JDK-6837011 : SIGSEGV in PhaseIdealLoop in 32bit jvm
  • Type: Bug
  • Component: hotspot
  • Sub-Component: compiler
  • Affected Version: hs15
  • Priority: P2
  • Status: Closed
  • Resolution: Fixed
  • OS: generic
  • CPU: generic
  • Submitted: 2009-05-04
  • Updated: 2011-03-08
  • Resolved: 2011-03-08
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 6 JDK 7 Other
6u18Fixed 7Fixed hs16Fixed
Related Reports
Relates :  
Relates :  
Relates :  
Description
The following test crashes with SIGSEGV when running with "-server -Xcomp" using using 32bit jvm
(on all 32bit platforms - solaris, linux, sparc. didn't try on windows). 

=== Tester.java ===
class Tester {
    static boolean var_3 = true;

    public static void main(String[] args)
    {
        double var_5;
        char var_7 = 1;
        double var_11 = 0;

        do
        {
            var_11++;
            var_5 = (var_7 /= ( var_3 ? ~1L : 3 ) );
        } while (var_11 < 1);

        System.out.println("PASSED");
    }
}
===================

hs_err output  is the following:

#
# A fatal error has been detected by the Java Runtime Environment:
#
#  SIGSEGV (0xb) at pc=0xfe4b6aef, pid=18397, tid=9
#
# JRE version: 7.0-b57
# Java VM: Java HotSpot(TM) Server VM (16.0-b02 compiled mode solaris-x86 )
# Problematic frame:
# V  [libjvm.so+0xb6aef]
#
# If you would like to submit a bug report, please visit:
#   http://java.sun.com/webapps/bugreport/crash.jsp
#

---------------  T H R E A D  ---------------

Current thread (0x08141800):  JavaThread "CompilerThread0" daemon [_thread_in_native, id=9, stack(0xb77580
00,0xb77d8000)]

siginfo:si_signo=SIGSEGV: si_errno=0, si_code=1 (SEGV_MAPERR), si_addr=0x0000001c;;

Registers:
EAX=0x081e3b24, EBX=0xfecb8000, ECX=0xb77d65c0, EDX=0x00000000
ESP=0xb77d5c50, EBP=0xb77d5c98, ESI=0x00000000, EDI=0x00000004
EIP=0xfe4b6aef, EFLAGS=0x00010246

Top of Stack: (sp=0xb77d5c50)
0xb77d5c50:   081e27dc 00000000 0816fa00 0816f9f0
0xb77d5c60:   0816f924 081e2af0 b77d65d0 081e2e6d
0xb77d5c70:   00000006 00000006 00000002 081e2e6c
0xb77d5c80:   0816fa30 00000000 00000010 00000004
0xb77d5c90:   00000000 fecb8000 b77d5cd8 fe4b759f
0xb77d5ca0:   b77d65c0 081e3b00 b77d5cd8 fe4b758a
0xb77d5cb0:   b77d5da0 00000085 b77d5cd8 fea0f2aa
0xb77d5cc0:   081e09a0 08169b48 b77d5d08 00000004

Instructions: (pc=0xfe4b6aef)
0xfe4b6adf:   00 00 89 45 e0 e9 9d 00 00 00 8b 50 04 8b 4d 08
0xfe4b6aef:   8b 42 1c 8b 71 14 3b c6 72 04 33 c0 eb 06 8b 79
;; fe4b6adf 00 00                   add    %al,(%eax)
;; fe4b6ae1 89 45 e0                mov    %eax,0xffffffe0(%ebp)
;; fe4b6ae4 e9 9d 00 00 00          jmp    0xfe4b6b86
;; fe4b6ae9 8b 50 04                mov    0x4(%eax),%edx
;; fe4b6aec 8b 4d 08                mov    0x8(%ebp),%ecx
;; ---------------
;; fe4b6aef 8b 42 1c                mov    0x1c(%edx),%eax
;; fe4b6af2 8b 71 14                mov    0x14(%ecx),%esi
;; fe4b6af5 3b c6                   cmp    %esi,%eax
;; fe4b6af7 72 04                   jb     0xfe4b6afd
;; fe4b6af9 33 c0                   xor    %eax,%eax
;; fe4b6afb eb 06                   jmp    0xfe4b6b03
;; fe4b6afd 8b 79 ff                mov    0xffffffff(%ecx),%edi
;;
Stack: [0xb7758000,0xb77d8000],  sp=0xb77d5c50,  free space=1f7b77d8000k
Native frames: (J=compiled Java code, j=interpreted, Vv=VM code, C=native code)
V  [libjvm.so+0xb6aef];;  Node*PhaseIdealLoop::get_early_ctrl(Node*)+0xe3
V  [libjvm.so+0xb759f];;  void PhaseIdealLoop::set_early_ctrl(Node*)+0x23
V  [libjvm.so+0x15942a];;  void PhaseIdealLoop::build_loop_early(VectorSet&,Node_List&,Node_Stack&,const P
haseIdealLoop*)+0x37e
V  [libjvm.so+0x5c73b4];;  PhaseIdealLoop::PhaseIdealLoop(PhaseIterGVN&,const PhaseIdealLoop*,bool)+0x8f8
V  [libjvm.so+0x186107];;  void Compile::Optimize()+0x1fb
V  [libjvm.so+0x39f67e];;  Compile::Compile(ciEnv*,C2Compiler*,ciMethod*,int,bool,bool)+0xaf6
V  [libjvm.so+0x1824df];;  void C2Compiler::compile_method(ciEnv*,ciMethod*,int)+0x93
V  [libjvm.so+0x182b21];;  void CompileBroker::invoke_compiler_on_method(CompileTask*)+0x4a9
V  [libjvm.so+0x1ea164];;  void CompileBroker::compiler_thread_loop()+0x3b0
V  [libjvm.so+0x1ec754];;  void compiler_thread_entry(JavaThread*,Thread*)+0x18
V  [libjvm.so+0x1b1179];;  void JavaThread::thread_main_inner()+0x51
V  [libjvm.so+0x1b111c];;  void JavaThread::run()+0x19c
V  [libjvm.so+0x62567d];;  java_start+0x10d
C  [libc.so.1+0xa3a81];;  _thr_setup+0x4e
C  [libc.so.1+0xa3d70];;  _lwp_start+0x0


Current CompileTask:
C2:423   b  Tester.main([Ljava/lang/String;)V (43 bytes)

Comments
EVALUATION Approved for JDK 7 M3 build 3.
07-05-2009

EVALUATION http://hg.openjdk.java.net/jdk7/hotspot-comp/hotspot/rev/cecd04fc6f93
07-05-2009

EVALUATION The original fix for 6732154 only worked if the RShiftL was transformed before the AndL and 6800154 reversed them. The transform of the AndL can return t and that causes the problem. Swapping the two transforms (w1 and w2) fixes the problem.
06-05-2009

EVALUATION Somewhere in the compiler both inputs get cleared, and I still don't know where: t@9 (l@9) stopped in long_by_long_mulhi at line 291 in file "divnode.cpp" 291 Node* t = phase->transform(new (phase->C, 3) AddLNode(u1v0, temp)); (dbx) print temp temp = 0x81be7e0 (dbx) print temp->_in[0..2] temp->_in[0..2] = [0] = (nil) [1] = 0x81be710 [2] = 0x81be608 (dbx) c t@9 (l@9) signal SEGV (no mapping at the fault address) in PhaseIdealLoop::has_node at line 530 in file "loopnode.hpp" 530 bool has_node( Node* n ) const { return _nodes[n->_idx] != NULL; } (dbx) fr 3 Current function is PhaseIdealLoop::get_early_ctrl 65 early = get_ctrl(n->in(1)); (dbx) p n n = 0x81be7e0 (dbx) print n->_in[0..2] n->_in[0..2] = [0] = (nil) [1] = (nil) [2] = (nil) I just wonder why this happens only with 32-bits.
05-05-2009

EVALUATION Introduced with changes for 6800154. I verified that previous pushd passed 2009-02-06-213531.kvn.6791852 and the pushd for 6800154 failed: intelsdv21% bin/java -Xcomp -server Tester # # A fatal error has been detected by the Java Runtime Environment: # # SIGSEGV (0xb) at pc=0xfe34c287, pid=4437, tid=15 # # JRE version: 7.0-b52 # Java VM: OpenJDK Server VM (15.0-b01-2009-02-16-081218.ct232829.6800154-jvmg compiled mode solaris-x86 ) # Problematic frame: # V [libjvm.so+0x54c287]
04-05-2009