1.9.0-ea-b64 regression (AIOOB thrown where it shouldn't be thrown)

Dawid Weiss dawid.weiss at gmail.com
Mon May 25 07:46:54 UTC 2015 

Filed a bug report with Review ID: JI-9021458. Thanks!

Dawid

On Sun, May 24, 2015 at 10:32 PM, Rory O'Donnell
<rory.odonnell at oracle.com> wrote:
> Hi Dawid,
>
> Could you log an incident at bugs.java.com and let us know the incident id.
>
> Thanks, Rory
>
>
> On 24/05/2015 08:23, Dawid Weiss wrote:
>>
>> Hello again,
>>
>> The bug repro code is at the link below:
>> http://download.carrotsearch.com/jvm/repro.zip
>>
>> Definitely something with the compilation because disabling loop
>> unrolling (or running in interpreted mode) doesn't trigger the bug.
>> More information (also included in README.txt) quoted below.
>>
>> Dawid
>>
>> Expected behavior:
>>    The code should re-read the gz2 resource, looping and printing
>> (infinitely):
>>    Round...
>>    Round...
>>    Round...
>>
>> Actual behavior (64-Bit Server VM, build 1.9.0-ea-b64, mixed mode):
>>    Round...
>>    Round...
>>    Round...
>>    Exception in thread "main" java.lang.ArrayIndexOutOfBoundsException:
>> 314297
>>            at
>> org.apache.commons.compress.compressors.bzip2.BZip2CompressorInputStream.setupBlock(BZip2CompressorInputStream.java:820)
>>            at
>> org.apache.commons.compress.compressors.bzip2.BZip2CompressorInputStream.<init>(BZip2CompressorInputStream.java:136)
>>            at
>> org.apache.commons.compress.compressors.bzip2.BZip2CompressorInputStream.<init>(BZip2CompressorInputStream.java:111)
>>            at bug.Repro.main(Repro.java:15)
>>
>> Notes
>> -----
>>
>> - Self contained maven project (copied commons compress sources so that
>> one can
>>    tweak them if needed). An additional bz2 resource is needed (included).
>> - Build with:
>>    mvn package
>> - Run with:
>>    java -jar target/Repro-0.0.0.jar
>> - Running in interpreted mode does *not* cause any error:
>>    java -Xint -jar target/Repro-0.0.0.jar
>> - Running without loop unrolls does *not* cause any error:
>>    java -Xbatch -XX:LoopUnrollLimit=0 -jar target/Repro-0.0.0.jar
>>
>> On Sat, May 23, 2015 at 9:58 PM, Dawid Weiss <dawid.weiss at gmail.com>
>> wrote:
>>>
>>> Good news. I have a repro that crashes for me every time and it only
>>> contains open-source code (and some data). Bad news: it's probably a
>>> compiler bug because everything works just fine with -Xint.
>>>
>>> I'll put it together into a repro tomorrow, hopefully, and will ask
>>> somebody with the right permission to file an issue in Jira. Should be
>>> relatively easy to narrow it down by bisecting hs repo commits.
>>>
>>> Dawid
>>>
>>> On Sat, May 23, 2015 at 2:19 PM, Dawid Weiss
>>> <dawid.weiss at carrotsearch.com> wrote:
>>>>
>>>> Hi Rory, everyone,
>>>>
>>>> I've ran into an issue with a suspicious ArrayIndexOutOfBounds on ea
>>>> builds of JDK 1.9.0. Here's some context:
>>>>
>>>> - we run separate builds for 1.7, 1.8 and 1.9ea VMs and only the 1.9
>>>> build currently fails (Windows, Linux environments, 64-bit),
>>>>
>>>> - the bug/ issue is a suspicious AIOOB on:
>>>>
>>>>
>>>> org.apache.commons.compress.compressors.bzip2.BZip2CompressorInputStream.setupBlock(BZip2CompressorInputStream.java:820)
>>>>
>>>> which happens to be the line of code inside this for loop:
>>>>
>>>>          for (int i = 0, lastShadow = this.last; i <= lastShadow; i++) {
>>>>              tt[cftab[ll8[i] & 0xff]++] = i;
>>>>          }
>>>>
>>>> Which array access this is exactly is hard to tell, but the *same*
>>>> bzip input file does not produce the error on any other JVM (or an
>>>> earlier releases of 1.9ea). This code is deterministic in the test
>>>> that uses the above routine.
>>>>
>>>> - the problem *only* appears from 1.9ea_b64; on earlier releases the
>>>> same code passes just fine (bisected it back from b45),
>>>>
>>>> - I also checked 1.9ea_b65 (which happens to be on the download server
>>>> but wasn't properly announced yet?). The problem persists.
>>>>
>>>> - the problem does reproduce on the build server (Windows and Linux).
>>>> Interestingly, I couldn't reproduce it locally. The code is
>>>> proprietary, I couldn't narrow it down yet to something that would
>>>> reproduce (sigh).
>>>>
>>>> I realize this is insufficient information to get started, but perhaps
>>>> this issue is already known or somebody may have a clue at what is
>>>> going on (CCing hotspot-compiler-dev)?
>>>>
>>>> Dawid
>
>
> --
> Rgds,Rory O'Donnell
> Quality Engineering Manager
> Oracle EMEA, Dublin,Ireland
>

More information about the hotspot-compiler-dev mailing list