Mercurial > hg > graal-compiler

diff src/share/vm/opto/library_call.cpp @ 6180:eeb819cf36e5

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
7174363: Arrays.copyOfRange leads to VM crash with -Xcomp -server if executed by testing framework Summary: Arrays.copyOfRange(original, from, to) with from > original.length tries to do a copy with a negative length. Reviewed-by: kvn, twisti
author roland
date Mon, 18 Jun 2012 09:52:31 +0200
parents 8b0a4867acf0
children d50605d9417e
line wrap: on
line diff
--- a/src/share/vm/opto/library_call.cpp	Fri Jun 15 01:25:19 2012 -0700
+++ b/src/share/vm/opto/library_call.cpp	Mon Jun 18 09:52:31 2012 +0200
@@ -3592,8 +3592,10 @@
     }
 
     // Bail out if length is negative.
-    // ...Not needed, since the new_array will throw the right exception.
-    //generate_negative_guard(length, bailout, &length);
+    // Without this the new_array would throw
+    // NegativeArraySizeException but IllegalArgumentException is what
+    // should be thrown
+    generate_negative_guard(length, bailout, &length);
 
     if (bailout->req() > 1) {
       PreserveJVMState pjvms(this);
@@ -3617,7 +3619,9 @@
       // Extreme case:  Arrays.copyOf((Integer[])x, 10, String[].class).
       // This will fail a store-check if x contains any non-nulls.
       bool disjoint_bases = true;
-      bool length_never_negative = true;
+      // if start > orig_length then the length of the copy may be
+      // negative.
+      bool length_never_negative = !is_copyOfRange;
       generate_arraycopy(TypeAryPtr::OOPS, T_OBJECT,
                          original, start, newcopy, intcon(0), moved,
                          disjoint_bases, length_never_negative);