8338924: C1: assert(0 <= i && i < _len) failed: illegal index 5 for length 5

Co-authored-by: Dean Long <dlong@openjdk.org>
Reviewed-by: kvn, thartmann

Author: Matias Saavedra Silva

src/hotspot/share/c1/c1_GraphBuilder.cpp

@@ -1389,6 +1389,11 @@ void GraphBuilder::jsr(int dest) {
   // If the bytecodes are strange (jumping out of a jsr block) then we
   // might end up trying to re-parse a block containing a jsr which
   // has already been activated. Watch for this case and bail out.
+  if (next_bci() >= method()->code_size()) {
+    // This can happen if the subroutine does not terminate with a ret,
+    // effectively turning the jsr into a goto.
+    BAILOUT("too-complicated jsr/ret structure");
+  }
   for (ScopeData* cur_scope_data = scope_data();
        cur_scope_data != nullptr && cur_scope_data->parsing_jsr() && cur_scope_data->scope() == scope();
        cur_scope_data = cur_scope_data->parent()) {
@@ -3736,6 +3741,9 @@ bool GraphBuilder::try_inline_intrinsics(ciMethod* callee, bool ignore_return) {
 bool GraphBuilder::try_inline_jsr(int jsr_dest_bci) {
   // Introduce a new callee continuation point - all Ret instructions
   // will be replaced with Gotos to this point.
+  if (next_bci() >= method()->code_size()) {
+    return false;
+  }
   BlockBegin* cont = block_at(next_bci());
   assert(cont != nullptr, "continuation must exist (BlockListBuilder starts a new block after a jsr");
 

src/hotspot/share/compiler/methodLiveness.cpp

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1998, 2023, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1998, 2024, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -222,6 +222,9 @@ void MethodLiveness::init_basic_blocks() {
           dest = _block_map->at(bytes.get_dest());
           assert(dest != nullptr, "branch destination must start a block.");
           dest->add_normal_predecessor(current_block);
+          if (bci + Bytecodes::length_for(code) >= method_len) {
+            break;
+          }
           BasicBlock *jsrExit = _block_map->at(current_block->limit_bci());
           assert(jsrExit != nullptr, "jsr return bci must start a block.");
           jsr_exit_list->append(jsrExit);
@@ -232,6 +235,9 @@ void MethodLiveness::init_basic_blocks() {
           dest = _block_map->at(bytes.get_far_dest());
           assert(dest != nullptr, "branch destination must start a block.");
           dest->add_normal_predecessor(current_block);
+          if (bci + Bytecodes::length_for(code) >= method_len) {
+            break;
+          }
           BasicBlock *jsrExit = _block_map->at(current_block->limit_bci());
           assert(jsrExit != nullptr, "jsr return bci must start a block.");
           jsr_exit_list->append(jsrExit);

test/hotspot/jtreg/ProblemList-Xcomp.txt

@@ -51,5 +51,3 @@ vmTestbase/nsk/jvmti/scenarios/capability/CM03/cm03t001/TestDescription.java 829
 vmTestbase/nsk/stress/thread/thread006.java 8321476 linux-all
 
 gc/arguments/TestNewSizeFlags.java 8299116 macosx-aarch64
-
-runtime/interpreter/LastJsrTest.java 8338924 generic-all

test/hotspot/jtreg/runtime/interpreter/LastJsrTest.java

@@ -23,18 +23,20 @@
 
 /*
  * @test
- * @bug 8335664
+ * @bug 8335664 8338924
  * @summary Ensure a program that ends with a JSR does not crash
  * @library /test/lib
  * @compile LastJsr.jasm
  * @compile LastJsrReachable.jasm
- * @run main/othervm LastJsrTest
+ * @run main/othervm -Xbatch LastJsrTest
  */
 
 public class LastJsrTest {
     public static void main(String[] args) {
-        LastJsr.test();
-        LastJsrReachable.test();
+        for (int i = 0; i < 1000; ++i) {
+            LastJsr.test();
+            LastJsrReachable.test();
+        }
         System.out.println("PASSED");
     }
 }