Closed JeffersonYu1 closed 1 year ago
@hzongaro @0xdaryl fyi
I can readily reproduce this failure with
java -Xjit:limit={C.m\(\)V},optLevel=hot C
The instructions that are dumped out in the jitdump end like this:
0x7f45747350a5 00000071 [0x7f456f1a74d0] 8d 81 85 d9 c5 b1 lea eax, dword ptr [rcx-0x4e3a267b] # LEA4RegMem, SymRef [#441 -1312433787]
0x7f45747350ab 00000077 [0x7f456f1a7560] 83 f8 02 cmp eax, 0x00000002 # CMP4RegImms
0x7f45747350ae 0000007a [0x7f456f1a75f0] 0f 83 4c af 8c 8b jae Snippet Label L0036 # JAE4 # (Check Failure Snippet)
0x7f45747350b4 00000080 [0x7f456f1a7770] 8b c1 mov eax, ecx # MOVZXReg8Reg4
0x7f45747350b6 00000082 [0x7f456f1a79d0] 48 8d 04 45 10 00 00 00 lea rax, qword ptr [2*rax+0x10] # LEA8RegMem, SymRef [#442 +16]
[0x7f456f1af220] mov </ilOfCrashedThread>
<recompilation>
Running in gdb
, it looks like we reach a point in OMR::X86::AMD64::MemoryReference::generateBinaryEncoding
where _addressRegister
is unexpectedly NULL
. Through a series of method invocations at that point, the NULL pointer is eventually dereferenced, resulting in the crash.
Brad @BradleyWood, may I ask you to take a look at this problem?
I am nearly certain it is a duplicate of #15363
I tried out this test with the fix from @BradleyWood in OMR pull request eclipse/omr#6937, and it appears to resolve the problem. I'll leave this open until that pull request is merged.
Duplicate of #15363
This problem should be fixed by OMR pull request eclipse/omr#6937 from @BradleyWood, which was very recently merged.
System / OS / Java Runtime Information
Java version
Operating system details
Description
JVM crashes with JIT enabled when running the following program. The bug affects openj9jdk18.0.2+9, openj9jdk17.0.6+10, openj9jdk11.0.18+10, and openj9jdk8u362-b09. The bug is reproduced on the hot, veryhot, scorching, and default (no option) optlevels.
Steps to reproduce
The following steps shows how to reproduce the bug on JDK 17.0.6.0 in a Ubuntu Linux environment.
Compile
Execute
Note that occasionally the error takes a few runs of the program to reproduce.
Source code for an executable test case
Workaround
Disable JIT.
Additional Info
javacore and snap logs attached.