# HG changeset patch # User jcm # Date 1482157512 28800 # Node ID 973960866fa41fbaabe332a5c1664ef14704ded4 # Parent c89e1f0a084ebc6b356cd15ba5109039d8f11d17 8170761: Buffer overrun in sharedRuntime_x86_64.cpp:477 Summary: Fixed missing half assert! Reviewed-by: kvn diff -r c89e1f0a084e -r 973960866fa4 hotspot/src/cpu/aarch64/vm/sharedRuntime_aarch64.cpp --- a/hotspot/src/cpu/aarch64/vm/sharedRuntime_aarch64.cpp Mon Dec 19 02:33:30 2016 -0800 +++ b/hotspot/src/cpu/aarch64/vm/sharedRuntime_aarch64.cpp Mon Dec 19 06:25:12 2016 -0800 @@ -282,7 +282,7 @@ regs[i].set_bad(); break; case T_LONG: - assert(sig_bt[i + 1] == T_VOID, "expecting half"); + assert((i + 1) < total_args_passed && sig_bt[i + 1] == T_VOID, "expecting half"); // fall through case T_OBJECT: case T_ARRAY: @@ -303,7 +303,7 @@ } break; case T_DOUBLE: - assert(sig_bt[i + 1] == T_VOID, "expecting half"); + assert((i + 1) < total_args_passed && sig_bt[i + 1] == T_VOID, "expecting half"); if (fp_args < Argument::n_float_register_parameters_j) { regs[i].set2(FP_ArgReg[fp_args++]->as_VMReg()); } else { @@ -840,7 +840,7 @@ } break; case T_LONG: - assert(sig_bt[i + 1] == T_VOID, "expecting half"); + assert((i + 1) < total_args_passed && sig_bt[i + 1] == T_VOID, "expecting half"); // fall through case T_OBJECT: case T_ARRAY: @@ -862,7 +862,7 @@ } break; case T_DOUBLE: - assert(sig_bt[i + 1] == T_VOID, "expecting half"); + assert((i + 1) < total_args_passed && sig_bt[i + 1] == T_VOID, "expecting half"); if (fp_args < Argument::n_float_register_parameters_c) { regs[i].set2(FP_ArgReg[fp_args++]->as_VMReg()); } else { diff -r c89e1f0a084e -r 973960866fa4 hotspot/src/cpu/ppc/vm/sharedRuntime_ppc.cpp --- a/hotspot/src/cpu/ppc/vm/sharedRuntime_ppc.cpp Mon Dec 19 02:33:30 2016 -0800 +++ b/hotspot/src/cpu/ppc/vm/sharedRuntime_ppc.cpp Mon Dec 19 06:25:12 2016 -0800 @@ -594,7 +594,7 @@ regs[i].set1(reg); break; case T_LONG: - assert(sig_bt[i+1] == T_VOID, "expecting half"); + assert((i + 1) < total_args_passed && sig_bt[i+1] == T_VOID, "expecting half"); if (ireg < num_java_iarg_registers) { // Put long in register. reg = java_iarg_reg[ireg]; @@ -637,7 +637,7 @@ regs[i].set1(reg); break; case T_DOUBLE: - assert(sig_bt[i+1] == T_VOID, "expecting half"); + assert((i + 1) < total_args_passed && sig_bt[i+1] == T_VOID, "expecting half"); if (freg < num_java_farg_registers) { // Put double in register. reg = java_farg_reg[freg]; @@ -809,7 +809,7 @@ regs[i].set1(reg); break; case T_DOUBLE: - assert(sig_bt[i+1] == T_VOID, "expecting half"); + assert((i + 1) < total_args_passed && sig_bt[i+1] == T_VOID, "expecting half"); if (freg < Argument::n_float_register_parameters_c) { // Put double in register ... reg = farg_reg[freg]; diff -r c89e1f0a084e -r 973960866fa4 hotspot/src/cpu/s390/vm/sharedRuntime_s390.cpp --- a/hotspot/src/cpu/s390/vm/sharedRuntime_s390.cpp Mon Dec 19 02:33:30 2016 -0800 +++ b/hotspot/src/cpu/s390/vm/sharedRuntime_s390.cpp Mon Dec 19 06:25:12 2016 -0800 @@ -683,7 +683,7 @@ } break; case T_LONG: - assert(sig_bt[i+1] == T_VOID, "expecting half"); + assert((i + 1) < total_args_passed && sig_bt[i+1] == T_VOID, "expecting half"); if (ireg < z_num_iarg_registers) { // Put long in register. regs[i].set2(z_iarg_reg[ireg]); @@ -723,7 +723,7 @@ } break; case T_DOUBLE: - assert(sig_bt[i+1] == T_VOID, "expecting half"); + assert((i + 1) < total_args_passed && sig_bt[i+1] == T_VOID, "expecting half"); if (freg < z_num_farg_registers) { // Put double in register. regs[i].set2(z_farg_reg[freg]); @@ -822,7 +822,7 @@ } break; case T_DOUBLE: - assert(sig_bt[i+1] == T_VOID, "expecting half"); + assert((i + 1) < total_args_passed && sig_bt[i+1] == T_VOID, "expecting half"); if (freg < z_num_farg_registers) { regs[i].set2(z_farg_reg[freg]); ++freg; diff -r c89e1f0a084e -r 973960866fa4 hotspot/src/cpu/sparc/vm/sharedRuntime_sparc.cpp --- a/hotspot/src/cpu/sparc/vm/sharedRuntime_sparc.cpp Mon Dec 19 02:33:30 2016 -0800 +++ b/hotspot/src/cpu/sparc/vm/sharedRuntime_sparc.cpp Mon Dec 19 06:25:12 2016 -0800 @@ -425,7 +425,7 @@ #ifdef _LP64 case T_LONG: - assert(sig_bt[i+1] == T_VOID, "expecting VOID in other half"); + assert((i + 1) < total_args_passed && sig_bt[i+1] == T_VOID, "expecting VOID in other half"); // fall-through case T_OBJECT: case T_ARRAY: @@ -441,7 +441,7 @@ break; #else case T_LONG: - assert(sig_bt[i+1] == T_VOID, "expecting VOID in other half"); + assert((i + 1) < total_args_passed && sig_bt[i+1] == T_VOID, "expecting VOID in other half"); // On 32-bit SPARC put longs always on the stack to keep the pressure off // integer argument registers. They should be used for oops. slot = round_to(slot, 2); // align @@ -460,7 +460,7 @@ break; case T_DOUBLE: - assert(sig_bt[i+1] == T_VOID, "expecting half"); + assert((i + 1) < total_args_passed && sig_bt[i+1] == T_VOID, "expecting half"); if (round_to(flt_reg, 2) + 1 < flt_reg_max) { flt_reg = round_to(flt_reg, 2); // align FloatRegister r = as_FloatRegister(flt_reg); @@ -1174,7 +1174,7 @@ regs[i].set1(int_stk_helper(j)); break; case T_LONG: - assert(sig_bt[i+1] == T_VOID, "expecting half"); + assert((i + 1) < total_args_passed && sig_bt[i+1] == T_VOID, "expecting half"); case T_ADDRESS: // raw pointers, like current thread, for VM calls case T_ARRAY: case T_OBJECT: @@ -1209,7 +1209,7 @@ break; case T_DOUBLE: { - assert(sig_bt[i + 1] == T_VOID, "expecting half"); + assert((i + 1) < total_args_passed && sig_bt[i + 1] == T_VOID, "expecting half"); // V9ism: doubles go in EVEN/ODD regs and stack slots int double_index = (j << 1); param_array_reg.set2(VMRegImpl::stack2reg(double_index)); @@ -1261,7 +1261,7 @@ break; case T_DOUBLE: case T_LONG: - assert(sig_bt[i + 1] == T_VOID, "expecting half"); + assert((i + 1) < total_args_passed && sig_bt[i + 1] == T_VOID, "expecting half"); regs[i].set_pair(int_stk_helper(i + 1), int_stk_helper(i)); break; case T_VOID: regs[i].set_bad(); break; diff -r c89e1f0a084e -r 973960866fa4 hotspot/src/cpu/x86/vm/sharedRuntime_x86_32.cpp --- a/hotspot/src/cpu/x86/vm/sharedRuntime_x86_32.cpp Mon Dec 19 02:33:30 2016 -0800 +++ b/hotspot/src/cpu/x86/vm/sharedRuntime_x86_32.cpp Mon Dec 19 06:25:12 2016 -0800 @@ -478,12 +478,12 @@ } break; case T_LONG: - assert(sig_bt[i+1] == T_VOID, "missing Half" ); + assert((i + 1) < total_args_passed && sig_bt[i+1] == T_VOID, "missing Half" ); regs[i].set2(VMRegImpl::stack2reg(dstack)); dstack += 2; break; case T_DOUBLE: - assert(sig_bt[i+1] == T_VOID, "missing Half" ); + assert((i + 1) < total_args_passed && sig_bt[i+1] == T_VOID, "missing Half" ); if( freg_arg0 == (uint)i ) { regs[i].set2(xmm0->as_VMReg()); } else if( freg_arg1 == (uint)i ) { @@ -1001,7 +1001,7 @@ case T_DOUBLE: // The stack numbering is reversed from Java // Since C arguments do not get reversed, the ordering for // doubles on the stack must be opposite the Java convention - assert(sig_bt[i+1] == T_VOID, "missing Half" ); + assert((i + 1) < total_args_passed && sig_bt[i+1] == T_VOID, "missing Half" ); regs[i].set2(VMRegImpl::stack2reg(stack)); stack += 2; break; diff -r c89e1f0a084e -r 973960866fa4 hotspot/src/cpu/x86/vm/sharedRuntime_x86_64.cpp --- a/hotspot/src/cpu/x86/vm/sharedRuntime_x86_64.cpp Mon Dec 19 02:33:30 2016 -0800 +++ b/hotspot/src/cpu/x86/vm/sharedRuntime_x86_64.cpp Mon Dec 19 06:25:12 2016 -0800 @@ -474,7 +474,7 @@ regs[i].set_bad(); break; case T_LONG: - assert(sig_bt[i + 1] == T_VOID, "expecting half"); + assert((i + 1) < total_args_passed && sig_bt[i + 1] == T_VOID, "expecting half"); // fall through case T_OBJECT: case T_ARRAY: @@ -495,7 +495,7 @@ } break; case T_DOUBLE: - assert(sig_bt[i + 1] == T_VOID, "expecting half"); + assert((i + 1) < total_args_passed && sig_bt[i + 1] == T_VOID, "expecting half"); if (fp_args < Argument::n_float_register_parameters_j) { regs[i].set2(FP_ArgReg[fp_args++]->as_VMReg()); } else { @@ -1014,7 +1014,7 @@ } break; case T_LONG: - assert(sig_bt[i + 1] == T_VOID, "expecting half"); + assert((i + 1) < total_args_passed && sig_bt[i + 1] == T_VOID, "expecting half"); // fall through case T_OBJECT: case T_ARRAY: @@ -1045,7 +1045,7 @@ } break; case T_DOUBLE: - assert(sig_bt[i + 1] == T_VOID, "expecting half"); + assert((i + 1) < total_args_passed && sig_bt[i + 1] == T_VOID, "expecting half"); if (fp_args < Argument::n_float_register_parameters_c) { regs[i].set2(FP_ArgReg[fp_args++]->as_VMReg()); #ifdef _WIN64