Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8229496

SIGFPE (division by zero) in C2 OSR compiled method

    Details

    • Subcomponent:
    • Resolved In Build:
      b14

      Description

      (provisional synopsis, please change as you see fit)

      Found by fuzzing. Test crashes almost certainly. The bundle is attached. It has a few hs_errs inside.

      $ ~/trunks/jdk-jdk/build/linux-x86_64-server-fastdebug/images/jdk/bin/java Test

      #
      # A fatal error has been detected by the Java Runtime Environment:
      #
      # SIGFPE (0x8) at pc=0x00007fa13c318886, pid=18763, tid=18764
      #
      # JRE version: OpenJDK Runtime Environment (14.0) (fastdebug build 14-internal+0-adhoc.shade.jdk-jdk)
      # Java VM: OpenJDK 64-Bit Server VM (fastdebug 14-internal+0-adhoc.shade.jdk-jdk, mixed mode, sharing, tiered, compressed oops, g1 gc, linux-amd64)
      # Problematic frame:
      # J 58% c2 Test.vMeth(II)V (362 bytes) @ 0x00007fa13c318886 [0x00007fa13c3186c0+0x00000000000001c6]
      #
      # Core dump will be written. Default location: Core dumps may be processed with "/usr/share/apport/apport %p %s %c %d %P" (or dumping to /home/shade/trunks/JavaFuzzer/tests/04170/core.18763)
      #
      # If you would like to submit a bug report, please visit:
      # http://bugreport.java.com/bugreport/crash.jsp
      #

      --------------- S U M M A R Y ------------

      Command Line: Test

      Host: shade-desktop, Intel(R) Core(TM) i7-7820X CPU @ 3.60GHz, 16 cores, 125G, Ubuntu 18.04.3 LTS
      Time: Tue Aug 13 21:29:54 2019 CEST elapsed time: 0 seconds (0d 0h 0m 0s)

      --------------- T H R E A D ---------------

      Current thread (0x00007fa14c023800): JavaThread "main" [_thread_in_Java, id=18764, stack(0x00007fa1560b3000,0x00007fa1561b4000)]

      Stack: [0x00007fa1560b3000,0x00007fa1561b4000], sp=0x00007fa1561b2660, free space=1021k
      Native frames: (J=compiled Java code, A=aot compiled Java code, j=interpreted, Vv=VM code, C=native code)
      J 58% c2 Test.vMeth(II)V (362 bytes) @ 0x00007fa13c318886 [0x00007fa13c3186c0+0x00000000000001c6]

      Disassembly near SIGFPE shows this:

       33 d2 xor edx,edx
       83 fb ff cmp ebx,0xffffffff
       74 03 je 0x00000032
       99 cdq
       f7 fb idiv ebx ; <--- SIGFPE here (division by zero)
       89 14 24 mov DWORD PTR [rsp],edx
       eb 46 jmp 0x0000007d

      And register maps says divisor is indeed zero:
        RBX=0x0 is NULL

        Attachments

        1. 04170.tar.gz
          266 kB
        2. Test.java
          0.5 kB

          Issue Links

            Activity

              People

              • Assignee:
                thartmann Tobias Hartmann
                Reporter:
                shade Aleksey Shipilev
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: