United StatesChange Country, Oracle Worldwide Web Sites Communities I am a... I want to...
Bug ID: JDK-6479823 Failure in MultiNode::proj_out() during CTW.
JDK-6479823 : Failure in MultiNode::proj_out() during CTW.

Details
Type:
Bug
Submit Date:
2006-10-09
Status:
Resolved
Updated Date:
2010-04-03
Project Name:
JDK
Resolved Date:
2006-11-14
Component:
hotspot
OS:
solaris_9
Sub-Component:
compiler
CPU:
sparc
Priority:
P4
Resolution:
Fixed
Affected Versions:
7
Fixed Versions:
hs10 (b03)

Related Reports
Backport:
Backport:

Sub Tasks

Description
After the fix 6472714 which looks for a Control projection of
a CallDynamicJava node we got this failure:

% gamma -Xss4m -verify -XX:-ShowMessageBoxOnError -XX:+CompileTheWorld -XX:CompileTheWorldStartAt=3000 -Xbootclasspath/p:/net/vmsqe.sfbay/export/backup/testbase/CompileTheWorld/jarfiles/compstudio.jar
...
CompileTheWorld (3748) : textuality/lark/Handler
CompileTheWorld (3749) : textuality/lark/Lark
#
# An unexpected error has been detected by Java Runtime Environment:
#
#  SIGSEGV (0xb) at pc=0xfe21a882, pid=21118, tid=11
#
# Java VM: Java HotSpot(TM) Server VM (1.6.0-internal-debug mixed mode)
# Problematic frame:
# V  [libjvm.so+0x21a882]
#
# An error report file with more information is saved as hs_err_pid21118.log
#
# If you would like to submit a bug report, please visit:
#   http://java.sun.com/webapps/bugreport/crash.jsp
#
Current thread is 11
Dumping core ...
Abort

fez% hs_err hs_err_pid21118.log
#
# An unexpected error has been detected by Java Runtime Environment:
#
#  SIGSEGV (0xb) at pc=0xfe21a882, pid=21118, tid=11
#
# Java VM: Java HotSpot(TM) Server VM (1.6.0-internal-debug mixed mode)
# Problematic frame:
# V  [libjvm.so+0x21a882]
#
# If you would like to submit a bug report, please visit:
#   http://java.sun.com/webapps/bugreport/crash.jsp
#

---------------  T H R E A D  ---------------

Current thread (0x081f9400):  JavaThread "CompilerThread1" daemon [_thread_in_na
tive, id=11]

siginfo:si_signo=11, si_errno=0, si_code=2, si_addr=0xdeadbf0f

Registers:
EAX=0xdeadbeef, EBX=0xfed86d58, ECX=0xd6371140, EDX=0xdeadbeef
ESP=0xd6371150, EBP=0xd6371160, ESI=0xd637117c, EDI=0x00000054
EIP=0xfe21a882, EFLAGS=0x00010286

Top of Stack: (sp=0xd6371150)
0xd6371150:   00000054 d637117c fed86d58 d63711dc
0xd6371160:   d63711dc fe777c30 deadbeef 00000054
0xd6371170:   d63711fc fed86d58 fe777b2f 00000000
0xd6371180:   0ae28ab4 00000001 00000004 00000000
0xd6371190:   0ae28e14 0ae28d8c deadbeef 00000000
0xd63711a0:   0ae28ab4 00000001 00000004 deadbeef
0xd63711b0:   0ae28e18 d6371100 0ae28ab4 00000001
0xd63711c0:   00000004 00000000 0ae28e18 00000054

Instructions: (pc=0xfe21a882)
0xfe21a872:   ec 83 ec 10 89 5d f8 89 75 f4 89 7d f0 8b 45 08
0xfe21a882:   0f b7 40 20 83 e0 07 83 f8 04 0f 94 c0 0f be c0

Stack: [0xd6334000,0xd6374000),  sp=0xd6371150,  free space=244k
Native frames: (J=compiled Java code, j=interpreted, Vv=VM code, C=native code)
V  [libjvm.so+0x21a882] bool Node::is_Proj()const + 0x12
V  [libjvm.so+0x777c30] ProjNode*MultiNode::proj_out(unsigned)const + 0x110
V  [libjvm.so+0x80ecc1] void PhaseIterGVN::add_users_to_worklist(Node*) + 0x131
V  [libjvm.so+0x80e386] Node*PhaseIterGVN::transform_old(Node*) + 0x3f6
V  [libjvm.so+0x80da21] void PhaseIterGVN::optimize() + 0x171
V  [libjvm.so+0x378936] void Compile::Optimize() + 0x4c6
V  [libjvm.so+0x374ddf] Compile::Compile(ciEnv*,C2Compiler*,ciMethod*,int,bool) + 0xbdf
V  [libjvm.so+0x2937a7] void C2Compiler::compile_method(ciEnv*,ciMethod*,int) + 0x77
V  [libjvm.so+0x3857d5] void CompileBroker::invoke_compiler_on_method(CompileTask*) + 0x7e9
V  [libjvm.so+0x384b90] void CompileBroker::compiler_thread_loop() + 0x41c
V  [libjvm.so+0x91cef6] void compiler_thread_entry(JavaThread*,Thread*) + 0x66
V  [libjvm.so+0x917da8] void JavaThread::thread_main_inner() + 0x168
V  [libjvm.so+0x917c29] void JavaThread::run() + 0x1e9
V  [libjvm.so+0x7b863e] java_start + 0x19e
C  [libc.so.1+0x9f6f8] _thr_setup + 0x4e
C  [libc.so.1+0x9f9e0] _lwp_start + 0x0


Current CompileTask:
C2:4717  !b  textuality.lark.Lark.reader(Ltextuality/lark/Handler;Ltextuality/lark/XmlInputStream;)Ltextuality/lark/Element; (6738 bytes)

                                    

Comments
EVALUATION

There are 2 problems with MultiNode::proj_out():

1. The loop doesn't have the limit on ouput edges number causing the read
a memory (garbage) after actual out edges pointers.
In the bug case it reads the second out edge when the node has
only one ouput. As result p == 0xdeadbeef and p->is_Proj()
causes SEGV.

2. Even if the loop had the limit check the method doesn't
have the return instruction on exit.
                                     
2006-10-09
SUGGESTED FIX

Webrev:                 http://analemma.sfbay.sun.com/net/prt-archiver.sfbay/data/archived_workspaces/main/c2_baseline/2006/20061009154405.kvn.6479823/workspace/webrevs/webrev-2006.10.09/index.html

Solution:
Add the limit check and the 'return NULL' statement.
Also check for the special case: Start node.
The fix was suggested by John R.
                                     
2006-10-10



Hardware and Software, Engineered to Work Together