Review request (S): 6711100: 64bit fastdebug server vm crashes with assert(_base == Int,"Not an Int")
Chuck Rasbold
Chuck.Rasbold at Sun.COM
Thu Aug 28 10:20:04 PDT 2008
http://webrev.invokedynamic.info/rasbold/6711100/index.html
6711100: 64bit fastdebug server vm crashes with assert(_base == Int,"Not
an Int")
Summary: insert CastII nodes to narrow type of load_array_length() node
Reviewed-by:
Another variant of the bug caused by array_addressing() not stopping
the parse when there is enough info to know that the index is
out-of-bounds. In this case, load_array_length() get the length from
the AllocateArrayNode for the array length, but doesn't narrow the
type.
The fix:
- add assertion in array_addressing() to catch problems of this nature
at a single point of failure
- add the function AllocateArrayNode::make_ideal_length(), which peeks
into the node for the length, and adds a CastII to narrow the type, if
appropriate
- use make_ideal_length() in all places where a CastII could narrow
the type of input to the allocation, including:
GraphKit::load_array_length(), GraphKit::new_array(), and the newly
added LoadRangeNode::Ideal()
- change LoadRangeNode::Identity() to only return the length argument
of a found AllocateArrayNode if a CastII is not needed
More information about the hotspot-compiler-dev
mailing list