arm64e) is a bug of macos beta, it revealed another issue in jvm.
        Update: not a macos bug, intended behaviour

          Attachments

            Issue Links

            backported by

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8267526 [macos_aarch64] InterpreterRuntime::throw_pending_exception messing up LR results in crash

            • P2 - Crashes, loss of data, severe memory leak.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8267537 [macos_aarch64] InterpreterRuntime::throw_pending_exception messing up LR results in crash

            • P2 - Crashes, loss of data, severe memory leak.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8267622 [macos_aarch64] InterpreterRuntime::throw_pending_exception messing up LR results in crash

            • P2 - Crashes, loss of data, severe memory leak.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8267780 [macos_aarch64] InterpreterRuntime::throw_pending_exception messing up LR results in crash

            • P2 - Crashes, loss of data, severe memory leak.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8267790 [macos_aarch64] InterpreterRuntime::throw_pending_exception messing up LR results in crash

            • P2 - Crashes, loss of data, severe memory leak.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8267607 [macos_aarch64] InterpreterRuntime::throw_pending_exception messing up LR results in crash

            • P2 - Crashes, loss of data, severe memory leak.
            • Closed

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8268614 [macos_aarch64] InterpreterRuntime::throw_pending_exception messing up LR results in crash

            • P2 - Crashes, loss of data, severe memory leak.
            • Closed
            duplicates

            Bug - A problem which impairs or prevents the functions of the product. JDK-8266719 JVM failing to start on openjdk15+ MacOS 11.4 (20F5055c) on M1

            • P3 - Major loss of function.
            • Closed

            Bug - A problem which impairs or prevents the functions of the product. JDK-8267685 Executing `mvn` crashes with JRE Internal Error on Apple Silicon | OpenJDK 16.0+14

            • P3 - Major loss of function.
            • Closed

            Bug - A problem which impairs or prevents the functions of the product. JDK-8267145 JShell crashes when using a macOS AArch64 build

            • P4 - Minor loss of function, or other problem where easy workaround is present.
            • Closed
            relates to

            Bug - A problem which impairs or prevents the functions of the product. JDK-8268305 [macos_aarch64] Error: ShouldNotReachHere()

            • P4 - Minor loss of function, or other problem where easy workaround is present.
            • Resolved

            Bug - A problem which impairs or prevents the functions of the product. JDK-8268311 JVM crash with V [libjvm.dylib+0x9b4130] _ZN7VMError14report_and_dieEiPKcS1_PcP6ThreadPhPvS6_S1_im+0x46c | OpenJDK 16.0

            • P4 - Minor loss of function, or other problem where easy workaround is present.
            • Closed

            Bug - A problem which impairs or prevents the functions of the product. JDK-8271538 Apple Silicon failed to run Java application with V [libjvm.dylib+0x9b4130] VMError::report_and_die |OpenJDK 16+14

            • P4 - Minor loss of function, or other problem where easy workaround is present.
            • Closed

            Bug - A problem which impairs or prevents the functions of the product. JDK-8267685 Executing `mvn` crashes with JRE Internal Error on Apple Silicon | OpenJDK 16.0+14

            • P3 - Major loss of function.
            • Closed

            Bug - A problem which impairs or prevents the functions of the product. JDK-8268735 [macos] javac -version (or any use of javac) crashes

            • P3 - Major loss of function.
            • Closed
            links to

            Commit Commit openjdk/jdk13u-dev/dd8262db

            Commit Commit openjdk/jdk15u-dev/a0b1ba19

            Commit Commit openjdk/jdk16u/410f742b

            Commit Commit openjdk/jdk/ca93399a

            Review Review openjdk/jdk13u-dev/226

            Review Review openjdk/jdk15u-dev/64

            Review Review openjdk/jdk16u/121

            Review Review openjdk/jdk/4115

              Activity

                People

                Assignee:
                vkempik Vladimir Kempik
                Reporter:
                vkempik Vladimir Kempik
                Votes:
                0 Vote for this issue
                Watchers:
                7 Start watching this issue

                  Dates

                  Created:
                  Updated:
                  Resolved: