# HG changeset patch
# User Doug Simon <doug.simon@oracle.com>
# Date 1426083934 -3600
# Node ID 94d87f6324a39b8c30a1f506714a58ffe9609cf6
# Parent  7117697d11e12a89fd51d177968d4737c9010ddf
ensure an offset into a HotSpot metaspace object is valid before reading it

diff -r 7117697d11e1 -r 94d87f6324a3 graal/com.oracle.graal.hotspot/src/com/oracle/graal/hotspot/meta/HotSpotMemoryAccessProviderImpl.java
--- a/graal/com.oracle.graal.hotspot/src/com/oracle/graal/hotspot/meta/HotSpotMemoryAccessProviderImpl.java	Tue Mar 10 21:59:29 2015 +0100
+++ b/graal/com.oracle.graal.hotspot/src/com/oracle/graal/hotspot/meta/HotSpotMemoryAccessProviderImpl.java	Wed Mar 11 15:25:34 2015 +0100
@@ -48,6 +48,24 @@
         }
     }
 
+    private boolean isValidObjectFieldDisplacement(Constant base, long displacement) {
+        if (base instanceof HotSpotMetaspaceConstant) {
+            Object metaspaceObject = HotSpotMetaspaceConstantImpl.getMetaspaceObject(base);
+            if (metaspaceObject instanceof HotSpotResolvedObjectTypeImpl) {
+                if (displacement == runtime.getConfig().classMirrorOffset) {
+                    // Klass::_java_mirror is valid for all Klass* values
+                    return true;
+                } else if (displacement == runtime.getConfig().arrayKlassComponentMirrorOffset) {
+                    // ArrayKlass::_component_mirror is only valid for all ArrayKlass* values
+                    return ((HotSpotResolvedObjectTypeImpl) metaspaceObject).mirror().isArray();
+                }
+            } else {
+                throw GraalInternalError.shouldNotReachHere();
+            }
+        }
+        return false;
+    }
+
     private static long asRawPointer(Constant base) {
         if (base instanceof HotSpotMetaspaceConstant) {
             return ((HotSpotMetaspaceConstant) base).rawValue();
@@ -119,7 +137,6 @@
         if (base == null) {
             displacement += asRawPointer(baseConstant);
         }
-
         Object ret = runtime.getCompilerToVM().readUnsafeOop(base, displacement, compressed);
         assert verifyReadRawObject(ret, baseConstant, initialDisplacement, compressed);
 
@@ -167,6 +184,9 @@
 
     @Override
     public JavaConstant readObjectConstant(Constant base, long displacement) {
+        if (!isValidObjectFieldDisplacement(base, displacement)) {
+            return null;
+        }
         return HotSpotObjectConstantImpl.forObject(readRawObject(base, displacement, false));
     }