RFR: 8374448: SIGSEGV in ConstantPool::print_value_on with -XX:CompileCommand=print [v2]
Johan Sjölen
jsjolen at openjdk.org
Thu Feb 12 09:08:58 UTC 2026
On Wed, 11 Feb 2026 09:33:38 GMT, Kerem Kat <krk at openjdk.org> wrote:
>> `BSMAttributeEntries::is_empty()` used AND, so `!is_empty()` was true when only one of `_offsets`/`_bootstrap_methods` was non-null. Callers then dereferenced the null pointer.
>>
>> Changed to OR so `!is_empty()` guarantees both are non-null. Added asserts at the two assignment sites to check for consistency.
>>
>> Please note that I could not reproduce this in fastdebug or slowdebug builds on x86_64 Linux.
>
> Kerem Kat has updated the pull request with a new target base due to a merge or a rebase. The incremental webrev excludes the unrelated changes brought in by the merge/rebase. The pull request contains three additional commits since the last revision:
>
> - Merge branch 'master' into fix-crash-cpprint-8374448
> - address comments
> - 8374448: SIGSEGV in ConstantPool::print_value_on with -XX:CompileCommand=print
If my miscompilation hypothesis is correct, then what happens is that:
if (!bsm_entries().is_empty()) // (1)
st->print("/BSMs[%d]", bsm_entries().bootstrap_methods() // (2)
->length()); // (3)
1. `is_empty()` correctly loads both `_offsets` and `_bsm_entries` and sees that both are non-null
2. The compiler picks the const-variant and on gcc 8.3 returns a null pointer while on 14.2 it returns the correct pointer
3. `->length()` is called and on gcc 8.3 dereferences a null pointer, leading to a crash
-------------
PR Comment: https://git.openjdk.org/jdk/pull/29611#issuecomment-3889632288
More information about the hotspot-dev
mailing list