JDK-6451451 : EXCEPTION_ACCESS_VIOLATION caused by -XX:+AggressiveOpts flag in Bigapps ATG test for 1.5.0_08b03
  • Type: Bug
  • Component: hotspot
  • Sub-Component: compiler
  • Affected Version: 5.0u6,5.0u11,5.0u8
  • Priority: P2
  • Status: Resolved
  • Resolution: Fixed
  • OS: generic,solaris_10,windows_xp
  • CPU: generic,x86,sparc
  • Submitted: 2006-07-21
  • Updated: 2014-02-27
  • Resolved: 2007-01-25
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
Other
5.0u12 b01Fixed
Related Reports
Duplicate :  
JDK-6512742 - AggressiveOpts parameter cause ATG BigApps test unexpected error in 5.0u11 JVM
Duplicate :  
JDK-6511174 - -XX:+AggressiveOpts option makes JVM to crash
Relates :  
JDK-6528475 - Appserver bat testing for JDK 1.5.0_12 b01: VM crash with -server option, no crash for 1.5.0_11
Description
Steps to reproduce:

Find a Windows XP machine (AMD64).

Run Bigapps ATG, see test procedure document:

http://jqa.ireland/procedures/test_procedures/all_test_procedures/BigApps.html

Set the -XX:+AggressiveOpts flag:

setenv JAVA_ARGS -XX:+AggressiveOpts

Start atg test.  ksh runatg.ksh -server

EXCEPTION_ACCESS_VIOLATION will appear after 2 minutes and the server dies.  See attached screenshot)

This is reproducible with 1.5.0_07b03.  The -XX:+AggressiveOpts flag works with Tomcat, vtest and vmark tests.
Comments
SUGGESTED FIX --- src/share/vm/opto/memnode.cpp- Mon Dec 18 18:53:13 2006 +++ src/share/vm/opto/memnode.cpp Wed Jan 17 22:59:57 2007 @@ -1,10 +1,10 @@ #ifdef USE_PRAGMA_IDENT_SRC -#pragma ident "@(#)memnode.cpp 1.218 06/12/13 16:09:23 JVM" +#pragma ident "@(#)memnode.cpp 1.219 07/01/17 15:38:52 JVM" #endif /* - * @(#)memnode.cpp 1.218 06/12/13 + * @(#)memnode.cpp 1.219 07/01/17 * * Copyright 2005 Sun Microsystems, Inc. All rights reserved. * SUN PROPRIETARY/CONFIDENTIAL. Use is subject to license terms. */ @@ -894,13 +894,24 @@ Node* slow = phi->in(1); if (slow->is_Proj()) { CallNode* call = slow->in(0)->is_Call(); if (call && (call->entry_point() == OptoRuntime::new_typeArray_Java() || call->entry_point() == OptoRuntime::new_objArray_Java())) { - return call->in(TypeFunc::Parms + 1); + Node* length = call->in(TypeFunc::Parms + 1); + Node* slow_ctrl = call->in(0); + if (!(length->is_Phi() && + slow_ctrl->is_Region() && + length->in(0) == slow_ctrl)) { + // As long as the length node is produced before the + // allocation diamond it must dominate the result of the + // allocation. If split_if or some other transformation + // turns the length into a phi for the slow path then the + // length can't be used. + return length; } } + } } } return this; }
18-01-2007
EVALUATION With +EliminateZeroing, LoadRangeNode::Identity() finds a substitute for the LoadRangeNode by looking past a PhiNode. If the returned node does not dominate the LoadRangeNode, and we can not be sure that all uses are dominated by the new def. In most cases, the Identity() transformation works without incident. However, in this test case, the split-if optimization works to move the PhiNode that is the length on a slow allocation path to a point that no longer dominates the use. (Using -XX:LoopOptsCount=0 can be used as a workaround.) In the failing case, the MachNode live range formed by such a transformation is spilled by the register allocator. Reg_split asserts when it can't find a reaching def for the use in question.
25-07-2006