Details
-
Bug
-
Resolution: Unresolved
-
P3
-
16, 17, 18, 19, 20, 21, 22, 23
Description
The attached Java Fuzzer test crashes because a ConvL2I node is split through a phi. The ConvL2I node is a TypeNode since JDK-8256655. In this case, a ConvL2I node has a the type range which is strictly positive and is a divisor of a Div node. As a result, the zero check is removed. When splitting the ConvL2I through a phi, it gets an input whose type includes zero. At runtime, that input is zero and we perform a division by zero and crash with SIGFPE.
We should disallow PhaseIdealLoop::split_thru_phi(() for ConvL2I nodes as we are already disallowing ConvI2L nodes to be split through phis (JDK-6659207). We should also widen ConvL2I types in PhaseIdealLoop::split_up() similar to the widening done for ConvI2L nodes (JDK-6663854).
Reproduce:
$ java -Xcomp -XX:CompileOnly=Test Test.java
$ java -Xcomp -XX:CompileOnly=Reduced Reduced.java
#
# A fatal error has been detected by the Java Runtime Environment:
#
# SIGFPE (0x8) at pc=0x00007f7e289ad285, pid=1806800, tid=1806801
#
# JRE version: Java(TM) SE Runtime Environment (20.0+28) (fastdebug build 20-ea+28-2221)
# Java VM: Java HotSpot(TM) 64-Bit Server VM (fastdebug 20-ea+28-2221, compiled mode, sharing, tiered, compressed oops, compressed class ptrs, g1 gc, linux-amd64)
# Problematic frame:
# J 6 c2 Test.mainTest([Ljava/lang/String;)V (696 bytes) @ 0x00007f7e289ad285 [0x00007f7e289ac0c0+0x00000000000011c5]
..........
Command Line: -Xmx1G -Xcomp -Xbatch -XX:CompileOnly=Test -XX:CompileCommand=quiet -XX:MaxRAMPercentage=4.16667 -Dtest.boot.jdk=/opt/mach5/mesos/work_dir/jib-master/install/jdk/19/36/bundles/linux-x64/jdk-19_linux-x64_bin.tar.gz/jdk-19 -Djava.io.tmpdir=/opt/mach5/mesos/work_dir/slaves/91e16c40-06d4-468a-9fc3-7198a5bb7d5a-S17386/frameworks/1735e8a2-a1db-478c-8104-60c8b0af87dd-0196/executors/d0a86b58-4275-4ebc-86d7-7b8ceb2956eb/runs/0e096938-ca3a-45a0-95d7-6674da96203a/testoutput/test-support/jtreg_closed_test_hotspot_jtreg_applications_javafuzzer_BigTest_java/tmp Test
...........
Current thread (0x00007f7e3802b7d0): JavaThread "main" [_thread_in_Java, id=1806801, stack(0x00007f7e40c94000,0x00007f7e40d95000)]
Stack: [0x00007f7e40c94000,0x00007f7e40d95000], sp=0x00007f7e40d93890, free space=1022k
Native frames: (J=compiled Java code, j=interpreted, Vv=VM code, C=native code)
J 6 c2 Test.mainTest([Ljava/lang/String;)V (696 bytes) @ 0x00007f7e289ad285 [0x00007f7e289ac0c0+0x00000000000011c5]
J 3 c1 Test.main([Ljava/lang/String;)V (45 bytes) @ 0x00007f7e20ee2e7c [0x00007f7e20ee2d20+0x000000000000015c]
v ~StubRoutines::call_stub 0x00007f7e28419d21
V [libjvm.so+0x1032070] JavaCalls::call_helper(JavaValue*, methodHandle const&, JavaCallArguments*, JavaThread*)+0x500 (javaCalls.cpp:417)
V [libjvm.so+0x1177949] jni_invoke_static(JNIEnv_*, JavaValue*, _jobject*, JNICallType, _jmethodID*, JNI_ArgumentPusher*, JavaThread*) [clone .constprop.1]+0x389 (jni.cpp:887)
V [libjvm.so+0x117adf5] jni_CallStaticVoidMethod+0x1b5 (jni.cpp:1711)
C [libjli.so+0x47d5] JavaMain+0xd55 (java.c:547)
C [libjli.so+0x7a29] ThreadJavaMain+0x9 (java_md.c:650)
siginfo: si_signo: 8 (SIGFPE), si_code: 1 (FPE_INTDIV), si_addr: 0x00007f7e289ad285
We should disallow PhaseIdealLoop::split_thru_phi(() for ConvL2I nodes as we are already disallowing ConvI2L nodes to be split through phis (
Reproduce:
$ java -Xcomp -XX:CompileOnly=Test Test.java
$ java -Xcomp -XX:CompileOnly=Reduced Reduced.java
#
# A fatal error has been detected by the Java Runtime Environment:
#
# SIGFPE (0x8) at pc=0x00007f7e289ad285, pid=1806800, tid=1806801
#
# JRE version: Java(TM) SE Runtime Environment (20.0+28) (fastdebug build 20-ea+28-2221)
# Java VM: Java HotSpot(TM) 64-Bit Server VM (fastdebug 20-ea+28-2221, compiled mode, sharing, tiered, compressed oops, compressed class ptrs, g1 gc, linux-amd64)
# Problematic frame:
# J 6 c2 Test.mainTest([Ljava/lang/String;)V (696 bytes) @ 0x00007f7e289ad285 [0x00007f7e289ac0c0+0x00000000000011c5]
..........
Command Line: -Xmx1G -Xcomp -Xbatch -XX:CompileOnly=Test -XX:CompileCommand=quiet -XX:MaxRAMPercentage=4.16667 -Dtest.boot.jdk=/opt/mach5/mesos/work_dir/jib-master/install/jdk/19/36/bundles/linux-x64/jdk-19_linux-x64_bin.tar.gz/jdk-19 -Djava.io.tmpdir=/opt/mach5/mesos/work_dir/slaves/91e16c40-06d4-468a-9fc3-7198a5bb7d5a-S17386/frameworks/1735e8a2-a1db-478c-8104-60c8b0af87dd-0196/executors/d0a86b58-4275-4ebc-86d7-7b8ceb2956eb/runs/0e096938-ca3a-45a0-95d7-6674da96203a/testoutput/test-support/jtreg_closed_test_hotspot_jtreg_applications_javafuzzer_BigTest_java/tmp Test
...........
Current thread (0x00007f7e3802b7d0): JavaThread "main" [_thread_in_Java, id=1806801, stack(0x00007f7e40c94000,0x00007f7e40d95000)]
Stack: [0x00007f7e40c94000,0x00007f7e40d95000], sp=0x00007f7e40d93890, free space=1022k
Native frames: (J=compiled Java code, j=interpreted, Vv=VM code, C=native code)
J 6 c2 Test.mainTest([Ljava/lang/String;)V (696 bytes) @ 0x00007f7e289ad285 [0x00007f7e289ac0c0+0x00000000000011c5]
J 3 c1 Test.main([Ljava/lang/String;)V (45 bytes) @ 0x00007f7e20ee2e7c [0x00007f7e20ee2d20+0x000000000000015c]
v ~StubRoutines::call_stub 0x00007f7e28419d21
V [libjvm.so+0x1032070] JavaCalls::call_helper(JavaValue*, methodHandle const&, JavaCallArguments*, JavaThread*)+0x500 (javaCalls.cpp:417)
V [libjvm.so+0x1177949] jni_invoke_static(JNIEnv_*, JavaValue*, _jobject*, JNICallType, _jmethodID*, JNI_ArgumentPusher*, JavaThread*) [clone .constprop.1]+0x389 (jni.cpp:887)
V [libjvm.so+0x117adf5] jni_CallStaticVoidMethod+0x1b5 (jni.cpp:1711)
C [libjli.so+0x47d5] JavaMain+0xd55 (java.c:547)
C [libjli.so+0x7a29] ThreadJavaMain+0x9 (java_md.c:650)
siginfo: si_signo: 8 (SIGFPE), si_code: 1 (FPE_INTDIV), si_addr: 0x00007f7e289ad285
Attachments
Issue Links
- relates to
-
-
- Resolved
-
-
-
- Closed
-
-
JDK-8256655 rework long counted loop handling
-
- Resolved
-