SIGFPE (division by zero) in C2 OSR compiled method


      Found by fuzzing. Test crashes almost certainly. The bundle is attached. It has a few hs_errs inside.

      $ ~/trunks/jdk-jdk/build/linux-x86_64-server-fastdebug/images/jdk/bin/java Test

      # A fatal error has been detected by the Java Runtime Environment:
      # SIGFPE (0x8) at pc=0x00007fa13c318886, pid=18763, tid=18764
      # JRE version: OpenJDK Runtime Environment (14.0) (fastdebug build 14-internal+0-adhoc.shade.jdk-jdk)
      # Java VM: OpenJDK 64-Bit Server VM (fastdebug 14-internal+0-adhoc.shade.jdk-jdk, mixed mode, sharing, tiered, compressed oops, g1 gc, linux-amd64)
      # Problematic frame:
      # J 58% c2 Test.vMeth(II)V (362 bytes) @ 0x00007fa13c318886 [0x00007fa13c3186c0+0x00000000000001c6]
      # Core dump will be written. Default location: Core dumps may be processed with "/usr/share/apport/apport %p %s %c %d %P" (or dumping to /home/shade/trunks/JavaFuzzer/tests/04170/core.18763)
      --------------- S U M M A R Y ------------

      Command Line: Test

      Host: shade-desktop, Intel(R) Core(TM) i7-7820X CPU @ 3.60GHz, 16 cores, 125G, Ubuntu 18.04.3 LTS
      Time: Tue Aug 13 21:29:54 2019 CEST elapsed time: 0 seconds (0d 0h 0m 0s)

      --------------- T H R E A D ---------------

      Current thread (0x00007fa14c023800): JavaThread "main" [_thread_in_Java, id=18764, stack(0x00007fa1560b3000,0x00007fa1561b4000)]

      Stack: [0x00007fa1560b3000,0x00007fa1561b4000], sp=0x00007fa1561b2660, free space=1021k
      Native frames: (J=compiled Java code, A=aot compiled Java code, j=interpreted, Vv=VM code, C=native code)
      J 58% c2 Test.vMeth(II)V (362 bytes) @ 0x00007fa13c318886 [0x00007fa13c3186c0+0x00000000000001c6]

      Disassembly near SIGFPE shows this:

       33 d2 xor edx,edx
       83 fb ff cmp ebx,0xffffffff
       74 03 je 0x00000032
       99 cdq
       f7 fb idiv ebx ; <--- SIGFPE here (division by zero)
       89 14 24 mov DWORD PTR [rsp],edx
       eb 46 jmp 0x0000007d

      And register maps says divisor is indeed zero:
        RBX=0x0 is NULL


