SIGSEGV in Jdk9 from MethodHandle

Paul Sandoz paul.sandoz at oracle.com
Mon Jul 10 18:24:11 UTC 2017


Hi Jackson,

Thanks for reporting.

I can reproduce the same behaviour. It fails with -Xint (interpreter only). Compiling on Java 8 and running on Java 9 induces a different error, an NPE instead (due to different byte code shapes being produced).

I loged this issue:

  https://bugs.openjdk.java.net/browse/JDK-8184119 <https://bugs.openjdk.java.net/browse/JDK-8184119>

Initially logged under core-libs/j.l.invoke in case some LambaForm + invokeBasic execution has gone astray, but it could well be a HotSpot issue.

Paul.

> On 10 Jul 2017, at 09:27, Jackson Davis <jackson at jcdav.is> wrote:
> 
> (Apologies in advance if this is not the correct mailing list, this seems
> to not be happening in jdk8 so this seemed appropriate)
> 
> I've been playing around with some complex MethodHandle chains recently (as
> one does) and ran into a consistent segfault in the interpreter. Here is
> the most minimal repro I could find:
> 
> import java.lang.invoke.*;
> import static java.lang.invoke.MethodType.*;
> import static java.lang.invoke.MethodHandles.*;
> 
> class Crash {
>  public static void main(String[] args) throws Throwable {
>    MethodHandle crash = permuteArguments(foldArguments(
>      dropArguments(identity(int[].class), 1, int.class, int.class),
>      arrayElementSetter(int[].class)
>    ), methodType(int[].class, int.class, int[].class, int.class), 1, 2, 0);
>    int[] arr = new int[1];
>    arr = (int[])crash.invokeExact(1, arr, 0);
>    System.out.println(arr);
>  }
> }
> 
> Removing the permuteArguments call seems to stop it from happening, as does
> removing the println. This crashes at the same place every time both on my
> local builds (fastdebug & release), as well as the latest ea 9+177. As
> mentioned above, I can't repro this in 8u92.



More information about the jdk9-dev mailing list