# HG changeset patch # User morris # Date 1363720535 25200 # Node ID 3b9368710f08e1d3b964dc1ff11c4169585243dd # Parent 2eef6d34833bb620795faf40aee3188e26b1efbd 8008811: [parfait] Null pointer deference in hotspot/src/share/vm/opto/loopopts.cpp Summary: add guarantee() checks Reviewed-by: kvn diff -r 2eef6d34833b -r 3b9368710f08 src/share/vm/opto/loopnode.hpp --- a/src/share/vm/opto/loopnode.hpp Tue Mar 19 11:49:36 2013 -0700 +++ b/src/share/vm/opto/loopnode.hpp Tue Mar 19 12:15:35 2013 -0700 @@ -603,7 +603,10 @@ } public: - bool has_node( Node* n ) const { return _nodes[n->_idx] != NULL; } + bool has_node( Node* n ) const { + guarantee(n != NULL, "No Node."); + return _nodes[n->_idx] != NULL; + } // check if transform created new nodes that need _ctrl recorded Node *get_late_ctrl( Node *n, Node *early ); Node *get_early_ctrl( Node *n ); @@ -737,7 +740,8 @@ return n; } uint dom_depth(Node* d) const { - assert(d->_idx < _idom_size, ""); + guarantee(d != NULL, "Null dominator info."); + guarantee(d->_idx < _idom_size, ""); return _dom_depth[d->_idx]; } void set_idom(Node* d, Node* n, uint dom_depth); diff -r 2eef6d34833b -r 3b9368710f08 src/share/vm/opto/loopopts.cpp --- a/src/share/vm/opto/loopopts.cpp Tue Mar 19 11:49:36 2013 -0700 +++ b/src/share/vm/opto/loopopts.cpp Tue Mar 19 12:15:35 2013 -0700 @@ -232,7 +232,11 @@ // Loop predicates may have depending checks which should not // be skipped. For example, range check predicate has two checks // for lower and upper bounds. - ProjNode* unc_proj = iff->as_If()->proj_out(1 - dp->as_Proj()->_con)->as_Proj(); + if (dp == NULL) + return; + + ProjNode* dp_proj = dp->as_Proj(); + ProjNode* unc_proj = iff->as_If()->proj_out(1 - dp_proj->_con)->as_Proj(); if (exclude_loop_predicate && is_uncommon_trap_proj(unc_proj, Deoptimization::Reason_predicate)) return; // Let IGVN transformation change control dependence. @@ -866,8 +870,11 @@ // Now split the bool up thru the phi Node *bolphi = split_thru_phi( bol, n_ctrl, -1 ); + guarantee(bolphi != NULL, "null boolean phi node"); + _igvn.replace_node( bol, bolphi ); assert( iff->in(1) == bolphi, "" ); + if( bolphi->Value(&_igvn)->singleton() ) return; @@ -1628,6 +1635,7 @@ //------------------------------ short_circuit_if ------------------------------------- // Force the iff control output to be the live_proj Node* PhaseIdealLoop::short_circuit_if(IfNode* iff, ProjNode* live_proj) { + guarantee(live_proj != NULL, "null projection"); int proj_con = live_proj->_con; assert(proj_con == 0 || proj_con == 1, "false or true projection"); Node *con = _igvn.intcon(proj_con); @@ -1686,6 +1694,7 @@ set_idom(proj, new_if, ddepth); ProjNode* new_exit = proj_clone(other_proj, new_if)->as_Proj(); + guarantee(new_exit != NULL, "null exit node"); register_node(new_exit, get_loop(other_proj), new_if, ddepth); return new_exit; @@ -1793,7 +1802,10 @@ int stride = stride_of_possible_iv(if_cmpu); if (stride == 0) return NULL; - ProjNode* lp_continue = stay_in_loop(if_cmpu, loop)->as_Proj(); + Node* lp_proj = stay_in_loop(if_cmpu, loop); + guarantee(lp_proj != NULL, "null loop node"); + + ProjNode* lp_continue = lp_proj->as_Proj(); ProjNode* lp_exit = if_cmpu->proj_out(!lp_continue->is_IfTrue())->as_Proj(); Node* limit = NULL; @@ -1805,6 +1817,7 @@ } // Create a new region on the exit path RegionNode* reg = insert_region_before_proj(lp_exit); + guarantee(reg != NULL, "null region node"); // Clone the if-cmpu-true-false using a signed compare BoolTest::mask rel_i = stride > 0 ? bol->_test._test : BoolTest::ge;