Bug ID: 6179233 1.4.2_06 crashes when setting -XX:CompileThreshold=200 -server on Windows

6179233 : 1.4.2_06 crashes when setting -XX:CompileThreshold=200 -server on Windows

Details

Type:	Bug	Submit Date:	2004-10-14
Status:	Resolved	Updated Date:	2011-12-15
Project Name:	JDK	Resolved Date:	2004-12-10
Component:	hotspot	OS:	windows
Sub-Component:	compiler	CPU:	x86
Priority:	P3
Resolution:	Fixed
Affected Versions:	1.4.2_05
Fixed Versions:	1.4.2_08

Related Reports

Backport:	JDK-2121722 - 1.4.2_06 crashes when setting -XX:CompileThreshold=200 -server on Windows
Relates:	JDK-4965984 - 1.4.2: Server VM crashes during a compile
Relates:	JDK-5030922 - BugFixes from Azul Systems

Sub Tasks

Description

The VM crashes on Linux and Windows with
-XX:CompileThreshold=200 and the following method (class attached) causes a
      
crash of the JVM com/sapportals/portal/prt/jndisupport/util/
AbstractHierarchicalContext

lookup The crash happens on Windows and Linux (both x86), other platforms      
not tested. Excluding this method from JIT seems to prevent the crash. On
Windows, the crash seems to be reproducible all the time with the following
 

Java Error ID: # Java VM: Java HotSpot(TM) Server VM (1.4.2_05-b04 mixed
      
mode) # # Error ID: 4255494C442F4F502D41500E4350500107 # # Problematic Thread:
prio=1 tid=0x08b5aa18 nid=0x3f54 runnable also see attached Windows_crash.txt
 
for crash transcript. The JVM on Linux sometimes crashes with the above
      
error id, sometimes it crashes without error id. Please see the attached
Linux_crash.txt transcript.
###@###.### 10/14/04 16:41 GMT



------------------------------------------
Please pull the Dr. Watson dump from
http://sap-jtc.germany.sun.com/transfer/cr6179233/20041014

Stefan Schneider
###@###.### 10/15/04 00:40 GMT
------------------------------------------
Three other crash scenarios are shown here:

http://sap-jtc.germany.sun.com/transfer/cr6179233/20041018/crash1
http://sap-jtc.germany.sun.com/transfer/cr6179233/20041018/crash2
http://sap-jtc.germany.sun.com/transfer/cr6179233/20041018/crash3

The files from each of these crashes are attached as follows:

Crash 1: AbstractHierarchicalContext.java, Windows_crash.txt and Linux_crash.txt
Crash 2: WSConfigurationHandler.java
Crash 3: PortalServiceItem.java
###@###.### 10/19/04 16:26 GMT

------------------------------------------

The customer has hinted that excluding PortalServiceItem.startServices from compilation avoids all failures. We are hoping for confirmation of this workaround.
###@###.### 10/19/04 16:27 GMT

Comments

SUGGESTED FIX

--- chaitin.cpp	Mon Nov 29 06:07:11 2004
***************
*** 1403,1409 ****

     // Search the current block for an existing base-Phi
     Block *b = _cfg._bbs[derived->_idx];
!   for( i = 1; i < b->end_idx(); i++ ) {// Search for matching Phi
       Node *phi = b->_nodes[i];
       if( !phi->is_Phi() ) {      // Found end of Phis with no match?
         b->_nodes.insert( i, base ); // Must insert created Phi here as base
--- 1403,1409 ----

     // Search the current block for an existing base-Phi
     Block *b = _cfg._bbs[derived->_idx];
!   for( i = 1; i <= b->end_idx(); i++ ) {// Search for matching Phi
       Node *phi = b->_nodes[i];
       if( !phi->is_Phi() ) {      // Found end of Phis with no match?
         b->_nodes.insert( i, base ); // Must insert created Phi here as base



###@###.### 2004-12-02 18:33:49 GMT

2004-12-02

EVALUATION

The VM crashes for the customer in at least two ways, so there may be multiple bugs.

The user.dmp and "crash3" appear to be the same, with C2 failing in reg_split.cpp, per the analysis found in the Comments section. At the time, C2 was compiling PortalServiceItem.startServices. That analysis indicates the same bug as 4965984, now closed. In 4965984, the customer accepted the workaround as a solution, and was not motivated to help us pursue a fix.

The source code for PortalServiceItem.startServices (attached) shows a method
that is very similar in structure to the failing method for 5026838 (to be fixed in 1.4.2_07). It may be worth our while to have the customer, if willing, attempt a run with an early 1.4.2_07 build, or, a custom built 1.4.2_06 with the fix for 5026838 added.

The "crash1" failure is a guarantee failure at buildOopMap.cpp:263. It is not clear if, or how this related to "crash3".

The method of failure "crash2" is unknown for now. It could be either the buildOooMap or the reg_split failure.
###@###.### 10/19/04 16:26 GMT

This may an off-by-one error fixed in Tiger in chaitin.cpp under the bugid of 5030922. The bugtraq entry for that bug has no relevant info; I'm working with the RE for that bug to correct the situation.

###@###.### 2004-11-29 14:27:05 GMT

Customer verifies that the off-by-one fix from 5030922 eliminates their problem. I will leave this bug open since 5030922 was an umbrella bug which contained other fixes.

The fix should be applied to 5.0, also.
###@###.### 2004-12-02 18:33:49 GMT

2004-10-19

SELECT A COUNTRY/REGION
Africa Operation Argentina Australia Austria Bahrain Bangladesh Belgium & Luxembourg Belize Bhutan Bolivia Bosnia & Herzegovina Brasil Brunei Bulgaria Cambodia Canada - English Canada - French Chile China Colombia	Costa Rica Croatia Cyprus Czech Republic Denmark Ecuador Egypt Estonia Finland France Germany Greece Guatemala Honduras Hong Kong Hungary India Indonesia Iraq Ireland	Israel Italy Japan Jordan Kazakhstan Korea Kuwait Laos Latvia Lebanon Lithuania Malaysia Maldives Malta Mexico Moldova Nepal Netherlands New Zealand Nicaragua	Norway Oman Pakistan Panama Paraguay Peru Philippines Poland Portugal Puerto Rico Qatar Romania Russia Saudi Arabia Serbia & Montenegro Singapore Slovakia Slovenia South Africa Spain	Sri Lanka Sweden Switzerland -- French Switzerland -- German Taiwan Thailand Turkey Ukraine United Arab Emirates United Kingdom United States Uruguay Venezuela Vietnam Yemen

Hardware and Software, Engineered to Work Together