JDK-7056380 : VM crashes with SIGSEGV in compiled code
  • Type: Bug
  • Component: hotspot
  • Sub-Component: compiler
  • Affected Version: hs21,6u27
  • Priority: P2
  • Status: Resolved
  • Resolution: Fixed
  • OS: generic,solaris_10
  • CPU: generic,x86
  • Submitted: 2011-06-18
  • Updated: 2014-03-03
  • Resolved: 2011-06-25
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 6 JDK 7 JDK 8 Other
6u34Fixed 7Fixed 8Fixed hs20.9Fixed
Related Reports
Duplicate :  
JDK-7157426 - JVM crash because of bad code generation
Duplicate :  
JDK-7056381 - VM core dumps on solaris
Duplicate :  
JDK-7119571 - EXCEPTION_ACCESS_VIOLATION after divide by zero
Relates :  
JDK-6961690 - load oops from constant table on SPARC
Description
VM crashes with SIGSEGV in product and fastdebug mode. 
Issue is reproducible with b145.
I was able to reproduce it with older bits (b125

The error message is not very informative:
#
# A fatal error has been detected by the Java Runtime Environment:
#
#  SIGSEGV (0xb) at pc=0x000000000000009a, pid=8508, tid=1100495168
#
# JRE version: 7.0-b145
# Java VM: Java HotSpot(TM) 64-Bit Server VM (21.0-b15-fastdebug mixed mode linux-amd64 compressed oops)
# Problematic frame:
# C  0x000000000000009a
[error occurred during error reporting (printing problematic frame), id 0xb]

# Failed to write core dump. Core dumps have been disabled. To enable core dumping, try "ulimit -c unlimited" before starting Java again
#
# If you would like to submit a bug report, please visit:
#   http://bugreport.sun.com/bugreport/crash.jsp
#
Comments
EVALUATION http://hg.openjdk.java.net/hsx/hotspot-rt/hotspot/rev/de6a837d75cf
08-07-2011
EVALUATION http://hg.openjdk.java.net/hsx/hotspot-main/hotspot/rev/de6a837d75cf
07-07-2011
EVALUATION http://hg.openjdk.java.net/jdk7/hotspot/hotspot/rev/a3081a3a2b54
23-06-2011
EVALUATION 7056380: VM crashes with SIGSEGV in compiled code Summary: code was using andq reg, imm instead of addq addr, imm Reviewed-by: kvn, jrose, twisti In the changes for 6961690 a copy of cmpfp_fixup was moved inline but was translated incorrectly so that it was and'ing rsp instead of (rsp). This would cause garbage to be popped into the flags and corrupt rsp. Depending on the OS and values involved you would die at the next of use the flags or later after a return. The fix is to use the right andq form. I also converted the cmpfp_fixup code into MacroAssembler so that it was obviously equivalent. Tested with failing test case and by inspection of the resulting assembly.
22-06-2011
EVALUATION http://hg.openjdk.java.net/hsx/hotspot-comp/hotspot/rev/de6a837d75cf
21-06-2011
EVALUATION This appears to be a longstanding problem with x64 port. The cmpfp_fixup code is trying to fixup the condition codes when NaN is encountered but instead of emitting addq (%rsp),0xffffff2b it's emitting addq %rsp, 0xffffff2b which changes the stack and then pops the garbage of some kind into the flags register. 0xfffffd7ff9511c61: ucomisd 0xfffffffffffffa1f [ 0xfffffffffffffa1f ](%rip),%xmm0 0xfffffd7ff9511c69: jnp 0xfffffd7ff9511c78 [ 0xfffffd7ff9511c78, .+0xf ] 0xfffffd7ff9511c6f: pushfq 0xfffffd7ff9511c70: andq $0xffffffffffffff2b,%rsp 0xfffffd7ff9511c77: popfq 0xfffffd7ff9511c78: nop 0xfffffd7ff9511c79: cmovl.ne 0x0000000000000044(%rsp),%ecx
20-06-2011