[11] RFR(S): 8203196: C1 emits incorrect code due to integer overflow in _tableswitch keys
Doerr, Martin
martin.doerr at sap.com
Fri May 18 13:13:17 UTC 2018
Hi Tobias,
thanks for fixing. Undefined behavior of signed integer overflow is really annoying in C/C++.
Fix looks good to me.
Best regards,
Martin
-----Original Message-----
From: hotspot-compiler-dev [mailto:hotspot-compiler-dev-bounces at openjdk.java.net] On Behalf Of Tobias Hartmann
Sent: Freitag, 18. Mai 2018 12:03
To: hotspot compiler <hotspot-compiler-dev at openjdk.java.net>
Subject: [11] RFR(S): 8203196: C1 emits incorrect code due to integer overflow in _tableswitch keys
Hi,
please review the following patch:
https://bugs.openjdk.java.net/browse/JDK-8203196
http://cr.openjdk.java.net/~thartmann/8203196/webrev.00/
C1 incorrectly compiles a _tableswitch instruction due to an integer overflow of x->hi_key() in
Canonicalizer::do_TableSwitch():
0 0 i5 2147483647
. 2 0 6 tableswitch i5
case 2147483647: B1
default : B2
canonicalized to:
. 2 0 7 goto B2
We compute hi_key = _lo_key + length() - 1 = INT_MAX + (2 - 1) - 1 = INT_MAX + 1 - 1 which may
overflow depending on how the C++ compiler translates it (fails with fastdebug, works with
slowdebug). I've added parentheses and an assert for sanity checking.
This problem was introduced by the fix for JDK-8200303. Before, we would use an if instead of a
switch [1].
Thanks,
Tobias
[1] http://hg.openjdk.java.net/jdk/jdk/rev/d84f06a0cae1#l3.8
More information about the hotspot-compiler-dev
mailing list