[11] RFR(S): 8203196: C1 emits incorrect code due to integer overflow in _tableswitch keys
Tobias Hartmann
tobias.hartmann at oracle.com
Tue May 22 06:55:24 UTC 2018
Hi Goetz,
great, thanks for verifying.
Best regards,
Tobias
On 22.05.2018 08:49, Lindenmaier, Goetz wrote:
> Hi Tobias,
>
>> Thanks! I've already verified with the failing JCK tests but additional testing is
>> always good.
> Sure, I assumed you tried the jck test.
> Our testsuite is green now, too. Thanks a lot for fixing.
>
> Best regards,
> Goetz.
>
>
>> Best regards,
>> Tobias
>>
>>
>>>> -----Original Message-----
>>>> From: hotspot-compiler-dev <hotspot-compiler-dev-
>>>> bounces at openjdk.java.net> On Behalf Of Tobias Hartmann
>>>> Sent: Friday, May 18, 2018 12:03 PM
>>>> To: hotspot compiler <hotspot-compiler-dev at openjdk.java.net>
>>>> Subject: [11] RFR(S): 8203196: C1 emits incorrect code due to integer
>>>> overflow in _tableswitch keys
>>>>
>>>> Hi,
>>>>
>>>> please review the following patch:
>>>> https://bugs.openjdk.java.net/browse/JDK-8203196
>>>> http://cr.openjdk.java.net/~thartmann/8203196/webrev.00/
>>>>
>>>> C1 incorrectly compiles a _tableswitch instruction due to an integer
>> overflow
>>>> of x->hi_key() in
>>>> Canonicalizer::do_TableSwitch():
>>>> 0 0 i5 2147483647
>>>> . 2 0 6 tableswitch i5
>>>> case 2147483647: B1
>>>> default : B2
>>>> canonicalized to:
>>>> . 2 0 7 goto B2
>>>>
>>>> We compute hi_key = _lo_key + length() - 1 = INT_MAX + (2 - 1) - 1 =
>>>> INT_MAX + 1 - 1 which may
>>>> overflow depending on how the C++ compiler translates it (fails with
>>>> fastdebug, works with
>>>> slowdebug). I've added parentheses and an assert for sanity checking.
>>>>
>>>> This problem was introduced by the fix for JDK-8200303. Before, we
>> would
>>>> use an if instead of a
>>>> switch [1].
>>>>
>>>> Thanks,
>>>> Tobias
>>>>
>>>> [1] http://hg.openjdk.java.net/jdk/jdk/rev/d84f06a0cae1#l3.8
More information about the hotspot-compiler-dev
mailing list