Details
-
Bug
-
Resolution: Fixed
-
P2
-
8, 11, 16, 17, 18
-
b31
-
Verified
Backports
Issue | Fix Version | Assignee | Priority | Status | Resolution | Resolved In Build |
---|---|---|---|---|---|---|
JDK-8270428 | 18 | Christian Hagedorn | P2 | Resolved | Fixed | b06 |
JDK-8270752 | 17.0.1 | Christian Hagedorn | P2 | Resolved | Fixed | b03 |
JDK-8270544 | 11.0.13-oracle | Tobias Hartmann | P2 | Closed | Fixed | b03 |
JDK-8271393 | 11.0.13 | Martin Doerr | P2 | Resolved | Fixed | b01 |
Description
Unpack the attached fuzzer test, then run:
$ ../build/linux-x86_64-server-fastdebug/images/jdk/bin/java -XX:+UnlockDiagnosticVMOptions -XX:+StressGCM -Xcomp -XX:CompileOnly=Test -XX:-TieredCompilation Test
...
#
# A fatal error has been detected by the Java Runtime Environment:
#
# SIGSEGV (0xb) at pc=0x00007fcb890764b2, pid=2545770, tid=2545771
#
# JRE version: OpenJDK Runtime Environment (18.0) (fastdebug build 18-internal+0-adhoc.shade.jdk)
# Java VM: OpenJDK 64-Bit Server VM (fastdebug 18-internal+0-adhoc.shade.jdk, compiled mode, sharing, compressed oops, compressed class ptrs, g1 gc, linux-amd64)
# Problematic frame:
# J 5 c2 Test.vMeth(I)V (215 bytes) @ 0x00007fcb890764b2 [0x00007fcb89076340+0x0000000000000172]
#
# Core dump will be written. Default location: Core dumps may be processed with "/usr/share/apport/apport %p %s %c %d %P %E" (or dumping to /home/shade/trunks/jdk/0024/core.2545770)
Note it crashes in the generated code (presumably the on unhandled null-ptr / range-check), and seems to only crash with -XX:+StressGCM.
Bisection shows it started with
Attachments
Issue Links
- backported by
-
JDK-8270428 C2: Out of bounds array load floats above its range check in loop peeling resulting in SEGV
- Resolved
-
JDK-8270752 C2: Out of bounds array load floats above its range check in loop peeling resulting in SEGV
- Resolved
-
JDK-8271393 C2: Out of bounds array load floats above its range check in loop peeling resulting in SEGV
- Resolved
-
JDK-8270544 C2: Out of bounds array load floats above its range check in loop peeling resulting in SEGV
- Closed
- relates to
-
JDK-8257498 Remove useless skeleton predicates
- Resolved
- links to
-
Commit openjdk/jdk11u-dev/6e60332c
-
Commit openjdk/jdk17/040c02b9
-
Review openjdk/jdk11u-dev/166
-
Review openjdk/jdk17/235