Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8161643

Segmentation fault / memory access violation

    Details

    • Subcomponent:
    • CPU:
      x86_64
    • OS:
      linux

      Description

      FULL PRODUCT VERSION :
      openjdk version "1.8.0_b14-8u92"
      OpenJDK Runtime Environment (build 1.8.0_b14-8u92-root_2016_07_04_14_06-b00)
      OpenJDK 64-Bit Server VM (build 25.b14-b00, mixed mode)

      FULL OS VERSION :
      Linux evgeni 3.2.0-4-amd64 #1 SMP Debian 3.2.81-1 x86_64 GNU/Linux

      A DESCRIPTION OF THE PROBLEM :
      Eclipse seemed to randomly crash at different points. The crash logs pointed to the top of the stack being in PhaseIdealLoop::build_loop_late_post(Node*) and the error at 0x11e. Because this is not your build, I will paste disassembly of the area:

      The build was made after checking-out the tag jdk8u92-b14 in each subrepo to be certain we used the stable version, because there was no OpenJDK package for a Debian that old.

      As far as I've managed to trace it, beyond the printed stack, it happens at src/share/vm/opto/loopnode.cpp:3567
      legal = idom(legal);

      More specifically in the inline function in src/share/vm/opto/loopnode.hpp PhaseIdealLoop::idom_no_update(Node*) line 732
      http://hg.openjdk.java.net/jdk8u/jdk8u/hotspot/file/15928d255046/src/share/vm/opto/loopnode.hpp#l732

      C++ is not my greatest strength, but I do love assembly and especially reverse-engineering, so I'm fairly certain the crash happens after line 730 (the assignment of n) and before the check for the "while".

      It's up to you to figure-out if this just needs a null-pointer check or the data is corrupt.


      THE PROBLEM WAS REPRODUCIBLE WITH -Xint FLAG: Did not try

      THE PROBLEM WAS REPRODUCIBLE WITH -server FLAG: Did not try

      STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
      We are uncertain what usage in Eclipse Neon causes it, but the project being worked on was a Maven project under Java and it is maintained under git. Those plugins would probably be or become active.

      ERROR MESSAGES/STACK TRACES THAT OCCUR :

      Current thread (0x00000000024df000): JavaThread "C2 CompilerThread0" daemon [_thread_in_native, id=18395, stack(0x00007fcda43fe000,0x00007fcda44ff000)]

      siginfo: si_signo: 11 (SIGSEGV), si_code: 1 (SEGV_MAPERR), si_addr: 0x0000000000000008

      Registers:
      RAX=0x0000000003807d70, RBX=0x00007fcda44fa3c0, RCX=0x0000000000000000, RDX=0x0000000000000000
      RSP=0x00007fcda44f9ec0, RBP=0x00007fcda44f9f00, RSI=0x00007fcda04da540, RDI=0x0000000000000000
      R8 =0x0000000003df28a0, R9 =0x00000000000c0000, R10=0x00007fcda2c71318, R11=0x00000000042771d8
      R12=0x00007fcda44fa3e0, R13=0x00007fcd90571af0, R14=0x0000000004276ea0, R15=0x00007fcda2c71318
      RIP=0x00007fcdb9b29aae, EFLAGS=0x0000000000010206, CSGSFS=0x0000000000000033, ERR=0x0000000000000004
        TRAPNO=0x000000000000000e



      Stack: [0x00007fcda43fe000,0x00007fcda44ff000], sp=0x00007fcda44f9ec0, free space=1007k
      Native frames: (J=compiled Java code, j=interpreted, Vv=VM code, C=native code)
      V [libjvm.so+0x754aae] PhaseIdealLoop::build_loop_late_post(Node*)+0x11e
      V [libjvm.so+0x755003] PhaseIdealLoop::build_loop_late(VectorSet&, Node_List&, Node_Stack&)+0x113
      V [libjvm.so+0x7560e1] PhaseIdealLoop::build_and_optimize(bool, bool)+0x691
      V [libjvm.so+0x4673c9] Compile::Optimize()+0x9e9
      V [libjvm.so+0x469597] Compile::Compile(ciEnv*, C2Compiler*, ciMethod*, int, bool, bool, bool)+0x1277
      V [libjvm.so+0x3cec18] C2Compiler::compile_method(ciEnv*, ciMethod*, int)+0x1b8
      V [libjvm.so+0x470416] CompileBroker::invoke_compiler_on_method(CompileTask*)+0xa56
      V [libjvm.so+0x471245] CompileBroker::compiler_thread_loop()+0x5d5
      V [libjvm.so+0x970387] JavaThread::thread_main_inner()+0x247
      V [libjvm.so+0x970847] JavaThread::run()+0x467
      V [libjvm.so+0x8372b2] java_start(Thread*)+0xf2
      C [libpthread.so.0+0x6b50] start_thread+0xd0


      Current CompileTask:
      C2:2996557 22222 4 org.eclipse.jdt.internal.compiler.parser.TypeConverter::decodeType (1094 bytes)


      Disassembly:

      0000000000754a7d <PhaseIdealLoop::build_loop_late_post(Node*)+0xed> call 0000000000754620 <PhaseIdealLoop::get_late_ctrl(Node*, Node*)>
      0000000000754a82 <PhaseIdealLoop::build_loop_late_post(Node*)+0xf2> test rax,rax
      0000000000754a85 <PhaseIdealLoop::build_loop_late_post(Node*)+0xf5> je 0000000000754e8e <PhaseIdealLoop::build_loop_late_post(Node*)+0x4fe>
      0000000000754a8b <PhaseIdealLoop::build_loop_late_post(Node*)+0xfb> cmp rax,r15
      0000000000754a8e <PhaseIdealLoop::build_loop_late_post(Node*)+0xfe> je 0000000000754e1b <PhaseIdealLoop::build_loop_late_post(Node*)+0x48b>
      0000000000754a94 <PhaseIdealLoop::build_loop_late_post(Node*)+0x104> mov edx,DWORD PTR [rax+0x28]
      0000000000754a97 <PhaseIdealLoop::build_loop_late_post(Node*)+0x107> mov r13,rax
      0000000000754a9a <PhaseIdealLoop::build_loop_late_post(Node*)+0x10a> nop WORD PTR [rax+rax*1+0x0]
      0000000000754aa0 <PhaseIdealLoop::build_loop_late_post(Node*)+0x110> mov rax,QWORD PTR [rbx+0x9f8]
      0000000000754aa7 <PhaseIdealLoop::build_loop_late_post(Node*)+0x117> lea rax,[rax+rdx*8]
      0000000000754aab <PhaseIdealLoop::build_loop_late_post(Node*)+0x11b> mov rcx,QWORD PTR [rax]
      0000000000754aae <PhaseIdealLoop::build_loop_late_post(Node*)+0x11e> mov rdx,QWORD PTR [rcx+0x8]
      0000000000754ab2 <PhaseIdealLoop::build_loop_late_post(Node*)+0x122> cmp QWORD PTR [rdx],0x0
      0000000000754ab6 <PhaseIdealLoop::build_loop_late_post(Node*)+0x126> jne 0000000000754ae1 <PhaseIdealLoop::build_loop_late_post(Node*)+0x151>
      0000000000754ab8 <PhaseIdealLoop::build_loop_late_post(Node*)+0x128> mov r9d,DWORD PTR [rbx+0x28]
      0000000000754abc <PhaseIdealLoop::build_loop_late_post(Node*)+0x12c> nop DWORD PTR [rax+0x0]



      REPRODUCIBILITY :
      This bug can be reproduced often.

        Issue Links

          Activity

          Hide
          fmatte Fairoz Matte added a comment -
          This is known issue JDK-8154831, crash occured in c2,
          C2:2996557 22222 4 org.eclipse.jdt.internal.compiler.parser.TypeConverter::decodeType (1094 bytes)
          This issue is already been fixed in 9 and backported to 8u112.
          Please try with early access builds of 8u112 which is available here - https://jdk8.java.net/download.html


          Show
          fmatte Fairoz Matte added a comment - This is known issue JDK-8154831 , crash occured in c2, C2:2996557 22222 4 org.eclipse.jdt.internal.compiler.parser.TypeConverter::decodeType (1094 bytes) This issue is already been fixed in 9 and backported to 8u112. Please try with early access builds of 8u112 which is available here - https://jdk8.java.net/download.html
          Hide
          fmatte Fairoz Matte added a comment -
          This issue is duplicate JDK-8154831, hence closing as duplicate issue
          Show
          fmatte Fairoz Matte added a comment - This issue is duplicate JDK-8154831 , hence closing as duplicate issue

            People

            • Assignee:
              fmatte Fairoz Matte
              Reporter:
              webbuggrp Webbug Group
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: