1.9.0-ea-b64 regression (AIOOB thrown where it shouldn't be thrown)

Rory O'Donnell rory.odonnell at oracle.com
Mon May 25 08:00:55 UTC 2015


Hi Dawid,

Here is the JBS id: https://bugs.openjdk.java.net/browse/JDK-8080976

Thank you for submitting the bug.

Rgds, Rory

On 25/05/2015 08:46, Dawid Weiss wrote:
> Filed a bug report with Review ID: JI-9021458. Thanks!
>
> Dawid
>
> On Sun, May 24, 2015 at 10:32 PM, Rory O'Donnell
> <rory.odonnell at oracle.com> wrote:
>> Hi Dawid,
>>
>> Could you log an incident at bugs.java.com and let us know the incident id.
>>
>> Thanks, Rory
>>
>>
>> On 24/05/2015 08:23, Dawid Weiss wrote:
>>> Hello again,
>>>
>>> The bug repro code is at the link below:
>>> http://download.carrotsearch.com/jvm/repro.zip
>>>
>>> Definitely something with the compilation because disabling loop
>>> unrolling (or running in interpreted mode) doesn't trigger the bug.
>>> More information (also included in README.txt) quoted below.
>>>
>>> Dawid
>>>
>>> Expected behavior:
>>>     The code should re-read the gz2 resource, looping and printing
>>> (infinitely):
>>>     Round...
>>>     Round...
>>>     Round...
>>>
>>> Actual behavior (64-Bit Server VM, build 1.9.0-ea-b64, mixed mode):
>>>     Round...
>>>     Round...
>>>     Round...
>>>     Exception in thread "main" java.lang.ArrayIndexOutOfBoundsException:
>>> 314297
>>>             at
>>> org.apache.commons.compress.compressors.bzip2.BZip2CompressorInputStream.setupBlock(BZip2CompressorInputStream.java:820)
>>>             at
>>> org.apache.commons.compress.compressors.bzip2.BZip2CompressorInputStream.<init>(BZip2CompressorInputStream.java:136)
>>>             at
>>> org.apache.commons.compress.compressors.bzip2.BZip2CompressorInputStream.<init>(BZip2CompressorInputStream.java:111)
>>>             at bug.Repro.main(Repro.java:15)
>>>
>>> Notes
>>> -----
>>>
>>> - Self contained maven project (copied commons compress sources so that
>>> one can
>>>     tweak them if needed). An additional bz2 resource is needed (included).
>>> - Build with:
>>>     mvn package
>>> - Run with:
>>>     java -jar target/Repro-0.0.0.jar
>>> - Running in interpreted mode does *not* cause any error:
>>>     java -Xint -jar target/Repro-0.0.0.jar
>>> - Running without loop unrolls does *not* cause any error:
>>>     java -Xbatch -XX:LoopUnrollLimit=0 -jar target/Repro-0.0.0.jar
>>>
>>> On Sat, May 23, 2015 at 9:58 PM, Dawid Weiss <dawid.weiss at gmail.com>
>>> wrote:
>>>> Good news. I have a repro that crashes for me every time and it only
>>>> contains open-source code (and some data). Bad news: it's probably a
>>>> compiler bug because everything works just fine with -Xint.
>>>>
>>>> I'll put it together into a repro tomorrow, hopefully, and will ask
>>>> somebody with the right permission to file an issue in Jira. Should be
>>>> relatively easy to narrow it down by bisecting hs repo commits.
>>>>
>>>> Dawid
>>>>
>>>> On Sat, May 23, 2015 at 2:19 PM, Dawid Weiss
>>>> <dawid.weiss at carrotsearch.com> wrote:
>>>>> Hi Rory, everyone,
>>>>>
>>>>> I've ran into an issue with a suspicious ArrayIndexOutOfBounds on ea
>>>>> builds of JDK 1.9.0. Here's some context:
>>>>>
>>>>> - we run separate builds for 1.7, 1.8 and 1.9ea VMs and only the 1.9
>>>>> build currently fails (Windows, Linux environments, 64-bit),
>>>>>
>>>>> - the bug/ issue is a suspicious AIOOB on:
>>>>>
>>>>>
>>>>> org.apache.commons.compress.compressors.bzip2.BZip2CompressorInputStream.setupBlock(BZip2CompressorInputStream.java:820)
>>>>>
>>>>> which happens to be the line of code inside this for loop:
>>>>>
>>>>>           for (int i = 0, lastShadow = this.last; i <= lastShadow; i++) {
>>>>>               tt[cftab[ll8[i] & 0xff]++] = i;
>>>>>           }
>>>>>
>>>>> Which array access this is exactly is hard to tell, but the *same*
>>>>> bzip input file does not produce the error on any other JVM (or an
>>>>> earlier releases of 1.9ea). This code is deterministic in the test
>>>>> that uses the above routine.
>>>>>
>>>>> - the problem *only* appears from 1.9ea_b64; on earlier releases the
>>>>> same code passes just fine (bisected it back from b45),
>>>>>
>>>>> - I also checked 1.9ea_b65 (which happens to be on the download server
>>>>> but wasn't properly announced yet?). The problem persists.
>>>>>
>>>>> - the problem does reproduce on the build server (Windows and Linux).
>>>>> Interestingly, I couldn't reproduce it locally. The code is
>>>>> proprietary, I couldn't narrow it down yet to something that would
>>>>> reproduce (sigh).
>>>>>
>>>>> I realize this is insufficient information to get started, but perhaps
>>>>> this issue is already known or somebody may have a clue at what is
>>>>> going on (CCing hotspot-compiler-dev)?
>>>>>
>>>>> Dawid
>>
>> --
>> Rgds,Rory O'Donnell
>> Quality Engineering Manager
>> Oracle EMEA, Dublin,Ireland
>>

-- 
Rgds,Rory O'Donnell
Quality Engineering Manager
Oracle EMEA , Dublin, Ireland



More information about the hotspot-compiler-dev mailing list