-
Bug
-
Resolution: Unresolved
-
P3
-
19.0.1
-
s390x
-
linux
ADDITIONAL SYSTEM INFORMATION :
musl libc (1.2.3)
s390x
alpine edge
openjdk 19.0.1+10 (built with gcc 12.2.1)
A DESCRIPTION OF THE PROBLEM :
Running "StringBuilder.replace()" to replace n chars with n-x chars results in an SIGFPE.
I think it has something to do with gcc 12, as the issue is reproducible for all our jdk builds since jdk9.
gdb prints the following stacktrace:
---
Thread 2 "java" received signal SIGFPE, Arithmetic exception.
[Switching to LWP 35928]
memcpy (__n=3, __os=0x628415153, __od=0x628415152) at /usr/include/fortify/string.h:53
53 return __builtin_memcpy(__od, __os, __n);
(gdb) bt
#0 memcpy (__n=3, __os=0x628415153, __od=0x628415152) at /usr/include/fortify/string.h:53
#1 Copy::pd_conjoint_bytes (count=3, to=0x628415152, from=0x628415153) at /home/builder/aports/testing/openjdk19/src/jdk19u-jdk-19.0.1-ga/src/hotspot/cpu/s390/copy_s390.hpp:861
#2 Copy::conjoint_jbytes (count=3, to=0x628415152, from=0x628415153) at /home/builder/aports/testing/openjdk19/src/jdk19u-jdk-19.0.1-ga/src/hotspot/share/utilities/copy.hpp:120
#3 Copy::conjoint_memory_atomic (from=from@entry=0x628415153, to=to@entry=0x628415152, size=size@entry=3) at /home/builder/aports/testing/openjdk19/src/jdk19u-jdk-19.0.1-ga/src/hotspot/share/utilities/copy.cpp:52
#4 0x000003fffc49af16 in AccessInternal::arraycopy_conjoint_atomic<void> (src=src@entry=0x628415153, dst=dst@entry=0x628415152, length=length@entry=3)
at /home/builder/aports/testing/openjdk19/src/jdk19u-jdk-19.0.1-ga/src/hotspot/share/oops/accessBackend.cpp:207
#5 0x000003fffd6e278e in RawAccessBarrierArrayCopy::arraycopy<67108928ul, void> (length=3, dst_raw=0x628415152, dst_offset_in_bytes=18, dst_obj=..., src_raw=0x628415153, src_offset_in_bytes=18, src_obj=...)
at /home/builder/aports/testing/openjdk19/src/jdk19u-jdk-19.0.1-ga/src/hotspot/share/oops/accessBackend.inline.hpp:333
#6 RawAccessBarrier<67108928ul>::arraycopy<void> (length=3, dst_raw=0x0, dst_offset_in_bytes=18, dst_obj=..., src_raw=0x0, src_offset_in_bytes=18, src_obj=...)
at /home/builder/aports/testing/openjdk19/src/jdk19u-jdk-19.0.1-ga/src/hotspot/share/oops/accessBackend.inline.hpp:344
#7 AccessInternal::PreRuntimeDispatch::arraycopy<68429888ul, void> (length=3, dst_raw=0x0, dst_offset_in_bytes=18, dst_obj=..., src_raw=0x0, src_offset_in_bytes=18, src_obj=...)
at /home/builder/aports/testing/openjdk19/src/jdk19u-jdk-19.0.1-ga/src/hotspot/share/oops/accessBackend.hpp:885
#8 AccessInternal::PreRuntimeDispatch::arraycopy<68427840ul, void> (length=3, dst_raw=0x0, dst_offset_in_bytes=18, dst_obj=..., src_raw=0x0, src_offset_in_bytes=18, src_obj=...)
at /home/builder/aports/testing/openjdk19/src/jdk19u-jdk-19.0.1-ga/src/hotspot/share/oops/accessBackend.hpp:918
#9 AccessInternal::arraycopy_reduce_types<68427840ul, void> (length=3, dst_raw=0x0, dst_offset_in_bytes=18, dst_obj=..., src_raw=0x0, src_offset_in_bytes=18, src_obj=...)
at /home/builder/aports/testing/openjdk19/src/jdk19u-jdk-19.0.1-ga/src/hotspot/share/oops/accessBackend.hpp:1059
#10 AccessInternal::arraycopy<68419584ul, void> (length=3, dst_raw=0x0, dst_offset_in_bytes=18, dst_obj=..., src_raw=0x0, src_offset_in_bytes=18, src_obj=...)
at /home/builder/aports/testing/openjdk19/src/jdk19u-jdk-19.0.1-ga/src/hotspot/share/oops/accessBackend.hpp:1223
#11 Access<68419584ul>::arraycopy<void> (length=3, dst_raw=0x0, dst_offset_in_bytes=18, dst_obj=..., src_raw=0x0, src_offset_in_bytes=18, src_obj=...)
at /home/builder/aports/testing/openjdk19/src/jdk19u-jdk-19.0.1-ga/src/hotspot/share/oops/access.hpp:148
#12 ArrayAccess<67108864ul>::arraycopy<void> (src_obj=..., src_offset_in_bytes=src_offset_in_bytes@entry=19, dst_obj=..., dst_offset_in_bytes=dst_offset_in_bytes@entry=18, length=length@entry=3)
at /home/builder/aports/testing/openjdk19/src/jdk19u-jdk-19.0.1-ga/src/hotspot/share/oops/access.hpp:297
#13 0x000003fffd6e2f5a in TypeArrayKlass::copy_array (this=<optimized out>, s=..., src_pos=<optimized out>, d=..., dst_pos=<optimized out>, length=3, __the_thread__=0x3fffdef1020)
at /home/builder/aports/testing/openjdk19/src/jdk19u-jdk-19.0.1-ga/src/hotspot/share/oops/oopsHierarchy.hpp:86
#14 0x000003fffcf96d2e in JVM_ArrayCopy (env=0x3fffdef1348, ignored=<optimized out>, src=<optimized out>, src_pos=<optimized out>, dst=<optimized out>, dst_pos=2, length=3)
at /home/builder/aports/testing/openjdk19/src/jdk19u-jdk-19.0.1-ga/src/hotspot/share/prims/jvm.cpp:300
#15 0x000003ffebccdfee in ?? ()
PC not saved
---
The crash only happens on s390x and jdk9+, the other archs or jdk8 are ok (x86_64, ppc64le, aarch64)
REGRESSION : Last worked in version 8u351
STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
java Test.java
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
No crash
ACTUAL -
Crash with SIGFPE
---------- BEGIN SOURCE ----------
public class Test {
public static void main(String[] args) { new StringBuilder("foobar").replace(1, 3, "x"); }
}
---------- END SOURCE ----------
FREQUENCY : always
musl libc (1.2.3)
s390x
alpine edge
openjdk 19.0.1+10 (built with gcc 12.2.1)
A DESCRIPTION OF THE PROBLEM :
Running "StringBuilder.replace()" to replace n chars with n-x chars results in an SIGFPE.
I think it has something to do with gcc 12, as the issue is reproducible for all our jdk builds since jdk9.
gdb prints the following stacktrace:
---
Thread 2 "java" received signal SIGFPE, Arithmetic exception.
[Switching to LWP 35928]
memcpy (__n=3, __os=0x628415153, __od=0x628415152) at /usr/include/fortify/string.h:53
53 return __builtin_memcpy(__od, __os, __n);
(gdb) bt
#0 memcpy (__n=3, __os=0x628415153, __od=0x628415152) at /usr/include/fortify/string.h:53
#1 Copy::pd_conjoint_bytes (count=3, to=0x628415152, from=0x628415153) at /home/builder/aports/testing/openjdk19/src/jdk19u-jdk-19.0.1-ga/src/hotspot/cpu/s390/copy_s390.hpp:861
#2 Copy::conjoint_jbytes (count=3, to=0x628415152, from=0x628415153) at /home/builder/aports/testing/openjdk19/src/jdk19u-jdk-19.0.1-ga/src/hotspot/share/utilities/copy.hpp:120
#3 Copy::conjoint_memory_atomic (from=from@entry=0x628415153, to=to@entry=0x628415152, size=size@entry=3) at /home/builder/aports/testing/openjdk19/src/jdk19u-jdk-19.0.1-ga/src/hotspot/share/utilities/copy.cpp:52
#4 0x000003fffc49af16 in AccessInternal::arraycopy_conjoint_atomic<void> (src=src@entry=0x628415153, dst=dst@entry=0x628415152, length=length@entry=3)
at /home/builder/aports/testing/openjdk19/src/jdk19u-jdk-19.0.1-ga/src/hotspot/share/oops/accessBackend.cpp:207
#5 0x000003fffd6e278e in RawAccessBarrierArrayCopy::arraycopy<67108928ul, void> (length=3, dst_raw=0x628415152, dst_offset_in_bytes=18, dst_obj=..., src_raw=0x628415153, src_offset_in_bytes=18, src_obj=...)
at /home/builder/aports/testing/openjdk19/src/jdk19u-jdk-19.0.1-ga/src/hotspot/share/oops/accessBackend.inline.hpp:333
#6 RawAccessBarrier<67108928ul>::arraycopy<void> (length=3, dst_raw=0x0, dst_offset_in_bytes=18, dst_obj=..., src_raw=0x0, src_offset_in_bytes=18, src_obj=...)
at /home/builder/aports/testing/openjdk19/src/jdk19u-jdk-19.0.1-ga/src/hotspot/share/oops/accessBackend.inline.hpp:344
#7 AccessInternal::PreRuntimeDispatch::arraycopy<68429888ul, void> (length=3, dst_raw=0x0, dst_offset_in_bytes=18, dst_obj=..., src_raw=0x0, src_offset_in_bytes=18, src_obj=...)
at /home/builder/aports/testing/openjdk19/src/jdk19u-jdk-19.0.1-ga/src/hotspot/share/oops/accessBackend.hpp:885
#8 AccessInternal::PreRuntimeDispatch::arraycopy<68427840ul, void> (length=3, dst_raw=0x0, dst_offset_in_bytes=18, dst_obj=..., src_raw=0x0, src_offset_in_bytes=18, src_obj=...)
at /home/builder/aports/testing/openjdk19/src/jdk19u-jdk-19.0.1-ga/src/hotspot/share/oops/accessBackend.hpp:918
#9 AccessInternal::arraycopy_reduce_types<68427840ul, void> (length=3, dst_raw=0x0, dst_offset_in_bytes=18, dst_obj=..., src_raw=0x0, src_offset_in_bytes=18, src_obj=...)
at /home/builder/aports/testing/openjdk19/src/jdk19u-jdk-19.0.1-ga/src/hotspot/share/oops/accessBackend.hpp:1059
#10 AccessInternal::arraycopy<68419584ul, void> (length=3, dst_raw=0x0, dst_offset_in_bytes=18, dst_obj=..., src_raw=0x0, src_offset_in_bytes=18, src_obj=...)
at /home/builder/aports/testing/openjdk19/src/jdk19u-jdk-19.0.1-ga/src/hotspot/share/oops/accessBackend.hpp:1223
#11 Access<68419584ul>::arraycopy<void> (length=3, dst_raw=0x0, dst_offset_in_bytes=18, dst_obj=..., src_raw=0x0, src_offset_in_bytes=18, src_obj=...)
at /home/builder/aports/testing/openjdk19/src/jdk19u-jdk-19.0.1-ga/src/hotspot/share/oops/access.hpp:148
#12 ArrayAccess<67108864ul>::arraycopy<void> (src_obj=..., src_offset_in_bytes=src_offset_in_bytes@entry=19, dst_obj=..., dst_offset_in_bytes=dst_offset_in_bytes@entry=18, length=length@entry=3)
at /home/builder/aports/testing/openjdk19/src/jdk19u-jdk-19.0.1-ga/src/hotspot/share/oops/access.hpp:297
#13 0x000003fffd6e2f5a in TypeArrayKlass::copy_array (this=<optimized out>, s=..., src_pos=<optimized out>, d=..., dst_pos=<optimized out>, length=3, __the_thread__=0x3fffdef1020)
at /home/builder/aports/testing/openjdk19/src/jdk19u-jdk-19.0.1-ga/src/hotspot/share/oops/oopsHierarchy.hpp:86
#14 0x000003fffcf96d2e in JVM_ArrayCopy (env=0x3fffdef1348, ignored=<optimized out>, src=<optimized out>, src_pos=<optimized out>, dst=<optimized out>, dst_pos=2, length=3)
at /home/builder/aports/testing/openjdk19/src/jdk19u-jdk-19.0.1-ga/src/hotspot/share/prims/jvm.cpp:300
#15 0x000003ffebccdfee in ?? ()
PC not saved
---
The crash only happens on s390x and jdk9+, the other archs or jdk8 are ok (x86_64, ppc64le, aarch64)
REGRESSION : Last worked in version 8u351
STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
java Test.java
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
No crash
ACTUAL -
Crash with SIGFPE
---------- BEGIN SOURCE ----------
public class Test {
public static void main(String[] args) { new StringBuilder("foobar").replace(1, 3, "x"); }
}
---------- END SOURCE ----------
FREQUENCY : always