JDK-8204055 : SIGSEGV in java -XX:
  • Type: Bug
  • Component: hotspot
  • Sub-Component: runtime
  • Affected Version: 11
  • Priority: P2
  • Status: Closed
  • Resolution: Fixed
  • OS: generic
  • CPU: x86_64
  • Submitted: 2018-05-29
  • Updated: 2018-07-19
  • Resolved: 2018-05-31
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 11
11 b17Fixed
Related Reports
Duplicate :  
Relates :  
Relates :  
Description
ADDITIONAL SYSTEM INFORMATION :
Debian 9.4
Linux version 4.9.0-6-amd64 (debian-kernel@lists.debian.org) (gcc version 6.3.0 20170516 (Debian 6.3.0-18+deb9u1) ) #1 SMP Debian 4.9.88-1+deb9u1 (2018-05-07)

A DESCRIPTION OF THE PROBLEM :
$ /opt/jdk-10.0.1/bin/java -version
openjdk version "10.0.1" 2018-04-17
OpenJDK Runtime Environment (build 10.0.1+10)
OpenJDK 64-Bit Server VM (build 10.0.1+10, mixed mode)
$ /opt/jdk-10.0.1/bin/java -XX:
Unrecognized VM option ''
Error: Could not create the Java Virtual Machine.
Error: A fatal exception has occurred. Program will exit.
$ /opt/jdk-11/bin/java -version
openjdk version "11-ea" 2018-09-25
OpenJDK Runtime Environment 18.9 (build 11-ea+15)
OpenJDK 64-Bit Server VM 18.9 (build 11-ea+15, mixed mode)
$ /opt/jdk-11/bin/java -XX:
Unrecognized VM option ''
Segmentation fault

REGRESSION : Last worked in version 10.0.1

STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
Step1. 
$ java -XX:

EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
Unrecognized VM option ''
Error: Could not create the Java Virtual Machine.
Error: A fatal exception has occurred. Program will exit.
ACTUAL -
Unrecognized VM option ''
Segmentation fault

FREQUENCY : always



Comments
Verified by updated testcase.
07-06-2018

Thanks I didnt know "all" was a tag.
31-05-2018

The SEGV was introduced with the fuzzy matching flag logic refactoring in JDK-8198554. In: +double StringUtils::similarity(const char* str1, size_t len1, const char* str2, size_t len2) { + size_t total = len1 + len2; + + size_t hit = 0; + for (size_t i = 0; i < len1 - 1; i++) { + for (size_t j = 0; j < len2 - 1; j++) { + if ((str1[i] == str2[j]) && (str1[i+1] == str2[j+1])) { + ++hit; + break; + } + } + } If len2 is zero (which it is in this case) we have passed it as an unsigned size_t, so len2-1 gives a massive positive unsigned value and so we enter the loop and try to access str2[1] and so get a SEGV. The original code had: - for (int j = 0; j < (int) len2 -1; ++j) { so the huge positive value reverted to a small negative value and we don't enter the loop.
31-05-2018

Stack for the -Xlog:* case V [libjvm.so+0xafc760] report_vm_error(char const*, int, char const*, char const*, ...)+0x100 V [libjvm.so+0x16d574b] StringUtils::similarity(char const*, unsigned long, char const*, unsigned long)+0x12b V [libjvm.so+0x124599e] LogTag::fuzzy_match(char const*)+0x5e V [libjvm.so+0x123fcb9] LogSelection::parse(char const*, outputStream*)+0x539 V [libjvm.so+0x1244a80] LogSelectionList::parse(char const*, outputStream*)+0xf0 V [libjvm.so+0x12371a3] LogConfiguration::parse_log_arguments(char const*, char const*, char const*, char const*, outputStream*)+0xa3 V [libjvm.so+0x12382c2] LogConfiguration::parse_command_line_arguments(char const*)+0x102 V [libjvm.so+0x61f06d] Arguments::parse_each_vm_init_arg(JavaVMInitArgs const*, bool*, JVMFlag::Flags)+0x1afd V [libjvm.so+0x620a00] Arguments::parse_vm_init_args(JavaVMInitArgs const*, JavaVMInitArgs const*, JavaVMInitArgs const*)+0xd0 V [libjvm.so+0x6210e1] Arguments::parse(JavaVMInitArgs const*)+0x6b1 V [libjvm.so+0x17a822c] Threads::create_vm(JavaVMInitArgs*, bool*)+0xbc so best to fix in StringUtils::similarity as suggested by Ioi. Though I'm not entirely convinced the fact we don't crash elsewhere due to an empty "arg" is by design rather than accident.
31-05-2018

Ioi beat me to it. The * is not a true wildcard and can only be used in conjunction with other tags.
30-05-2018

-Xlog:all=trace seems to do the trick for me.
30-05-2018

What is the right way to enable all the log tags? To me -Xlog:*=trace seemed the right way to do it.
30-05-2018

Thanks Ioi. That confirms where to put the check for len==0.
30-05-2018

Same cause for JDK-8203659 "Crash with: java -Xlog:*=trace -version"
30-05-2018

Proposed fix has three parts: 1. Update StringUtils::similarity to assert the two strings are not NULL and not zero-length. 2. Update Arguments::process_argument to not call fuzzy_match for a zero-length arg. 3. Update match_jfr_option to not trip-over the zero-length arg. (Still not quite sure why it does what it does there.)
30-05-2018

With the FlightRecorder changes removed both product and debug build still show: > ../../../build/linux-x64/images/jdk/bin/java -XX: Unrecognized VM option '' Segmentation fault
30-05-2018

match_jfr_option() is now tripping over the malformed option, resulting in the unexpected FlightRecording messages.
30-05-2018

It is reproducible with java -XX: on both Oracle product build and Openjdk builds. -sh-4.2$ /scratch/fairoz/JAVA/jdk11/jdk-11-ea+15/bin/java -XX: Unrecognized VM option '' Segmentation fault (core dumped) This is a regression in 11 for getting Segmentation fault . on 9.0.4 we have expected output Expected: -sh-4.2$ /scratch/fairoz/JAVA/jdk-9.0.4/bin/java -XX: Unrecognized VM option '' Error: Could not create the Java Virtual Machine. Error: A fatal exception has occurred. Program will exit. From JDK10 ea b36 onwards the error message changed to something like below. Still ok as there is no Segmentation fault -sh-4.2$ /scratch/fairoz/JAVA/jdk-9.0.4/bin/java -XX: Unrecognized VM option '' Error: Could not create the Java Virtual Machine. Error: A fatal exception has occurred. Program will exit. Another observation from JDK11 ea b14 build started giving Segmentation fault after the error message -sh-4.2$ /scratch/fairoz/JAVA/jdk11/jdk-11-ea+15/bin/java -XX: Unrecognized VM option '' Segmentation fault (core dumped)
30-05-2018

Correction: the earlier JFR information was incorrect. You see the strange JFR messages when JFR is still in closed e.g. from JDK 10: > /var/tmp/jib-daholme/install/jdk/10/46/bundles/linux-x64/jdk-10_linux-x64_bin.tar.gz/jdk-10/bin/java -XX: Error: To use 'StartFlightRecording', first unlock using -XX:+UnlockCommercialFeatures. Error: The unlock option must precede 'StartFlightRecording'. Error: Could not create the Java Virtual Machine. Error: A fatal exception has occurred. Program will exit.
30-05-2018

Unclear where the initial regression was but with latest code the problem relates to the Flight record code that was just open source. If you have a product build you now get: > ../../../build/linux-x64/images/jdk/bin/java -XX: Error: To use 'StartFlightRecording', first unlock using -XX:+UnlockCommercialFeatures. Error: The unlock option must precede 'StartFlightRecording'. Error: Could not create the Java Virtual Machine. Error: A fatal exception has occurred. Program will exit. While for fastdebug: > ../../../build/linux-x64-debug/images/jdk/bin/java -XX: Unrecognized VM option '' Segmentation fault Yet on a slightly older debug build I get: > /export/users/dh198349/valhalla/repos/valhalla-dev/build/linux-x64-debug/images/jdk/bin/java -XX: Error: To use 'StartFlightRecording', first unlock using -XX:+UnlockCommercialFeatures. Error: The unlock option must precede 'StartFlightRecording'. Error: Could not create the Java Virtual Machine. Error: A fatal exception has occurred. Program will exit.
30-05-2018