Review request (S): 6646109 array subscript expressions become top() with -d64
Chuck Rasbold
Chuck.Rasbold at Sun.COM
Wed Apr 16 15:05:17 PDT 2008
http://webrev.invokedynamic.info/rasbold/6646019/
Fixed 6646109: array subscript expressions become top() with -d64
Several "Tester" programs fail (in different ways) with -d64 when a
negative array length or negative subscript is used. C2 proves that
the subscript expression does not meet the array bounds and a
ConvI2LNode construction returns top. The top node can cause problems
downstream with a variety of assertion failures or crashes.
There are two parts to this fix:
By itself, the change in graphKit.cpp fixes the problem in all
observed cases. If the ConvI2LNode construction returns top(), we
simply back off on the type of ConvI2LNode to TypeLong::INT.
The fix in parse2.cpp preemptively handles the cases when the array
bound is negative. The CmpU bounds check trick doesn't work if the
array bound is negative. However, if the parser observes the bound is
negative, then it can proceed as if it is 0, and the CmpU mechanism
causes the path to disappear into an uncommon_trap.
Reviewed by:
Fix verified (y/n): y
More information about the hotspot-compiler-dev
mailing list