United StatesChange Country, Oracle Worldwide Web Sites Communities I am a... I want to...
Bug ID: 6890984 Comparison of 2 arrays could cause VM crash.
6890984 : Comparison of 2 arrays could cause VM crash.

Details
Type:
Bug
Submit Date:
2009-10-13
Status:
Closed
Updated Date:
2013-06-06
Project Name:
JDK
Resolved Date:
2011-03-08
Component:
hotspot
OS:
generic
Sub-Component:
compiler
CPU:
x86,generic
Priority:
P2
Resolution:
Fixed
Affected Versions:
hs17,7
Fixed Versions:
hs17

Related Reports
Backport:
JDK-2189909 - Comparison of 2 arrays could cause VM crash.
Backport:
JDK-2184792 - Comparison of 2 arrays could cause VM crash.
Duplicate:
JDK-6892738 - test/java/util/Arrays/ArrayObjectMethods.java failing intermittently
Relates:
JDK-6827605 - new String intrinsics may prevent EA scalar replacement
Relates:
JDK-8016108 - SIGSEGV in compiled code on SPARC

Sub Tasks

Description
These 2 tests crash on the solaris x86 & windows, they fail on the linux and pass on the solaris-sparc. It looks the their failure have same reason. They fails during array comparison for the hs 17 b03 in the jdk7b74 only. The server & Xcomp should be used to reproduce failures.

The tests are:
java/lang/annotation/UnitTest.java
java/util/Arrays/ArrayObjectMethods.java

Here is the link to the failures in this PIT:
http://sqeweb.sfbay.sun.com/nfs/results/vm/gtee/HSX/PIT/VM/17/b03/jdk7b74/product_01/

Here is the message:

#
# A fatal error has been detected by the Java Runtime Environment:
#
#  SIGSEGV (0xb) at pc=0xf9501629, pid=8721, tid=2
#
# JRE version: 7.0-b73
# Java VM: Java HotSpot(TM) Server VM (17.0-b03-2009-10-09-222614.et151817.hs17b03-fastdebug compiled mode solaris-x86 )
# Problematic frame:
# J  sun.reflect.annotation.AnnotationInvocationHandler.memberValueEquals(Ljava/lang/Object;Ljava/lang/Object;)Z
#
# An error report file with more information is saved as:
# /net/peter-home1.russia/export/home1/29/lm153972/ws/bugs/b74/hs_err_pid8721.log
#
# If you would like to submit a bug report, please visit:
#   http://java.sun.com/webapps/bugreport/crash.jsp
#
Current thread is 2
Dumping core ...
Abort (core dumped)

Comments
EVALUATION

http://hg.openjdk.java.net/jdk7/hotspot-comp/hotspot/rev/d40f03b57795
2009-10-15 
EVALUATION

Note: the problem exists only in HS17 (from b03) which has full fix for 6827605 with aassembler code rearrangment.
2009-10-15 
PUBLIC COMMENTS

Problem:
I did incorrect "optimization" in 6827605 changes -
replaced 2 null pointer checks with andptr(p1,p2)
instruction which damages the result register.
I should have use testptr(p1,p2) but it is also incorrect.
There is problem on sparc also - br() instruction is used
instead of brx() when comparing pointers.

Solution:
Restore original null checks for x86.
Use brx() when comparing pointers on sparc.
2009-10-15 
EVALUATION

This appears to be caused by the fix for 6827605.  The Arrays.equals code changed and it seems to be the cause of the failure.  Grabbing the regression test test/java/lang/annotation/UnitTest.java from the jdk workspace and running this reproduces it:

java -server -Xcomp -XX:CompileOnly=sun/reflect/annotation/AnnotationInvocationHandler.memberValueEquals UnitTest

I think it's not handling the bounds properly.
2009-10-14


Hardware and Software, Engineered to Work Together