[lworld] Integrated: 8271486: [lworld] Memory corruption due to out of bound access in MacroAssembler::move_helper
Tobias Hartmann
thartmann at openjdk.java.net
Thu Jul 29 17:47:46 UTC 2021
On Thu, 29 Jul 2021 16:04:59 GMT, Tobias Hartmann <thartmann at openjdk.org> wrote:
> While debugging weird crashes that only showed up when merging current mainline with lworld, I've noticed that we are writing outside of the `reg_state` array in `MacroAssembler::move_helper` because `from->value()` is `-1` (`OptoReg::BAD_REG`):
> https://github.com/openjdk/valhalla/blob/3c399d9f7f36903e4c2583c16b0080e01181114a/src/hotspot/cpu/x86/macroAssembler_x86.cpp#L5794-L5797
>
> The register is invalid because it belongs to the second half of a `T_LONG` or `T_DOUBLE` argument in the calling convention and should simply be ignored. I've also added asserts to catch similar issues in the future.
>
> Thanks,
> Tobias
This pull request has now been integrated.
Changeset: 233d7bbb
Author: Tobias Hartmann <thartmann at openjdk.org>
URL: https://git.openjdk.java.net/valhalla/commit/233d7bbb84a874d96e35657ff533d9c5903fbea6
Stats: 14 lines in 3 files changed: 11 ins; 0 del; 3 mod
8271486: [lworld] Memory corruption due to out of bound access in MacroAssembler::move_helper
-------------
PR: https://git.openjdk.java.net/valhalla/pull/507
More information about the valhalla-dev
mailing list