Mercurial > hg > truffle

comparison src/share/vm/opto/library_call.cpp @ 6180:eeb819cf36e5

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
7174363: Arrays.copyOfRange leads to VM crash with -Xcomp -server if executed by testing framework Summary: Arrays.copyOfRange(original, from, to) with from > original.length tries to do a copy with a negative length. Reviewed-by: kvn, twisti
author roland
date Mon, 18 Jun 2012 09:52:31 +0200
parents 8b0a4867acf0
children d50605d9417e
comparison
equal deleted inserted replaced
6179:8c92982cbbc4 6180:eeb819cf36e5
3590 if (_gvn.type(start) != TypeInt::ZERO) { 3590 if (_gvn.type(start) != TypeInt::ZERO) {
3591 length = _gvn.transform( new (C, 3) SubINode(end, start) ); 3591 length = _gvn.transform( new (C, 3) SubINode(end, start) );
3592 } 3592 }
3593 3593
3594 // Bail out if length is negative. 3594 // Bail out if length is negative.
3595 // ...Not needed, since the new_array will throw the right exception. 3595 // Without this the new_array would throw
3596 //generate_negative_guard(length, bailout, &length); 3596 // NegativeArraySizeException but IllegalArgumentException is what
3597 // should be thrown
3598 generate_negative_guard(length, bailout, &length);
3597 3599
3598 if (bailout->req() > 1) { 3600 if (bailout->req() > 1) {
3599 PreserveJVMState pjvms(this); 3601 PreserveJVMState pjvms(this);
3600 set_control( _gvn.transform(bailout) ); 3602 set_control( _gvn.transform(bailout) );
3601 uncommon_trap(Deoptimization::Reason_intrinsic, 3603 uncommon_trap(Deoptimization::Reason_intrinsic,
3615 // We know the copy is disjoint but we might not know if the 3617 // We know the copy is disjoint but we might not know if the
3616 // oop stores need checking. 3618 // oop stores need checking.
3617 // Extreme case: Arrays.copyOf((Integer[])x, 10, String[].class). 3619 // Extreme case: Arrays.copyOf((Integer[])x, 10, String[].class).
3618 // This will fail a store-check if x contains any non-nulls. 3620 // This will fail a store-check if x contains any non-nulls.
3619 bool disjoint_bases = true; 3621 bool disjoint_bases = true;
3620 bool length_never_negative = true; 3622 // if start > orig_length then the length of the copy may be
3623 // negative.
3624 bool length_never_negative = !is_copyOfRange;
3621 generate_arraycopy(TypeAryPtr::OOPS, T_OBJECT, 3625 generate_arraycopy(TypeAryPtr::OOPS, T_OBJECT,
3622 original, start, newcopy, intcon(0), moved, 3626 original, start, newcopy, intcon(0), moved,
3623 disjoint_bases, length_never_negative); 3627 disjoint_bases, length_never_negative);
3624 } 3628 }
3625 } //original reexecute and sp are set back here 3629 } //original reexecute and sp are set back here