-
Type:
Bug
-
Resolution: Unresolved
-
Priority:
P3
-
None
-
Affects Version/s: 25.0.1
-
Component/s: hotspot
-
generic
A DESCRIPTION OF THE PROBLEM :
SIGSEGV in C2 CompilerThread during Escape Analysis optimization on JDK 25.0.1+8-27.
Crash frame:
V [libjvm.so+0xd9130e] LoadNode::can_split_through_phi_base(PhaseGVN*)+0x2e
Native stack trace:
LoadNode::can_split_through_phi_base(PhaseGVN*)+0x2e
ConnectionGraph::can_reduce_check_users(Node*, unsigned int) const+0x383
ConnectionGraph::can_reduce_check_users(Node*, unsigned int) const+0x21e
ConnectionGraph::adjust_scalar_replaceable_state(JavaObjectNode*, Unique_Node_List&)+0x334
ConnectionGraph::compute_escape()+0x158e
ConnectionGraph::do_analysis(Compile*, PhaseIterGVN*)+0xf4
Compile::Optimize()+0xcf2
The crash is a null pointer dereference (RAX=0x0, si_addr=0x000000000000002c) inside can_split_through_phi_base, called from Escape Analysis's ConnectionGraph::can_reduce_check_users.
Method being compiled at crash: <redacted application method> (10 bytes), tier 4 (C2), compilation ID 66933.
This is reproducible — we have seen the same crash frame (LoadNode::can_split_through_phi_base+0x2e) on two separate occasions compiling different methods.
Environment:
- JDK: OpenJDK 25.0.1+8-27
- OS: Rocky Linux 9.4, Intel Xeon Gold 6442Y, 48 cores, 251G RAM
- GC: ZGC
- Relevant flags: -XX:-DontCompileHugeMethods -XX:MaxBCEAEstimateSize=300
Compiler replay log is available on request.
Full hs_err log is available on request.
REGRESSION : Java version that customer using for null
SIGSEGV in C2 CompilerThread during Escape Analysis optimization on JDK 25.0.1+8-27.
Crash frame:
V [libjvm.so+0xd9130e] LoadNode::can_split_through_phi_base(PhaseGVN*)+0x2e
Native stack trace:
LoadNode::can_split_through_phi_base(PhaseGVN*)+0x2e
ConnectionGraph::can_reduce_check_users(Node*, unsigned int) const+0x383
ConnectionGraph::can_reduce_check_users(Node*, unsigned int) const+0x21e
ConnectionGraph::adjust_scalar_replaceable_state(JavaObjectNode*, Unique_Node_List&)+0x334
ConnectionGraph::compute_escape()+0x158e
ConnectionGraph::do_analysis(Compile*, PhaseIterGVN*)+0xf4
Compile::Optimize()+0xcf2
The crash is a null pointer dereference (RAX=0x0, si_addr=0x000000000000002c) inside can_split_through_phi_base, called from Escape Analysis's ConnectionGraph::can_reduce_check_users.
Method being compiled at crash: <redacted application method> (10 bytes), tier 4 (C2), compilation ID 66933.
This is reproducible — we have seen the same crash frame (LoadNode::can_split_through_phi_base+0x2e) on two separate occasions compiling different methods.
Environment:
- JDK: OpenJDK 25.0.1+8-27
- OS: Rocky Linux 9.4, Intel Xeon Gold 6442Y, 48 cores, 251G RAM
- GC: ZGC
- Relevant flags: -XX:-DontCompileHugeMethods -XX:MaxBCEAEstimateSize=300
Compiler replay log is available on request.
Full hs_err log is available on request.
REGRESSION : Java version that customer using for null