RFR(XS) 8160411: SIGSEGV in frame::safe_for_sender on incomplete DeoptimizationBlob frame
dean.long at oracle.com
dean.long at oracle.com
Fri Oct 21 08:28:02 UTC 2016
Thanks Andrew.
dl
On 10/21/16 1:20 AM, Andrew Haley wrote:
> On 20/10/16 23:47, dean.long at oracle.com wrote:
>> https://bugs.openjdk.java.net/browse/JDK-8160411
>>
>> http://cr.openjdk.java.net/~dlong/8160411/webrev/
>>
>> I have only observed this crash on solaris x64 so far, but I have
>> included aarch64 in the fix since it uses similar code to x64. This
>> crash happens when we call pd_get_top_frame_for_profiling() and the top
>> frame is executing in the deopt stub, but hasn't finished pushing all
>> the registers yet. If we add cb->frame_size() at this point, we can end
>> up with a sender_sp that is past the stack base. The fix is to add a
>> range check for sender_sp before using it.
>>
>> Tested by hand on linux x64 by forcing a SEGV in the deopt stub, then
>> calling pd_get_top_frame_for_profiling() and safe_for_sender() in the
>> signal handler.
> That looks good.
>
> Thanks,
>
> Andrew.
>
>
More information about the hotspot-dev
mailing list