Mercurial > hg > truffle
changeset 6504:cc863a159645
fixed subtle bug in TLAB allocation snippet involving unchecked, unsigned integer overflow (bug and fix submitted by Peter Kessler)
author | Doug Simon <doug.simon@oracle.com> |
---|---|
date | Wed, 03 Oct 2012 20:43:44 +0200 |
parents | ac3a4ea144a6 |
children | 1ecf984d490c |
files | graal/com.oracle.graal.hotspot/src/com/oracle/graal/hotspot/snippets/NewObjectSnippets.java |
diffstat | 1 files changed, 3 insertions(+), 2 deletions(-) [+] |
line wrap: on
line diff
--- a/graal/com.oracle.graal.hotspot/src/com/oracle/graal/hotspot/snippets/NewObjectSnippets.java Wed Oct 03 20:38:40 2012 +0200 +++ b/graal/com.oracle.graal.hotspot/src/com/oracle/graal/hotspot/snippets/NewObjectSnippets.java Wed Oct 03 20:43:44 2012 +0200 @@ -59,8 +59,9 @@ Word thread = thread(); Word top = loadWordFromWord(thread, threadTlabTopOffset()); Word end = loadWordFromWord(thread, threadTlabEndOffset()); - Word newTop = top.plus(size); - if (newTop.belowOrEqual(end)) { + Word available = end.minus(top); + if (available.aboveOrEqual(Word.fromInt(size))) { + Word newTop = top.plus(size); storeObject(thread, 0, threadTlabTopOffset(), newTop); return top; }