P2
Running 32-bit java on Linux system give crash with SIGFPE:
java -XX:+UseConcMarkSweepGC -XX:MinTLABSize=4294967295 -version
#
# A fatal error has been detected by the Java Runtime Environment:
#
# SIGFPE (0x8) at pc=0xf6657ee8, pid=11974, tid=11975
#
# JRE version: (9.0) (build )
# Java VM: Java HotSpot(TM) Server VM (9-internal+0-2015-12-07-211223.jprtadm.s, mixed mode, tiered, concurrent mark sweep gc, linux-x86)
# Problematic frame:
# V [libjvm.so+0x7b6ee8] CMSCollector::CMSCollector(ConcurrentMarkSweepGeneration*, CardTableRS*, ConcurrentMarkSweepPolicy*)+0xa88
#
# Core dump will be written. Default location: Core dumps may be processed with "/usr/share/apport/apport %p %s %c" (or dumping to /home/dmitry/work/bugs/8144578.CLOV_pass_options/bundle.i586/bin/core.11974)
#
# An error report file with more information is saved as:
# /home/dmitry/work/bugs/8144578.CLOV_pass_options/bundle.i586/bin/hs_err_pid11974.log
#
...
I think that division by zero is happened in the following part of the code in CMSCollector::CMSCollector constructor(hotspot/src/share/vm/gc/cms/concurrentMarkSweepGeneration.cpp module):
CMSCollector::CMSCollector(ConcurrentMarkSweepGeneration* cmsGen,
CardTableRS* ct,
ConcurrentMarkSweepPolicy* cp):
...
// Support for parallelizing survivor space rescan
if ((CMSParallelRemarkEnabled && CMSParallelSurvivorRemarkEnabled) || CMSParallelInitialMarkEnabled) {
const size_t max_plab_samples =
_young_gen->max_survivor_size() / (PLAB::min_size() * HeapWordSize);
...
PLAB::min_size() returns 'align_object_size(MAX2(MinTLABSize / HeapWordSize, (uintx)oopDesc::header_size())) + AlignmentReserve'.
Thus it seems that 'PLAB::min_size() * HeapWordSize' is overflow to 0.
Range for MinTLABSize is (1,max_uintx). MinTLABSize is divided on HeapWordSize, but adding AlignmentReserve can cause overflow in CMSCollector::CMSCollector constructor.
Thus, range or constraint should be corrected for MinTLABSize flag.
I think that new test is not needed, because this flag will be tested for non-G1 GC mode after fixingJDK-8144578.
java -XX:+UseConcMarkSweepGC -XX:MinTLABSize=4294967295 -version
#
# A fatal error has been detected by the Java Runtime Environment:
#
# SIGFPE (0x8) at pc=0xf6657ee8, pid=11974, tid=11975
#
# JRE version: (9.0) (build )
# Java VM: Java HotSpot(TM) Server VM (9-internal+0-2015-12-07-211223.jprtadm.s, mixed mode, tiered, concurrent mark sweep gc, linux-x86)
# Problematic frame:
# V [libjvm.so+0x7b6ee8] CMSCollector::CMSCollector(ConcurrentMarkSweepGeneration*, CardTableRS*, ConcurrentMarkSweepPolicy*)+0xa88
#
# Core dump will be written. Default location: Core dumps may be processed with "/usr/share/apport/apport %p %s %c" (or dumping to /home/dmitry/work/bugs/8144578.CLOV_pass_options/bundle.i586/bin/core.11974)
#
# An error report file with more information is saved as:
# /home/dmitry/work/bugs/8144578.CLOV_pass_options/bundle.i586/bin/hs_err_pid11974.log
#
...
I think that division by zero is happened in the following part of the code in CMSCollector::CMSCollector constructor(hotspot/src/share/vm/gc/cms/concurrentMarkSweepGeneration.cpp module):
CMSCollector::CMSCollector(ConcurrentMarkSweepGeneration* cmsGen,
CardTableRS* ct,
ConcurrentMarkSweepPolicy* cp):
...
// Support for parallelizing survivor space rescan
if ((CMSParallelRemarkEnabled && CMSParallelSurvivorRemarkEnabled) || CMSParallelInitialMarkEnabled) {
const size_t max_plab_samples =
_young_gen->max_survivor_size() / (PLAB::min_size() * HeapWordSize);
...
PLAB::min_size() returns 'align_object_size(MAX2(MinTLABSize / HeapWordSize, (uintx)oopDesc::header_size())) + AlignmentReserve'.
Thus it seems that 'PLAB::min_size() * HeapWordSize' is overflow to 0.
Range for MinTLABSize is (1,max_uintx). MinTLABSize is divided on HeapWordSize, but adding AlignmentReserve can cause overflow in CMSCollector::CMSCollector constructor.
Thus, range or constraint should be corrected for MinTLABSize flag.
I think that new test is not needed, because this flag will be tested for non-G1 GC mode after fixing
- relates to
-
JDK-8144578 TestOptionsWithRanges test only ever uses the default collector
-
- Resolved
-