Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8054478

C2: Incorrectly compiled char[] array access crashes JVM

    XMLWordPrintable

Details

    • b42
    • x86_64
    • Verified

    Backports

      Description

        The following test case demonstrates the problem.
        Run java -XX:CompileOnly=CharArrayCrash CharArrayCrash

        The program crashes in mixed or -Xcomp mode. Works fine with -Xint.
        Also works well on 6u37. Crashes on 7u67 and 8u11.
        The issue can be reproduced on amd64 only.


        public class CharArrayCrash {
            static char[] pattern0 = {0};
            static char[] pattern1 = {1};

            static void test(char[] array) {
                if (pattern1 == null) return;

                int i = 0;
                int pos = 0;
                char c = array[pos];

                while (i >= 0 && (c == pattern0[i] || c == pattern1[i])) {
                    i--;
                    pos--;
                    if (pos != -1) {
                        c = array[pos];
                    }
                }
            }

            public static void main(String[] args) {
                for (int i = 0; i < 1000000; i++) {
                    test(new char[1]);
                }
            }
        }


        hs_err.log attached.
        The ACCESS_VIOLATION happens at
            movzx r11d,WORD PTR [rdx+r8*2+0x10]
        that stands for `caload` bytecode.
        `rdx` here is a valid char[] oop, but the offset is illegal: `r8` = 0xffffffff

        Attachments

          Issue Links

            backported by

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8067530 C2: Incorrectly compiled char[] array access crashes JVM

            • P2 - Crashes, loss of data, severe memory leak.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8070918 C2: Incorrectly compiled char[] array access crashes JVM

            • P2 - Crashes, loss of data, severe memory leak.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8072228 C2: Incorrectly compiled char[] array access crashes JVM

            • P2 - Crashes, loss of data, severe memory leak.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8083266 C2: Incorrectly compiled char[] array access crashes JVM

            • P2 - Crashes, loss of data, severe memory leak.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8062149 C2: Incorrectly compiled char[] array access crashes JVM

            • P2 - Crashes, loss of data, severe memory leak.
            • Closed

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8062150 C2: Incorrectly compiled char[] array access crashes JVM

            • P2 - Crashes, loss of data, severe memory leak.
            • Closed
            relates to

            Bug - A problem which impairs or prevents the functions of the product. JDK-8065965 3% performance regression on SPECjvm2008-Crypto-G1 on x64 following 8054478

            • P5 - Cosmetic problem like misspelt words or misaligned text.
            • Resolved

            Bug - A problem which impairs or prevents the functions of the product. JDK-8066045 opto/node.hpp:355, assert(i < _max) failed: oob: i=1, _max=1

            • P2 - Crashes, loss of data, severe memory leak.
            • Closed

            Bug - A problem which impairs or prevents the functions of the product. JDK-8066775 opto/node.hpp:355, assert(i < _max) failed: oob: i=1, _max=1

            • P2 - Crashes, loss of data, severe memory leak.
            • Closed

            Bug - A problem which impairs or prevents the functions of the product. JDK-8073184 Compile of java.lang.Integer::getChars fails with LoopLimitCheck = false after 8054478

            • P2 - Crashes, loss of data, severe memory leak.
            • Closed

            Activity

              People

                roland Roland Westrelin
                apangin Andrei Pangin
                Votes:
                0 Vote for this issue
                Watchers:
                6 Start watching this issue

                Dates

                  Created:
                  Updated:
                  Resolved: