Skip to content
Permalink
Browse files

8231430: C2: Memory stomp in max_array_length() for T_ILLEGAL type

Reviewed-by: kvn, thartmann
  • Loading branch information
Vladimir Ivanov
Vladimir Ivanov committed Dec 3, 2019
1 parent 22ea33c commit c7bc0f7a12d1797baa2f5fe014febb32453a7a12
Showing with 13 additions and 22 deletions.
  1. +11 −21 src/hotspot/share/opto/type.cpp
  2. +2 −1 src/hotspot/share/opto/type.hpp
@@ -4104,32 +4104,22 @@ const TypeOopPtr *TypeAryPtr::cast_to_nonconst() const {
}


//-----------------------------narrow_size_type-------------------------------
// Local cache for arrayOopDesc::max_array_length(etype),
// which is kind of slow (and cached elsewhere by other users).
static jint max_array_length_cache[T_CONFLICT+1];
static jint max_array_length(BasicType etype) {
jint& cache = max_array_length_cache[etype];
jint res = cache;
if (res == 0) {
switch (etype) {
case T_NARROWOOP:
//-----------------------------max_array_length-------------------------------
// A wrapper around arrayOopDesc::max_array_length(etype) with some input normalization.
jint TypeAryPtr::max_array_length(BasicType etype) {
if (!is_java_primitive(etype) && !is_reference_type(etype)) {
if (etype == T_NARROWOOP) {
etype = T_OBJECT;
break;
case T_NARROWKLASS:
case T_CONFLICT:
case T_ILLEGAL:
case T_VOID:
etype = T_BYTE; // will produce conservatively high value
break;
default:
break;
} else if (etype == T_ILLEGAL) { // bottom[]
etype = T_BYTE; // will produce conservatively high value
} else {
fatal("not an element type: %s", type2name(etype));
}
cache = res = arrayOopDesc::max_array_length(etype);
}
return res;
return arrayOopDesc::max_array_length(etype);
}

//-----------------------------narrow_size_type-------------------------------
// Narrow the given size type to the index range for the given array base type.
// Return NULL if the resulting int type becomes empty.
const TypeInt* TypeAryPtr::narrow_size_type(const TypeInt* size) const {
@@ -455,7 +455,6 @@ class Type {

private:
// support arrays
static const BasicType _basic_type[];
static const Type* _zero_type[T_CONFLICT+1];
static const Type* _const_basic_type[T_CONFLICT+1];
};
@@ -1225,6 +1224,8 @@ class TypeAryPtr : public TypeOopPtr {

const TypeAryPtr* cast_to_autobox_cache(bool cache) const;

static jint max_array_length(BasicType etype) ;

// Convenience common pre-built types.
static const TypeAryPtr *RANGE;
static const TypeAryPtr *OOPS;

0 comments on commit c7bc0f7

Please sign in to comment.
You can’t perform that action at this time.