CONVERTED DATA
BugTraq+ Release Management Values
COMMIT TO FIX:
1.4.2_05
generic
tiger-beta2
FIXED IN:
1.4.2_05
tiger-beta2
INTEGRATED IN:
1.4.2_05
tiger-b44
tiger-beta2
VERIFIED IN:
1.4.2_05
|
|
|
SUGGESTED FIX
###@###.### 2004-03-15
http://analemma.sfbay.sun.com/net/prt-archiver.sfbay/export2/archived_workspaces/main/c2_baseline/2004/20040312184925.kvn.4895131/workspace/webrevs/webrev-2004.03.12/index.html
src/share/vm/opto/connode.cpp
***************
*** 430,436 ****
// Then return the interface.
const TypeOopPtr *jptr = my_type->isa_oopptr();
assert( jptr, "" );
! return jptr->klass()->is_interface()
? my_type->cast_to_ptr_type( TypePtr::NotNull )
: in_type;
} else {
--- 430,436 ----
// Then return the interface.
const TypeOopPtr *jptr = my_type->isa_oopptr();
assert( jptr, "" );
! return (jptr->klass()->is_interface() || !in_type->higher_equal(_type))
? my_type->cast_to_ptr_type( TypePtr::NotNull )
: in_type;
} else {
src/share/vm/opto/type.cpp
***************
*** 2297,2308 ****
ptr = NotNull;
return TypeInstPtr::make( ptr, ciEnv::current()->Object_klass(), false, NULL, offset);
}
case NotNull:
case BotPTR: // Fall down to object klass
// LCA is object_klass, but if we subclass from the top we can do better
! if( above_centerline(_ptr) ) {
! // If 'tp' is above the centerline then we can subclass in the
! // Java class heirarchy
if (klass()->equals(ciEnv::current()->Object_klass())) {
// that is, tp's array type is a subtype of my klass
return TypeAryPtr::make(ptr, tp->ary(), tp->klass(), tp->klass_is_exact(), offset);
--- 2297,2309 ----
ptr = NotNull;
return TypeInstPtr::make( ptr, ciEnv::current()->Object_klass(), false, NULL, offset);
}
+ case Constant:
case NotNull:
case BotPTR: // Fall down to object klass
// LCA is object_klass, but if we subclass from the top we can do better
! if( above_centerline(_ptr) ) { // if( _ptr == TopPTR || _ptr == AnyNull )
! // If 'this' (InstPtr) is above the centerline and it is Object class
! // then we can subclass in the Java class heirarchy.
if (klass()->equals(ciEnv::current()->Object_klass())) {
// that is, tp's array type is a subtype of my klass
return TypeAryPtr::make(ptr, tp->ary(), tp->klass(), tp->klass_is_exact(), offset);
***************
*** 2309,2315 ****
}
}
// The other case cannot happen, since I cannot be a subtype of an array.
! // if( _ptr == TopPTR || _ptr == AnyNull ) ...
return make( ptr, ciEnv::current()->Object_klass(), false, NULL, offset );
default: typerr(t);
}
--- 2310,2318 ----
}
}
// The other case cannot happen, since I cannot be a subtype of an array.
! // The meet falls down to Object class below centerline.
! if( ptr == Constant )
! ptr = NotNull;
return make( ptr, ciEnv::current()->Object_klass(), false, NULL, offset );
default: typerr(t);
}
***************
*** 2709,2715 ****
switch (tp->ptr()) {
case TopPTR:
case AnyNull:
! return make(ptr, NULL, _ary, _klass, _klass_is_exact, offset);
case BotPTR:
case NotNull:
return TypeOopPtr::make(ptr, offset);
--- 2712,2718 ----
switch (tp->ptr()) {
case TopPTR:
case AnyNull:
! return make(ptr, (ptr == Constant ? const_oop() : NULL), _ary, _klass, _klass_is_exact, offset);
case BotPTR:
case NotNull:
return TypeOopPtr::make(ptr, offset);
***************
*** 2731,2737 ****
case Null:
if( ptr == Null ) return TypePtr::make(AnyPtr, ptr, offset);
case AnyNull:
! return make( ptr, NULL, _ary, _klass, _klass_is_exact, offset );
default: ShouldNotReachHere();
}
}
--- 2734,2740 ----
case Null:
if( ptr == Null ) return TypePtr::make(AnyPtr, ptr, offset);
case AnyNull:
! return make( ptr, (ptr == Constant ? const_oop() : NULL), _ary, _klass, _klass_is_exact, offset );
default: ShouldNotReachHere();
}
}
***************
*** 2806,2824 ****
ptr = NotNull;
return TypeInstPtr::make( ptr, ciEnv::current()->Object_klass(), false, NULL,offset);
}
case NotNull:
case BotPTR: // Fall down to object klass
// LCA is object_klass, but if we subclass from the top we can do better
if (above_centerline(tp->ptr())) {
! // If 'tp' is above the centerline then we can subclass in the
! // Java class heirarchy
if( tp->klass()->equals(ciEnv::current()->Object_klass()) ) {
! // that is, tp's array type is a subtype of my klass
return make( ptr, _ary, _klass, _klass_is_exact, offset );
}
}
// The other case cannot happen, since t cannot be a subtype of an array.
! // if (above_centerline(tp->ptr())
return TypeInstPtr::make( ptr, ciEnv::current()->Object_klass(), false, NULL,offset);
default: typerr(t);
}
--- 2809,2830 ----
ptr = NotNull;
return TypeInstPtr::make( ptr, ciEnv::current()->Object_klass(), false, NULL,offset);
}
+ case Constant:
case NotNull:
case BotPTR: // Fall down to object klass
// LCA is object_klass, but if we subclass from the top we can do better
if (above_centerline(tp->ptr())) {
! // If 'tp' is above the centerline and it is Object class
! // then we can subclass in the Java class heirarchy.
if( tp->klass()->equals(ciEnv::current()->Object_klass()) ) {
! // that is, my array type is a subtype of 'tp' klass
return make( ptr, _ary, _klass, _klass_is_exact, offset );
}
}
// The other case cannot happen, since t cannot be a subtype of an array.
! // The meet falls down to Object class below centerline.
! if( ptr == Constant )
! ptr = NotNull;
return TypeInstPtr::make( ptr, ciEnv::current()->Object_klass(), false, NULL,offset);
default: typerr(t);
}
|
|
|
EVALUATION
The following code is aborting via typerr:
2296 case AryPtr: { // All arrays inherit from Object class
2297 const TypeAryPtr *tp = t->is_aryptr();
2298 int offset = meet_offset(tp->offset());
2299 PTR ptr = meet_ptr(tp->ptr());
2300 switch (ptr) {
2301 case TopPTR:
2302 case AnyNull: // Fall 'down' to dual of object klass
2303 if (klass()->equals(ciEnv::current()->Object_klass())) {
2304 return TypeAryPtr::make(ptr, tp->ary(), tp->klass(), tp->klass_is_exact(), offset);
2305 } else {
2306 // cannot subclass, so the meet has to fall badly below the centerline
2307 ptr = NotNull;
2308 return TypeInstPtr::make( ptr, ciEnv::current()->Object_klass(), false, NULL, offset);
2309 }
2310 case NotNull:
2311 case BotPTR: // Fall down to object klass
2312 // LCA is object_klass, but if we subclass from the top we can do better
2313 if( above_centerline(_ptr) ) {
2314 // If 'tp' is above the centerline then we can subclass in the
2315 // Java class heirarchy
2316 if (klass()->equals(ciEnv::current()->Object_klass())) {
2317 // that is, tp's array type is a subtype of my klass
2318 return TypeAryPtr::make(ptr, tp->ary(), tp->klass(), tp->klass_is_exact(), offset);
2319 }
2320 }
2321 // The other case cannot happen, since I cannot be a subtype of an array.
2322 // if( _ptr == TopPTR || _ptr == AnyNull ) ...
2323 return make( ptr, ciEnv::current()->Object_klass(), false, NULL, offset );
2324 default: typerr(t);
2325 }
2326 }
Continuing to examine the code and data.
###@###.### 2004-01-20
The abort is apparently due to the following value
[h/chrisph/4979449:DBX] x 0xfe5db28c-0x94/X
0xfe5db1f8: Bytecodes::_result_type+0x0310: 0x0000000e
in the type value returned by
2299 PTR ptr = meet_ptr(tp->ptr());
2300 switch (ptr) {
###@###.### 2004-01-21
Fastdebug :
Aborts as follows:
Error mixing types: java/lang/String:exact * and long:long:9223372036854775807--9223372036854775808[int:2147483647-0]:An
yNull:exact*
# To suppress the following error report, specify this argument
# after -XX: or in .hotspotrc: SuppressErrorAt=/type.cpp:670
#
# HotSpot Virtual Machine Error, Internal Error
# Please report this error at
# http://java.sun.com/cgi-bin/bugreport.cgi
#
# Java VM: Java HotSpot(TM) Server VM (1.4.2_04_fix_05+4951940+4964653_chrisphi_2004.02.11_13:50-debug mixed mode)
#
# ShouldNotReachHere()
#
# Error ID: /net/altair.east/terra/space5/chrisph/4951940/ws/src/share/vm/opto/type.cpp, 670 [ Patched ]
#
# Problematic Thread: prio=5 tid=0x00125f18 nid=0xb runnable
#
in essentially the same place:
=>[6] os::abort(dump_core = ???) (optimized), at 0xfd891d2c (line ~1323) in "os_solaris.cpp"
[7] report_error(is_vm_internal_error = ???, file_name = ???, line_no = ???, title = ???, format = ???, ...) (optimized), at 0xfd3e5ba4 (line ~460) in "debug.cpp"
[8] TypeInstPtr::xmeet(this = ???, t = ???) (optimized), at 0xfda5c028 (line ~2548) in "type.cpp"
[9] Type::meet(this = ???, t = ???) (optimized), at 0xfda537c4 (line ~467) in "type.cpp"
[10] CastPPNode::Value(this = ???, phase = ???) (optimized), at 0xfd3cf0a0 (line ~392) in "connode.cpp"
[11] PhaseIterGVN::transform_old(this = ???, n = ???) (optimized), at 0xfd914ee4 (line ~1013) in "phaseX.cpp"
[12] PhaseIterGVN::optimize(this = ???) (optimized), at 0xfd913d80 (line ~879) in "phaseX.cpp"
[13] Compile::Optimize(this = ???) (optimized), at 0xfd387350 (line ~1383) in "compile.cpp"
[14] Compile::Compile(this = ???, ci_env = ???, ci_scope = ???, target = ???, osr_bci = ???, subsume_loads = ???, comp_level = ???) (optimized), at 0xfd382228 (line ~486) in "compile.cpp"
[15] C2Compiler::compile_method(this = ???, env = ???, scope = ???, target = ???, entry_bci = ???, comp_lev = ???) (optimized), at 0xfd29af7c (line ~45) in "c2compiler.cpp"
[16] CompileBroker::invoke_compiler_on_method(task = ???) (optimized), at 0xfd3958a8 (line ~1608) in "compileBroker.cpp"
[17] CompileBroker::compiler_thread_loop() (optimized), at 0xfd393ec0 (line ~1401) in "compileBroker.cpp"
[18] JavaThread::thread_main_inner(this = ???) (optimized), at 0xfda35a10 (line ~1141) in "thread.cpp"
[19] _start(data = ???) (optimized), at 0xfd890140 (line ~746) in "os_solaris.cpp"
Note the code compiles fine when inlining is turned off:
print compilation output:
********************************************************************************
{method}
- klass: {other class}
- method holder:
'com/timetra/nms/server/generated/log/pso/PsoLogRecord'
- constants: {constant pool}
- access: 0x81300004 protected
- name: 'validatePeriodicTime'
- signature: '(J)V'
- max stack: 4
- max locals: 3
- size of params: 3
- method size: 34
- vtable index: 284
- exceptions: [I
- code size: 11
- code start: 0xf19a19e0
- code end (excl): 0xf19a19eb
- method data: 0xf4f5a238
- checked ex length: 0
- linenumber start: 0xf19a19eb
- localvar length: 2
- localvar start: 0xf19a19f2
#
# void ( com/timetra/nms/server/generated/log/imp/ImpLogRecord:NotNull
*, long, half )
#
#r048 R_I0 : parm 0:
com/timetra/nms/server/generated/log/imp/ImpLogRecord:NotNull *
#r018 R_G1:R_G1H : parm 1: long
#r149 R_SP+124: old out preserve
#r148 R_SP+120: old out preserve
#r147 R_SP+116: old out preserve
#r146 R_SP+112: old out preserve
#r145 R_SP+108: old out preserve
#r144 R_SP+104: old out preserve
#r143 R_SP+100: old out preserve
#r142 R_SP+96: old out preserve
#r141 R_SP+92: old out preserve
#r140 R_SP+88: old out preserve
#r139 R_SP+84: old out preserve
#r138 R_SP+80: old out preserve
#r137 R_SP+76: old out preserve
#r136 R_SP+72: old out preserve
#r135 R_SP+68: old out preserve
#r134 R_SP+64: old out preserve
# -- Old R_SP -- Framesize: 64 --
#r165 R_SP+60: new out preserve
#r164 R_SP+56: new out preserve
#r163 R_SP+52: new out preserve
#r162 R_SP+48: new out preserve
#r161 R_SP+44: new out preserve
#r160 R_SP+40: new out preserve
#r159 R_SP+36: new out preserve
#r158 R_SP+32: new out preserve
#r157 R_SP+28: new out preserve
#r156 R_SP+24: new out preserve
#r155 R_SP+20: new out preserve
#r154 R_SP+16: new out preserve
#r153 R_SP+12: new out preserve
#r152 R_SP+ 8: new out preserve
#r151 R_SP+ 4: new out preserve
#r150 R_SP+ 0: new out preserve
#
000 N54: # B1 <- BLOCK HEAD IS JUNK Freq: 159.563
000
UEP:
LDUW [R_O0 + oopDesc::klass_offset_in_bytes],R_G5 ! Inline
cache check
CMP R_G5,R_G3
Tne icc,R_G0+ST_RESERVED_FOR_USER_0+2
NOP # Pad for loops
010 B1: # B5 B2 <- BLOCK HEAD IS JUNK Freq: 159.563
010 ! bang stack
SAVE R_SP,-64,R_SP
01c CALL,static ; NOP ==>
com.timetra.nms.server.generated.log.pso.PsoLogRecord::wrapPeriodicTime
#
com.timetra.nms.server.generated.log.pso.PsoLogRecord::validatePeriodicTime
@ bci:4 L0=_ L1=_ L2=_ STK0=R_I0 STK1=#Ptr0x005d7ee0
# R_I0=Oop
024
024 B2: # B4 B3 <- B1 Freq: 159.56
024 + MOV R_O0,R_O2
028 + SET java/lang/String:exact *,R_O1 !ptr
030 + MOV R_I0,R_O0
034 CALL,static ; NOP ==>
com.timetra.nms.server.core.ManagedObject::validatePropertyValue
#
com.timetra.nms.server.generated.log.pso.PsoLogRecord::validatePeriodicTime
@ bci:7 L0=_ L1=_ L2=_
#
03c
03c B3: # N54 <- B2 Freq: 159.557
03c RESTORE
040 + RET ; NOP
040
048 B4: # B6 <- B2 Freq: 0.0015956
048 # exception oop is in R_O0; no code emitted
048 + MOV R_O0,R_I0
04c + BA B6
04c
054 B5: # B6 <- B1 Freq: 0.00159563
054 # exception oop is in R_O0; no code emitted
054 + MOV R_O0,R_I0
054
058 B6: # N54 <- B5 B4 Freq: 0.00319124
058 RESTORE
05c + JMP rethrow_stub
05c
********************************************************************************
Is this possibly related to 4911268 / 4971124 ?
###@###.### 2004-03-03
It is definitely not 4971124.
###@###.### 2004-03-03
###@###.### 2004-03-09
There is problem with processing of CheckCastPPNode's type when
input value's type is constant pointer.
###@###.### 2004-03-15
The customer's application crash because of C2 doesn't process the legal case
when meet_ptr(AryPtr->ptr(),InstPtr->ptr())==Constant. C2 treats it as error.
We need to fix CheckCastPPNode::Value() and *::xmeet() methods.
|
|
|
|
Java