Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8270886

Crash in PhaseIdealLoop::verify_strip_mined_scheduling



    • b09



        Several fuzzer generated tests trigger crashes/asserts because the OuterStripMinedLoopEnd main_head->outer_loop()->outer_loop_tail() only has an IfTrue projection.

        For example, with attached SDD87.java we fail because sfpt = head->as_Loop()->outer_safepoint() is
        NULL, because loop->_head->outer_loop_tail() only has an IfTrue projection:

        # A fatal error has been detected by the Java Runtime Environment:
        # SIGSEGV (0xb) at pc=0x00007fdf1d8794ec, pid=9384, tid=9397
        # JRE version: Java(TM) SE Runtime Environment (18.0) (fastdebug build 18-internal+0-2021-07-15-1125012.tobias...)
        # Java VM: Java HotSpot(TM) 64-Bit Server VM (fastdebug 18-internal+0-2021-07-15-1125012.tobias..., mixed mode, tiered, compressed oops, compressed class ptrs, g1 gc, linux-amd64)
        # Problematic frame:
        # V [libjvm.so+0x12bb4ec] Node::in(unsigned int) const [clone .constprop.1]+0xc
        # Core dump will be written. Default location: Core dumps may be processed with "/usr/share/apport/apport %p %s %c %d %P %E" (or dumping to /home/tobias/Downloads/32703210/core.9384)
        # If you would like to submit a bug report, please visit:
        # https://bugreport.java.com/bugreport/crash.jsp

        --------------- S U M M A R Y ------------

        Command Line: SDD87

        Host: prometheus, Intel(R) Core(TM) i7-9850H CPU @ 2.60GHz, 12 cores, 31G, Ubuntu 20.04.2 LTS
        Time: Mon Jul 19 08:47:12 2021 CEST elapsed time: 0.285794 seconds (0d 0h 0m 0s)

        --------------- T H R E A D ---------------

        Current thread (0x00007fdf182ed9e0): JavaThread "C2 CompilerThread0" daemon [_thread_in_native, id=9397, stack(0x00007fdee5739000,0x00007fdee583a000)]

        Current CompileTask:
        C2: 285 283 ! 4 SDD87::mainTest (845 bytes)

        Stack: [0x00007fdee5739000,0x00007fdee583a000], sp=0x00007fdee58341a0, free space=1004k
        Native frames: (J=compiled Java code, j=interpreted, Vv=VM code, C=native code)
        V [libjvm.so+0x12bb4ec] Node::in(unsigned int) const [clone .constprop.1]+0xc
        V [libjvm.so+0x12cfbc3] PhaseIdealLoop::verify_strip_mined_scheduling(Node*, Node*)+0x93
        V [libjvm.so+0x12dd0f2] PhaseIdealLoop::build_loop_late_post_work(Node*, bool)+0x122
        V [libjvm.so+0x12dd77a] PhaseIdealLoop::build_loop_late(VectorSet&, Node_List&, Node_Stack&)+0xba
        V [libjvm.so+0x12de0e7] PhaseIdealLoop::build_and_optimize(LoopOptsMode)+0x507
        V [libjvm.so+0x9fb46c] PhaseIdealLoop::optimize(PhaseIterGVN&, LoopOptsMode)+0x28c
        V [libjvm.so+0x9f7d5f] Compile::Optimize()+0x127f
        V [libjvm.so+0x9f9a24] Compile::Compile(ciEnv*, ciMethod*, int, bool, bool, bool, bool, bool, DirectiveSet*)+0x1564
        V [libjvm.so+0x819aa6] C2Compiler::compile_method(ciEnv*, ciMethod*, int, bool, DirectiveSet*)+0x646
        V [libjvm.so+0xa0a4e9] CompileBroker::invoke_compiler_on_method(CompileTask*)+0xef9
        V [libjvm.so+0xa0b218] CompileBroker::compiler_thread_loop()+0x598
        V [libjvm.so+0x186728c] JavaThread::thread_main_inner()+0x27c
        V [libjvm.so+0x186da30] Thread::call_run()+0x100
        V [libjvm.so+0x1550bf4] thread_native_entry(Thread*)+0x104

        These issues were reported by John Jiang (johnsjiang@tencent.com)


          1. FuzzerUtils.java
            13 kB
          2. SDD56.java
            4 kB
          3. SDD62.java
            5 kB
          4. SDD87.java
            5 kB
          5. Test.java
            0.4 kB

          Issue Links



                roland Roland Westrelin
                thartmann Tobias Hartmann
                0 Vote for this issue
                6 Start watching this issue