SIGILL crashes JVM on PPC64 LE

Volker Simonis volker.simonis at gmail.com
Wed Jun 1 06:42:36 UTC 2016


Hi Andrew,

thanks for creating the bug, but I already created a bug for this
issue yesterday and posted a mail about it. Unfortunately I've just
realized that it was still pending in my outbox.

I've therefor closed  https://bugs.openjdk.java.net/browse/JDK-8158318
as duplicate of https://bugs.openjdk.java.net/browse/JDK-8158260

Regards,
Volker

On Wed, Jun 1, 2016 at 5:00 AM, Andrew Hughes <gnu.andrew at redhat.com> wrote:
> ----- Original Message -----
>> Hi Volker
>>
>> The following test case has been isolated by Hiroshi Horii and generates
>> the illegal instruction, crashing the JVM on PPC64 LE:
>>
>> UnalignedUnsafeAccess.java:
>> http://hastebin.com/raw/uqegukific
>>
>> $ javac UnalignedUnsafeAccess.java
>> $ java -Xcomp -Xbatch UnalignedUnsafeAccess
>>
>> The issue can be reproduced on OpenJDK 8 downstream, OpenJDK 8, and
>> OpenJDK 9 - hs_err logs:
>>
>> OpenJDK 9, tag 0be6f4f5d186 jdk-9+120:
>> http://hastebin.com/raw/ecuhukutur
>>
>> OpenJDK 8, tag 5aaa43d91c73 tip:
>> http://hastebin.com/raw/ipohoyafos
>>
>> OpenJDK 8 downstream:
>>
>> Ubuntu 16.04 LTS
>> build 1.8.0_91-8u91-b14-0ubuntu4~16.04.1-b14
>> http://hastebin.com/raw/yetizebofo
>>
>> RHEL 7.2:
>> build 1.8.0_91-b14
>> http://hastebin.com/raw/irequfawaw
>>
>> The crash happens when an illegal instruction - 0xea2f0013 - is executed.
>>
>> The backtrace shows:
>>
>> Stack: [0x00003fff56030000,0x00003fff56430000],  sp=0x00003fff5642b8d0,  free
>> space=4078k
>> Native frames: (J=compiled Java code, j=interpreted, Vv=VM code, C=native
>> code)
>> V  [libjvm.so+0x162104]  loadI2LNode::emit(CodeBuffer&, PhaseRegAlloc*)
>> const+0x194
>> V  [libjvm.so+0x8ece28]  Compile::fill_buffer(CodeBuffer*, unsigned
>> int*)+0x4e8
>> V  [libjvm.so+0x368e08]  Compile::Code_Gen()+0x3c8
>> V  [libjvm.so+0x369e04]  Compile::Compile(ciEnv*, C2Compiler*, ciMethod*,
>> int, bool, bool, bool)+0xf64
>> V  [libjvm.so+0x271380]  C2Compiler::compile_method(ciEnv*, ciMethod*,
>> int)+0x1f0
>> V  [libjvm.so+0x3785a4]
>> CompileBroker::invoke_compiler_on_method(CompileTask*)+0xd54
>> V  [libjvm.so+0x379dc8]  CompileBroker::compiler_thread_loop()+0x488
>> V  [libjvm.so+0xa5de90]  compiler_thread_entry(JavaThread*, Thread*)+0x20
>> V  [libjvm.so+0xa690c8]  JavaThread::thread_main_inner()+0x178
>> V  [libjvm.so+0x8c8c10]  java_start(Thread*)+0x170
>> C  [libpthread.so.0+0x833c]  start_thread+0xfc
>> C  [libc.so.6+0x12b014]  clone+0xe4
>>
>> loadI2LNode class is generated according to the following ADL code in
>> ppc.ad file:
>>
>> instruct loadI2L(iRegLdst dst, memory mem) %{
>>   match(Set dst (ConvI2L (LoadI mem)));
>>   predicate(_kids[0]->_leaf->as_Load()->is_unordered());
>>   ins_cost(MEMORY_REF_COST);
>>
>>   format %{ "LWA     $dst, $mem \t// loadI2L" %}
>>   size(4);
>>   ins_encode %{
>>     // TODO: PPC port $archOpcode(ppc64Opcode_lwa);
>>     int Idisp = $mem$$disp + frame_slots_bias($mem$$base, ra_);
>>     __ lwa($dst$$Register, Idisp, $mem$$base$$Register);
>>   %}
>>   ins_pipe(pipe_class_memory);
>> %}
>>
>> So the generated illegal instruction comes from:
>> lwa 17,17,15  (DS-form: lwa RT, DS, RA)
>>
>> As DS field must always be 4-byte aligned (i.e. DS field is always
>> concatenated with 0b00), 17 as DS (middle 17 value) is illegal,
>> generating the illegal instruction in question:
>>
>> 11101010000000000000000000000010: LWA
>> 00000010001000000000000000000000: 17
>> 00000000000000000000000000010001: 17
>> 00000000000011110000000000000000: 15
>> --------------------------------
>> 11101010001011110000000000010011: 0xEA2F0013 => Illegal instruction
>>
>> The following change is proposed to fix the issue and deals with the
>> unaligned displacements:
>>
>> OpenJDK 9 webrev:
>> 81.de.7a9f.ip4.static.sl-reverse.com./illegal/9
>>
>> OpenJDK 8 webrev:
>> 81.de.7a9f.ip4.static.sl-reverse.com./illegal/8
>>
>> Could we open a JIRA ticket regarding this issue in order to include it
>> in the webrev?
>>
>
> Done:
>
> https://bugs.openjdk.java.net/browse/JDK-8158318
>
> Reproduced on IcedTea 2.6.6 & OpenJDK 8u92:
>
> # JRE version: OpenJDK Runtime Environment (7.0_101) (build 1.7.0_101-mockbuild_2016_04_19_09_08-b00)
> # Java VM: OpenJDK 64-Bit Server VM (24.95-b01 compiled mode linux-ppc64 compressed oops)
> # Derivative: IcedTea 2.6.6pre01
> # Distribution: Red Hat Enterprise Linux Server release 7.2 (Maipo), package rhel-2.6.6.2.el7-ppc64le u101-b00
> # Problematic frame:
> # J 602 C2 UnalignedUnsafeAccess$NativeCell.path()Ljava/lang/String; (106 bytes) @ 0x00003fff88184430 [0x00003fff88184400+0x30]
>
> # JRE version: OpenJDK Runtime Environment (8.0_92-b14) (build 1.8.0_92-b14)
> # Java VM: OpenJDK 64-Bit Server VM (25.92-b14 compiled mode linux-ppc64 compressed oops)
> # Problematic frame:
> # J 485 C2 UnalignedUnsafeAccess$NativeCell.path()Ljava/lang/String; (106 bytes) @ 0x00003fff8015f030 [0x00003fff8015f000+0x30]
> --
> Andrew :)
>
> Senior Free Java Software Engineer
> Red Hat, Inc. (http://www.redhat.com)
>
> PGP Key: ed25519/35964222 (hkp://keys.gnupg.net)
> Fingerprint = 5132 579D D154 0ED2 3E04  C5A0 CFDA 0F9B 3596 4222
>
>


More information about the ppc-aix-port-dev mailing list