JDK8 Segmentation error vmState=0x000551ff #15335

connglli · 2022-06-15T16:12:54Z

Java -version output

openjdk version "1.8.0_342-internal"
OpenJDK Runtime Environment (build 1.8.0_342-internal-_2022_06_10_15_18-b00)
Eclipse OpenJ9 VM (build master-3d06b2f9c, JRE 1.8.0 Linux amd64-64-Bit Compressed References 20220610_000000 (JIT enabled, AOT enabled)
OpenJ9   - 3d06b2f9c
OMR      - cf8ddbd1a
JCL      - 2bb179375a based on jdk8u342-b05)

Summary of problem

The following Test.java, which is reduced by us, crashes OpenJ9's JIT compiler

class Test {
  int N;
  long instanceCount;
  long vMeth_check_sum;

  void vMeth(long l, long l1) {
    int i2, i11 = 240, iArr2[] = new int[N];
    long[] lArr = new long[N];
    for (int ax$30 = 1057; ax$30 < 8584; ) {
      long ax$27 = l;
      try {
        long[] ax$25 = {0x7ff0000000000001L};
        for (int ax$26 = 1; ax$26 <= i11; ax$26++) l += ax$25[ax$26 - 1];
      } catch (Throwable ax$29) {
      } finally {
        l = ax$27;
      }
    }
    vMeth_check_sum += l + checkSum(iArr2) + checkSum(lArr);
  }

  int iMeth(double d, int i1) {
    int iArr3[] = new int[N];
    long[] lArr1 = new long[N];
    init(iArr3, 5);
    vMeth(instanceCount, instanceCount);
    long meth_res = checkSum(lArr1);
    return (int) meth_res;
  }

  void mainTest(String[] strArr1) {
    int i;
    double d4 = 30.50487;
    i = 1;
    i += iMeth(d4, 12);
  }

  public static void main(String[] strArr) {
    Test _instance = new Test();
    _instance.mainTest(strArr);
  }


  public static void init(int[] a, int seed) {
    for (int j = 0; j < a.length; j++) {
      a[j] = (j % 2 == 0) ? seed + j : seed - j;
    }
  }

  public static long checkSum(long[] a) {
    long sum = 0;
    for (int j = 0; j < a.length; j++) {
      sum += (a[j] / (j + 1) + a[j] % (j + 1));
    }
    return sum;
  }

  public static long checkSum(int[] a) {
    long sum = 0;
    for (int j = 0; j < a.length; j++) {
      sum += (a[j] / (j + 1) + a[j] % (j + 1));
    }
    return sum;
  }
}

Diagnostic files

By issuing

$ java -Xmx1G Test

the following crash log is given:

#0: /zdata/congli/OpenJ9/jdk8/jre/lib/amd64/default/libj9jit29.so(+0x7ab6d5) [0x7fed3e5bb6d5]
#1: /zdata/congli/OpenJ9/jdk8/jre/lib/amd64/default/libj9jit29.so(+0x7b69c0) [0x7fed3e5c69c0]
#2: /zdata/congli/OpenJ9/jdk8/jre/lib/amd64/default/libj9jit29.so(+0x1125d9) [0x7fed3df225d9]
#3: /zdata/congli/OpenJ9/jdk8/jre/lib/amd64/default/libj9prt29.so(+0x2911a) [0x7fed3f65211a]
#4: /lib/x86_64-linux-gnu/libpthread.so.0(+0x14420) [0x7fed3fac7420]
#5: /zdata/congli/OpenJ9/jdk8/jre/lib/amd64/default/libj9jit29.so(+0x321c9a) [0x7fed3e131c9a]
#6: /zdata/congli/OpenJ9/jdk8/jre/lib/amd64/default/libj9jit29.so(+0x322222) [0x7fed3e132222]
#7: /zdata/congli/OpenJ9/jdk8/jre/lib/amd64/default/libj9jit29.so(+0x322064) [0x7fed3e132064]
#8: /zdata/congli/OpenJ9/jdk8/jre/lib/amd64/default/libj9jit29.so(+0x322064) [0x7fed3e132064]
#9: /zdata/congli/OpenJ9/jdk8/jre/lib/amd64/default/libj9jit29.so(+0x322064) [0x7fed3e132064]
#10: /zdata/congli/OpenJ9/jdk8/jre/lib/amd64/default/libj9jit29.so(+0x323abd) [0x7fed3e133abd]
#11: /zdata/congli/OpenJ9/jdk8/jre/lib/amd64/default/libj9jit29.so(+0x635447) [0x7fed3e445447]
#12: /zdata/congli/OpenJ9/jdk8/jre/lib/amd64/default/libj9jit29.so(+0x6359d9) [0x7fed3e4459d9]
#13: /zdata/congli/OpenJ9/jdk8/jre/lib/amd64/default/libj9jit29.so(+0x636d8b) [0x7fed3e446d8b]
#14: /zdata/congli/OpenJ9/jdk8/jre/lib/amd64/default/libj9jit29.so(+0x42ba25) [0x7fed3e23ba25]
#15: /zdata/congli/OpenJ9/jdk8/jre/lib/amd64/default/libj9jit29.so(+0x121e6a) [0x7fed3df31e6a]
#16: /zdata/congli/OpenJ9/jdk8/jre/lib/amd64/default/libj9jit29.so(+0x122c73) [0x7fed3df32c73]
#17: /zdata/congli/OpenJ9/jdk8/jre/lib/amd64/default/libj9prt29.so(+0x29c53) [0x7fed3f652c53]
#18: /zdata/congli/OpenJ9/jdk8/jre/lib/amd64/default/libj9jit29.so(+0x120a69) [0x7fed3df30a69]
#19: /zdata/congli/OpenJ9/jdk8/jre/lib/amd64/default/libj9jit29.so(+0x1210d7) [0x7fed3df310d7]
#20: /zdata/congli/OpenJ9/jdk8/jre/lib/amd64/default/libj9jit29.so(+0x11fdab) [0x7fed3df2fdab]
#21: /zdata/congli/OpenJ9/jdk8/jre/lib/amd64/default/libj9jit29.so(+0x12009a) [0x7fed3df3009a]
#22: /zdata/congli/OpenJ9/jdk8/jre/lib/amd64/default/libj9jit29.so(+0x120162) [0x7fed3df30162]
#23: /zdata/congli/OpenJ9/jdk8/jre/lib/amd64/default/libj9prt29.so(+0x29c53) [0x7fed3f652c53]
#24: /zdata/congli/OpenJ9/jdk8/jre/lib/amd64/default/libj9jit29.so(+0x1205a2) [0x7fed3df305a2]
#25: /zdata/congli/OpenJ9/jdk8/jre/lib/amd64/default/libj9thr29.so(+0xf2b2) [0x7fed3f8152b2]
#26: /lib/x86_64-linux-gnu/libpthread.so.0(+0x8609) [0x7fed3fabb609]
#27: /lib/x86_64-linux-gnu/libc.so.6(clone+0x43) [0x7fed3fbfb133]
Unhandled exception
Type=Segmentation error vmState=0x000551ff
J9Generic_Signal_Number=00000018 Signal_Number=0000000b Error_Value=00000000 Signal_Code=00000001
Handler1=00007FED3F869020 Handler2=00007FED3F651EF0 InaccessibleAddress=0000000000000008
RDI=00007FED08DA8020 RSI=0000000000000000 RAX=0000000000000000 RBX=00007FED08CB8000
RCX=00007FED08D6B8A0 RDX=8014004000000000 R8=0000000000000010 R9=00007FED08F38660
R10=00007FED08F38680 R11=0000000000000008 R12=00007FED09DAD260 R13=00007FED09DAD180
R14=0000000000000000 R15=00007FED09DAD1D0
RIP=00007FED3E131C9A GS=0000 FS=0000 RSP=00007FED09DAD0D0
EFlags=0000000000010246 CS=0033 RBP=00007FED09DAD190 ERR=0000000000000004
TRAPNO=000000000000000E OLDMASK=0000000000000000 CR2=0000000000000008
xmm0 0000000000000000 (f: 0.000000, d: 0.000000e+00)
xmm1 00000000000000ff (f: 255.000000, d: 1.259867e-321)
xmm2 0000000000000000 (f: 0.000000, d: 0.000000e+00)
xmm3 0000000000000000 (f: 0.000000, d: 0.000000e+00)
xmm4 0000000000000000 (f: 0.000000, d: 0.000000e+00)
xmm5 0000000000000000 (f: 0.000000, d: 0.000000e+00)
xmm6 0000000000000000 (f: 0.000000, d: 0.000000e+00)
xmm7 0000000001000000 (f: 16777216.000000, d: 8.289046e-317)
xmm8 00007fed08efa770 (f: 149923696.000000, d: 6.949331e-310)
xmm9 0000000000000000 (f: 0.000000, d: 0.000000e+00)
xmm10 0000000000000000 (f: 0.000000, d: 0.000000e+00)
xmm11 0000000000000000 (f: 0.000000, d: 0.000000e+00)
xmm12 0000000000000000 (f: 0.000000, d: 0.000000e+00)
xmm13 0000000000000000 (f: 0.000000, d: 0.000000e+00)
xmm14 0000000000000000 (f: 0.000000, d: 0.000000e+00)
xmm15 0000000000000000 (f: 0.000000, d: 0.000000e+00)
Module=/zdata/congli/OpenJ9/jdk8/jre/lib/amd64/default/libj9jit29.so
Module_base_address=00007FED3DE10000

Method_being_compiled=Test.vMeth(JJ)V
Target=2_90_20220610_000000 (Linux 5.4.0-117-generic)
CPU=amd64 (128 logical CPUs) (0x3ee84d8000 RAM)
----------- Stack Backtrace -----------
_ZN25TR_SPMDKernelParallelizer17checkIndependenceEP18TR_RegionStructureP13TR_UseDefInfoRN3CS27ArrayOfIPN2TR4NodeENS4_16shared_allocatorINS4_14heap_allocatorILm65536ELj12E17TRMemoryAllocatorIL17TR_AllocationKind1ELj12ELj28EEEEEELm8ES8_EERNS4_16ASparseBitVe+0x10ba (0x00007FED3E131C9A [libj9jit29.so+0x321c9a])
_ZN25TR_SPMDKernelParallelizer20collectParallelLoopsEP18TR_RegionStructureR4ListIS0_EP10TR_HashTabP13TR_UseDefInfo+0x422 (0x00007FED3E132222 [libj9jit29.so+0x322222])
_ZN25TR_SPMDKernelParallelizer20collectParallelLoopsEP18TR_RegionStructureR4ListIS0_EP10TR_HashTabP13TR_UseDefInfo+0x264 (0x00007FED3E132064 [libj9jit29.so+0x322064])
_ZN25TR_SPMDKernelParallelizer20collectParallelLoopsEP18TR_RegionStructureR4ListIS0_EP10TR_HashTabP13TR_UseDefInfo+0x264 (0x00007FED3E132064 [libj9jit29.so+0x322064])
_ZN25TR_SPMDKernelParallelizer20collectParallelLoopsEP18TR_RegionStructureR4ListIS0_EP10TR_HashTabP13TR_UseDefInfo+0x264 (0x00007FED3E132064 [libj9jit29.so+0x322064])
_ZN25TR_SPMDKernelParallelizer7performEv+0x1fd (0x00007FED3E133ABD [libj9jit29.so+0x323abd])
_ZN3OMR9Optimizer19performOptimizationEPK20OptimizationStrategyiii+0x767 (0x00007FED3E445447 [libj9jit29.so+0x635447])
_ZN3OMR9Optimizer19performOptimizationEPK20OptimizationStrategyiii+0xcf9 (0x00007FED3E4459D9 [libj9jit29.so+0x6359d9])
_ZN3OMR9Optimizer8optimizeEv+0x1db (0x00007FED3E446D8B [libj9jit29.so+0x636d8b])
_ZN3OMR11Compilation7compileEv+0x925 (0x00007FED3E23BA25 [libj9jit29.so+0x42ba25])
_ZN2TR28CompilationInfoPerThreadBase7compileEP10J9VMThreadPNS_11CompilationEP17TR_ResolvedMethodR11TR_J9VMBaseP19TR_OptimizationPlanRKNS_16SegmentAllocatorE+0x4fa (0x00007FED3DF31E6A [libj9jit29.so+0x121e6a])
_ZN2TR28CompilationInfoPerThreadBase14wrappedCompileEP13J9PortLibraryPv+0x323 (0x00007FED3DF32C73 [libj9jit29.so+0x122c73])
omrsig_protect+0x1e3 (0x00007FED3F652C53 [libj9prt29.so+0x29c53])
_ZN2TR28CompilationInfoPerThreadBase7compileEP10J9VMThreadP21TR_MethodToBeCompiledRN2J917J9SegmentProviderE+0x309 (0x00007FED3DF30A69 [libj9jit29.so+0x120a69])
_ZN2TR24CompilationInfoPerThread12processEntryER21TR_MethodToBeCompiledRN2J917J9SegmentProviderE+0x207 (0x00007FED3DF310D7 [libj9jit29.so+0x1210d7])
_ZN2TR24CompilationInfoPerThread14processEntriesEv+0x38b (0x00007FED3DF2FDAB [libj9jit29.so+0x11fdab])
_ZN2TR24CompilationInfoPerThread3runEv+0x2a (0x00007FED3DF3009A [libj9jit29.so+0x12009a])
_Z30protectedCompilationThreadProcP13J9PortLibraryPN2TR24CompilationInfoPerThreadE+0x82 (0x00007FED3DF30162 [libj9jit29.so+0x120162])
omrsig_protect+0x1e3 (0x00007FED3F652C53 [libj9prt29.so+0x29c53])
_Z21compilationThreadProcPv+0x1d2 (0x00007FED3DF305A2 [libj9jit29.so+0x1205a2])
thread_wrapper+0x162 (0x00007FED3F8152B2 [libj9thr29.so+0xf2b2])
start_thread+0xd9 (0x00007FED3FABB609 [libpthread.so.0+0x8609])
clone+0x43 (0x00007FED3FBFB133 [libc.so.6+0x11f133])
---------------------------------------
JVMDUMP039I Processing dump event "gpf", detail "" at 2022/06/15 18:08:19 - please wait.
JVMDUMP032I JVM requested System dump using '/zdata/congli/ax-exp/ax-eval/2-ax-only/70.openj9/mutant/red/core.20220615.180819.3437143.0001.dmp' in response to an event
JVMDUMP010I System dump written to /zdata/congli/ax-exp/ax-eval/2-ax-only/70.openj9/mutant/red/core.20220615.180819.3437143.0001.dmp
JVMDUMP032I JVM requested Java dump using '/zdata/congli/ax-exp/ax-eval/2-ax-only/70.openj9/mutant/red/javacore.20220615.180819.3437143.0002.txt' in response to an event
JVMDUMP010I Java dump written to /zdata/congli/ax-exp/ax-eval/2-ax-only/70.openj9/mutant/red/javacore.20220615.180819.3437143.0002.txt
JVMDUMP032I JVM requested Snap dump using '/zdata/congli/ax-exp/ax-eval/2-ax-only/70.openj9/mutant/red/Snap.20220615.180819.3437143.0003.trc' in response to an event
JVMDUMP010I Snap dump written to /zdata/congli/ax-exp/ax-eval/2-ax-only/70.openj9/mutant/red/Snap.20220615.180819.3437143.0003.trc
JVMDUMP032I JVM requested JIT dump using '/zdata/congli/ax-exp/ax-eval/2-ax-only/70.openj9/mutant/red/jitdump.20220615.180819.3437143.0004.dmp' in response to an event
JVMDUMP051I JIT dump occurred in 'JIT Compilation Thread-000' thread 0x0000000000051900
JVMDUMP049I JIT dump notified all waiting threads of the current method to be compiled
JVMDUMP054I JIT dump is tracing the IL of the method on the crashed compilation thread
JVMDUMP010I JIT dump written to /zdata/congli/ax-exp/ax-eval/2-ax-only/70.openj9/mutant/red/jitdump.20220615.180819.3437143.0004.dmp
JVMDUMP013I Processed dump event "gpf", detail "".

Please also check openj9-bug-70.tar.gz for all the logs (jitdump, snap, etc.), the test (Test.java, Test.class), and the unreduced test (Test.java.orig).

Notice

The given Test.java (which is reduced by us) is always reproducible for us. If it is not reproducible for you, please use Test.java.orig in the above link.

The text was updated successfully, but these errors were encountered:

pshipton · 2022-06-15T16:28:01Z

It reproduces for me, on 0.32 and 033

@0xdaryl

BradleyWood · 2022-06-16T16:08:45Z

I will take a look at this one.

java -Xjit:vmState=0x000551ff
vmState [0x551ff]: {J9VMSTATE_JIT} {SPMDKernelParallelization}

BradleyWood · 2022-06-17T14:52:35Z

This does not reproduce on PPC, however is definitely an opt bug. The issue is definitely related to the way in which the SIMD reduction operations are rejected. The issue seems to only be exposed on x86 because vgetelem is disabled. The issue did not reproduce by enabling the vgetelem opcode. Still trying to investigate how this caused the crash.

Fixes eclipse-openj9#15335 Signed-off-by: BradleyWood <[email protected]>

0xdaryl · 2022-06-21T12:32:29Z

This is not a 0.33 regression. It fails at least as far back as 0.24 on JDK11.

BradleyWood · 2022-06-21T13:10:46Z

UseDefs nodes from method entry are represented as null. When checking for loop independence one of these nodes got dereferenced which caused the seg-fault. PR #15373 specially handles this case.

The unsupported SIMD reduction operations (such as vgetelem) caused the compiler to follow a different path than which exposed this issue.

Fixes eclipse-openj9#15335 Signed-off-by: BradleyWood <[email protected]>

connglli added the userRaised label Jun 15, 2022

pshipton added comp:jit blocker segfault Issues that describe segfaults / JVM crashes labels Jun 15, 2022

pshipton added this to the Release 0.33 (Java 8, 11, 17, 18) July refresh milestone Jun 15, 2022

0xdaryl assigned BradleyWood Jun 16, 2022

BradleyWood added a commit to BradleyWood/openj9 that referenced this issue Jun 20, 2022

Prevent AutoSIMD seg-fault on defs from method entry

a25b611

Fixes eclipse-openj9#15335 Signed-off-by: BradleyWood <[email protected]>

BradleyWood mentioned this issue Jun 20, 2022

Prevent AutoSIMD seg-fault on defs from method entry #15373

Merged

gita-omr closed this as completed in #15373 Jun 21, 2022

BradleyWood added a commit to BradleyWood/openj9 that referenced this issue Jun 22, 2022

Prevent AutoSIMD seg-fault on defs from method entry

40bccd0

Fixes eclipse-openj9#15335 Signed-off-by: BradleyWood <[email protected]>

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

JDK8 Segmentation error vmState=0x000551ff #15335

JDK8 Segmentation error vmState=0x000551ff #15335

connglli commented Jun 15, 2022

pshipton commented Jun 15, 2022

BradleyWood commented Jun 16, 2022

BradleyWood commented Jun 17, 2022

0xdaryl commented Jun 21, 2022

BradleyWood commented Jun 21, 2022

JDK8 Segmentation error vmState=0x000551ff #15335

JDK8 Segmentation error vmState=0x000551ff #15335

Comments

connglli commented Jun 15, 2022

Java -version output

Summary of problem

Diagnostic files

Notice

pshipton commented Jun 15, 2022

BradleyWood commented Jun 16, 2022

BradleyWood commented Jun 17, 2022

0xdaryl commented Jun 21, 2022

BradleyWood commented Jun 21, 2022