JDK-4629512 : Bad exception in trivial loop on Sparc 32b -server
  • Type: Bug
  • Component: hotspot
  • Sub-Component: compiler
  • Affected Version: 1.4.0,1.4.1
  • Priority: P2
  • Status: Resolved
  • Resolution: Fixed
  • OS: solaris_2.5.1,solaris_7
  • CPU: generic,sparc
  • Submitted: 2002-01-28
  • Updated: 2003-01-07
  • Resolved: 2002-06-24
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
Other Other Other
1.4.0_04 04Fixed 1.4.1_02Fixed 1.4.2Fixed
Related Reports
Relates :  
Relates :  
Description
This program:

class A {
 public static void main(String argv[]) {
    
    int size = 4000000;
    int x[] = new int[size];
    
    for (int i = 0; i < 1000; i++) {
      for (int j = 0; j < size; j += 8192) {
        int y = x[j];
      }
    }
  }
}

Fails as follows:

mate:~> /usr/local/java/jdk1.4.0/solsparc/bin/java A
mate:~> /usr/local/java/jdk1.4.0/solsparc/bin/java -server A
Exception in thread "main" java.lang.ArrayIndexOutOfBoundsException
        at A.main(A.java:9)
mate:~> /usr/local/java/jdk1.4.0/solsparc/bin/java -server -Xint A
mate:~> /usr/local/java/jdk1.4.0/solsparc/bin/java -d64 A
mate:~> /usr/local/java/jdk1.4.0/solsparc/bin/java -server -XX:+PrintCompilation A
  1%      A::main @ 18
 (47 bytes)
Exception in thread "main" java.lang.ArrayIndexOutOfBoundsException
        at A.main(A.java:9)
mate:~> /usr/local/java/jdk1.4.0/solsparc/bin/java -server -version
java version "1.4.0-rc"
Java(TM) 2 Runtime Environment, Standard Edition (build 1.4.0-rc-b91)
Java HotSpot(TM) Server VM (build 1.4.0-rc-b91, mixed mode)

It does not fail in 1.3.1 or 1.2.1.

Comments
CONVERTED DATA BugTraq+ Release Management Values COMMIT TO FIX: 1.4.0_04 1.4.1_02 mantis FIXED IN: 1.4.0_04 1.4.1_02 mantis INTEGRATED IN: 1.4.0_04 1.4.1_02 mantis
14-06-2004

EVALUATION A simplified test case and class file are available at: /net/jano/export/disk20/GammaBase/Bugs/4629512 I've reproduced the problem on both solaris_sparc and windows_i486, it also reproduces with the current version of 1.4.1 The test case was simplified by commenting out the outer-loop, leaving only: int size = 4000000; int x[] = new int[size]; for(int j = 0; j < size; j += 8291) { int y = x[j]; } ###@###.### 2002-01-28 The inner loop runs j from 0 to 40005888. It appears that j might be 4000000 on exit, but 4000000 does not divide 8192 cleanly. The inner loop is turned into a CountedLoop and I note the correct final value of j, 40005888 (actually, because it's an OSR there's a pile of math there that computes 40005888 but the initial values are not constants). This establishes the invariant that the limit in a CountedLoop is always known exactly. The inner loop is pre/post split, then range-checked. The limit on the inner loop is set to MIN(old_limit,x.length) which is MIN(40005888,4000000) which is 4000000. Again, the math is all symbolic (no constants handy in the OSR). This BLOWs the invariant that the limit in a CountedLoop is always known exactly. I.e., at some point j will be 3997696 and all is OK. Then j will be 40005888 - and IF the loop were to trip again we'd have to throw a range-check. Since we MIN'd the limit we know we can exit the inner loop OK. Post loop should run fine and all should be well. Then, we remove the now empty inner loop. This removal uses the blown invariant on CountedLoops to "know" the final value of j - instead of using j=40005888, he uses j=MIN(40005888,4000000), which is to say 4000000. Now we attempt to run the post-loop; j is too small so the post run loops (otherwise it would never get executed) and we try to load x[4000000] and die. Fix is to have RCE, after he's done "fixing" the trip counts, re-compute a correct limit and restore the invariant. Alternatively, we could have each array length get whacked around accordingly - I'm not sure which will make better folding math. ###@###.### 2002-01-29 Found comment in code indicating need to round limit after all MAX/MIN'ing. Inserted code to round. ###@###.### 2002-06-18 Fix backported to 1.4.1_02. Bugtraq is not allowing me to save with 'Resp Eng'as "cliffc", so changing it to default. ###@###.### 2002-12-11
18-06-2002