-
Bug
-
Resolution: Fixed
-
P3
-
9, 10, 11, 12, 13
-
b25
| Issue | Fix Version | Assignee | Priority | Status | Resolution | Resolved In Build |
|---|---|---|---|---|---|---|
| JDK-8226091 | 14 | Tobias Hartmann | P3 | Resolved | Fixed | team |
| JDK-8234568 | 11.0.7-oracle | Tobias Hartmann | P3 | Resolved | Fixed | b01 |
| JDK-8229974 | 11.0.5 | Tobias Hartmann | P3 | Resolved | Fixed | b05 |
Was experimenting with the code that is supposed to crash the JVM on accessing the zero address. However, it meets C2 compilation asserts before that.
This is a simple reproducer:
import java.lang.reflect.Field;
import sun.misc.Unsafe;
public class UnsafeZero {
static final Unsafe U;
static boolean f;
static {
try {
Field f = Unsafe.class.getDeclaredField("theUnsafe");
f.setAccessible(true);
U = (Unsafe) f.get(null);
} catch (Exception e) {
throw new RuntimeException(e);
}
}
public static void main(String... args) {
if (f) { // compile this branch, but don't actually take it during run
U.getInt(0);
}
}
}
When main() is forced to compile with C2, this happens:
$ build/linux-x86_64-server-fastdebug/images/jdk/bin/java -Xcomp -Xbatch -XX:-TieredCompilation UnsafeZero
# To suppress the following error report, specify this argument
# after -XX: or in .hotspotrc: SuppressErrorAt=/compile.cpp:1758
#
# A fatal error has been detected by the Java Runtime Environment:
#
# Internal Error (/home/shade/trunks/jdk-jdk/src/hotspot/share/opto/compile.cpp:1758), pid=5337, tid=5348
# assert(flat != TypePtr::BOTTOM) failed: cannot alias-analyze an untyped ptr: adr_type = NULL
#
# JRE version: OpenJDK Runtime Environment (13.0) (fastdebug build 13-internal+0-adhoc.shade.jdk-jdk)
# Java VM: OpenJDK 64-Bit Server VM (fastdebug 13-internal+0-adhoc.shade.jdk-jdk, compiled mode, sharing, compressed oops, g1 gc, linux-amd64)
# Problematic frame:
# V [libjvm.so+0x9ae985] Compile::find_alias_type(TypePtr const*, bool, ciField*)+0x3f5
#
# Core dump will be written. Default location: Core dumps may be processed with "/usr/share/apport/apport %p %s %c %d %P" (or dumping to /home/shade/trunks/jdk-jdk/core.5337)
#
# An error report file with more information is saved as:
# /home/shade/trunks/jdk-jdk/hs_err_pid5337.log
#
# Compiler replay data is saved as:
# /home/shade/trunks/jdk-jdk/replay_pid5337.log
#
# If you would like to submit a bug report, please visit:
# http://bugreport.java.com/bugreport/crash.jsp
#
Current thread is 5348
Dumping core ...
Aborted (core dumped)
Works fine with -Xint and C1.
This is a simple reproducer:
import java.lang.reflect.Field;
import sun.misc.Unsafe;
public class UnsafeZero {
static final Unsafe U;
static boolean f;
static {
try {
Field f = Unsafe.class.getDeclaredField("theUnsafe");
f.setAccessible(true);
U = (Unsafe) f.get(null);
} catch (Exception e) {
throw new RuntimeException(e);
}
}
public static void main(String... args) {
if (f) { // compile this branch, but don't actually take it during run
U.getInt(0);
}
}
}
When main() is forced to compile with C2, this happens:
$ build/linux-x86_64-server-fastdebug/images/jdk/bin/java -Xcomp -Xbatch -XX:-TieredCompilation UnsafeZero
# To suppress the following error report, specify this argument
# after -XX: or in .hotspotrc: SuppressErrorAt=/compile.cpp:1758
#
# A fatal error has been detected by the Java Runtime Environment:
#
# Internal Error (/home/shade/trunks/jdk-jdk/src/hotspot/share/opto/compile.cpp:1758), pid=5337, tid=5348
# assert(flat != TypePtr::BOTTOM) failed: cannot alias-analyze an untyped ptr: adr_type = NULL
#
# JRE version: OpenJDK Runtime Environment (13.0) (fastdebug build 13-internal+0-adhoc.shade.jdk-jdk)
# Java VM: OpenJDK 64-Bit Server VM (fastdebug 13-internal+0-adhoc.shade.jdk-jdk, compiled mode, sharing, compressed oops, g1 gc, linux-amd64)
# Problematic frame:
# V [libjvm.so+0x9ae985] Compile::find_alias_type(TypePtr const*, bool, ciField*)+0x3f5
#
# Core dump will be written. Default location: Core dumps may be processed with "/usr/share/apport/apport %p %s %c %d %P" (or dumping to /home/shade/trunks/jdk-jdk/core.5337)
#
# An error report file with more information is saved as:
# /home/shade/trunks/jdk-jdk/hs_err_pid5337.log
#
# Compiler replay data is saved as:
# /home/shade/trunks/jdk-jdk/replay_pid5337.log
#
# If you would like to submit a bug report, please visit:
# http://bugreport.java.com/bugreport/crash.jsp
#
Current thread is 5348
Dumping core ...
Aborted (core dumped)
Works fine with -Xint and C1.
- backported by
-
JDK-8226091 Unsafe access C2 compile fails with assert(flat != TypePtr::BOTTOM) failed: cannot alias-analyze an untyped ptr: adr_type = NULL
-
- Resolved
-
-
-
- Resolved
-
-
-
- Resolved
-
- relates to
-
JDK-8225653 Provide more information when hitting SIGILL from HaltNode
-
- Resolved
-