JDK-8224658 : Unsafe access C2 compile fails with assert(flat != TypePtr::BOTTOM) failed: cannot alias-analyze an untyped ptr: adr_type = NULL
- Type: Bug
- Component: hotspot
- Sub-Component: compiler
- Affected Version: 9,10,11,12,13
- Priority: P3
- Status: Resolved
- Resolution: Fixed
- Submitted: 2019-05-23
- Updated: 2019-11-21
- Resolved: 2019-06-12
The Version table provides details related to the release that this issue/RFE will be addressed.
Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.
To download the current JDK release, click here.
Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.
To download the current JDK release, click here.
| JDK 11 | JDK 13 | JDK 14 |
|---|---|---|
| 11.0.5Fixed | 13 b25Fixed  |
14Fixed |
Related Reports
|
Relates :
|
Description
Was experimenting with the code that is supposed to crash the JVM on accessing the zero address. However, it meets C2 compilation asserts before that.
This is a simple reproducer:
import java.lang.reflect.Field;
import sun.misc.Unsafe;
public class UnsafeZero {
static final Unsafe U;
static boolean f;
static {
try {
Field f = Unsafe.class.getDeclaredField("theUnsafe");
f.setAccessible(true);
U = (Unsafe) f.get(null);
} catch (Exception e) {
throw new RuntimeException(e);
}
}
public static void main(String... args) {
if (f) { // compile this branch, but don't actually take it during run
U.getInt(0);
}
}
}
When main() is forced to compile with C2, this happens:
$ build/linux-x86_64-server-fastdebug/images/jdk/bin/java -Xcomp -Xbatch -XX:-TieredCompilation UnsafeZero
# To suppress the following error report, specify this argument
# after -XX: or in .hotspotrc: SuppressErrorAt=/compile.cpp:1758
#
# A fatal error has been detected by the Java Runtime Environment:
#
# Internal Error (/home/shade/trunks/jdk-jdk/src/hotspot/share/opto/compile.cpp:1758), pid=5337, tid=5348
# assert(flat != TypePtr::BOTTOM) failed: cannot alias-analyze an untyped ptr: adr_type = NULL
#
# JRE version: OpenJDK Runtime Environment (13.0) (fastdebug build 13-internal+0-adhoc.shade.jdk-jdk)
# Java VM: OpenJDK 64-Bit Server VM (fastdebug 13-internal+0-adhoc.shade.jdk-jdk, compiled mode, sharing, compressed oops, g1 gc, linux-amd64)
# Problematic frame:
# V [libjvm.so+0x9ae985] Compile::find_alias_type(TypePtr const*, bool, ciField*)+0x3f5
#
# Core dump will be written. Default location: Core dumps may be processed with "/usr/share/apport/apport %p %s %c %d %P" (or dumping to /home/shade/trunks/jdk-jdk/core.5337)
#
# An error report file with more information is saved as:
# /home/shade/trunks/jdk-jdk/hs_err_pid5337.log
#
# Compiler replay data is saved as:
# /home/shade/trunks/jdk-jdk/replay_pid5337.log
#
# If you would like to submit a bug report, please visit:
# http://bugreport.java.com/bugreport/crash.jsp
#
Current thread is 5348
Dumping core ...
Aborted (core dumped)
Works fine with -Xint and C1.
Comments
|