8170761: Buffer overrun in sharedRuntime_x86_64.cpp:477
authorjcm
Mon, 19 Dec 2016 06:25:12 -0800
changeset 42874 973960866fa4
parent 42871 c89e1f0a084e
child 42875 bac62054c0b6
8170761: Buffer overrun in sharedRuntime_x86_64.cpp:477 Summary: Fixed missing half assert! Reviewed-by: kvn
hotspot/src/cpu/aarch64/vm/sharedRuntime_aarch64.cpp
hotspot/src/cpu/ppc/vm/sharedRuntime_ppc.cpp
hotspot/src/cpu/s390/vm/sharedRuntime_s390.cpp
hotspot/src/cpu/sparc/vm/sharedRuntime_sparc.cpp
hotspot/src/cpu/x86/vm/sharedRuntime_x86_32.cpp
hotspot/src/cpu/x86/vm/sharedRuntime_x86_64.cpp
--- a/hotspot/src/cpu/aarch64/vm/sharedRuntime_aarch64.cpp	Mon Dec 19 02:33:30 2016 -0800
+++ b/hotspot/src/cpu/aarch64/vm/sharedRuntime_aarch64.cpp	Mon Dec 19 06:25:12 2016 -0800
@@ -282,7 +282,7 @@
       regs[i].set_bad();
       break;
     case T_LONG:
-      assert(sig_bt[i + 1] == T_VOID, "expecting half");
+      assert((i + 1) < total_args_passed && sig_bt[i + 1] == T_VOID, "expecting half");
       // fall through
     case T_OBJECT:
     case T_ARRAY:
@@ -303,7 +303,7 @@
       }
       break;
     case T_DOUBLE:
-      assert(sig_bt[i + 1] == T_VOID, "expecting half");
+      assert((i + 1) < total_args_passed && sig_bt[i + 1] == T_VOID, "expecting half");
       if (fp_args < Argument::n_float_register_parameters_j) {
         regs[i].set2(FP_ArgReg[fp_args++]->as_VMReg());
       } else {
@@ -840,7 +840,7 @@
         }
         break;
       case T_LONG:
-        assert(sig_bt[i + 1] == T_VOID, "expecting half");
+        assert((i + 1) < total_args_passed && sig_bt[i + 1] == T_VOID, "expecting half");
         // fall through
       case T_OBJECT:
       case T_ARRAY:
@@ -862,7 +862,7 @@
         }
         break;
       case T_DOUBLE:
-        assert(sig_bt[i + 1] == T_VOID, "expecting half");
+        assert((i + 1) < total_args_passed && sig_bt[i + 1] == T_VOID, "expecting half");
         if (fp_args < Argument::n_float_register_parameters_c) {
           regs[i].set2(FP_ArgReg[fp_args++]->as_VMReg());
         } else {
--- a/hotspot/src/cpu/ppc/vm/sharedRuntime_ppc.cpp	Mon Dec 19 02:33:30 2016 -0800
+++ b/hotspot/src/cpu/ppc/vm/sharedRuntime_ppc.cpp	Mon Dec 19 06:25:12 2016 -0800
@@ -594,7 +594,7 @@
       regs[i].set1(reg);
       break;
     case T_LONG:
-      assert(sig_bt[i+1] == T_VOID, "expecting half");
+      assert((i + 1) < total_args_passed && sig_bt[i+1] == T_VOID, "expecting half");
       if (ireg < num_java_iarg_registers) {
         // Put long in register.
         reg = java_iarg_reg[ireg];
@@ -637,7 +637,7 @@
       regs[i].set1(reg);
       break;
     case T_DOUBLE:
-      assert(sig_bt[i+1] == T_VOID, "expecting half");
+      assert((i + 1) < total_args_passed && sig_bt[i+1] == T_VOID, "expecting half");
       if (freg < num_java_farg_registers) {
         // Put double in register.
         reg = java_farg_reg[freg];
@@ -809,7 +809,7 @@
       regs[i].set1(reg);
       break;
     case T_DOUBLE:
-      assert(sig_bt[i+1] == T_VOID, "expecting half");
+      assert((i + 1) < total_args_passed && sig_bt[i+1] == T_VOID, "expecting half");
       if (freg < Argument::n_float_register_parameters_c) {
         // Put double in register ...
         reg = farg_reg[freg];
--- a/hotspot/src/cpu/s390/vm/sharedRuntime_s390.cpp	Mon Dec 19 02:33:30 2016 -0800
+++ b/hotspot/src/cpu/s390/vm/sharedRuntime_s390.cpp	Mon Dec 19 06:25:12 2016 -0800
@@ -683,7 +683,7 @@
         }
         break;
       case T_LONG:
-        assert(sig_bt[i+1] == T_VOID, "expecting half");
+        assert((i + 1) < total_args_passed && sig_bt[i+1] == T_VOID, "expecting half");
         if (ireg < z_num_iarg_registers) {
           // Put long in register.
           regs[i].set2(z_iarg_reg[ireg]);
@@ -723,7 +723,7 @@
         }
         break;
       case T_DOUBLE:
-        assert(sig_bt[i+1] == T_VOID, "expecting half");
+        assert((i + 1) < total_args_passed && sig_bt[i+1] == T_VOID, "expecting half");
         if (freg < z_num_farg_registers) {
           // Put double in register.
           regs[i].set2(z_farg_reg[freg]);
@@ -822,7 +822,7 @@
         }
         break;
       case T_DOUBLE:
-        assert(sig_bt[i+1] == T_VOID, "expecting half");
+        assert((i + 1) < total_args_passed && sig_bt[i+1] == T_VOID, "expecting half");
         if (freg < z_num_farg_registers) {
           regs[i].set2(z_farg_reg[freg]);
           ++freg;
--- a/hotspot/src/cpu/sparc/vm/sharedRuntime_sparc.cpp	Mon Dec 19 02:33:30 2016 -0800
+++ b/hotspot/src/cpu/sparc/vm/sharedRuntime_sparc.cpp	Mon Dec 19 06:25:12 2016 -0800
@@ -425,7 +425,7 @@
 
 #ifdef _LP64
     case T_LONG:
-      assert(sig_bt[i+1] == T_VOID, "expecting VOID in other half");
+      assert((i + 1) < total_args_passed && sig_bt[i+1] == T_VOID, "expecting VOID in other half");
       // fall-through
     case T_OBJECT:
     case T_ARRAY:
@@ -441,7 +441,7 @@
       break;
 #else
     case T_LONG:
-      assert(sig_bt[i+1] == T_VOID, "expecting VOID in other half");
+      assert((i + 1) < total_args_passed && sig_bt[i+1] == T_VOID, "expecting VOID in other half");
       // On 32-bit SPARC put longs always on the stack to keep the pressure off
       // integer argument registers.  They should be used for oops.
       slot = round_to(slot, 2);  // align
@@ -460,7 +460,7 @@
       break;
 
     case T_DOUBLE:
-      assert(sig_bt[i+1] == T_VOID, "expecting half");
+      assert((i + 1) < total_args_passed && sig_bt[i+1] == T_VOID, "expecting half");
       if (round_to(flt_reg, 2) + 1 < flt_reg_max) {
         flt_reg = round_to(flt_reg, 2);  // align
         FloatRegister r = as_FloatRegister(flt_reg);
@@ -1174,7 +1174,7 @@
         regs[i].set1(int_stk_helper(j));
         break;
       case T_LONG:
-        assert(sig_bt[i+1] == T_VOID, "expecting half");
+        assert((i + 1) < total_args_passed && sig_bt[i+1] == T_VOID, "expecting half");
       case T_ADDRESS: // raw pointers, like current thread, for VM calls
       case T_ARRAY:
       case T_OBJECT:
@@ -1209,7 +1209,7 @@
         break;
       case T_DOUBLE:
         {
-          assert(sig_bt[i + 1] == T_VOID, "expecting half");
+          assert((i + 1) < total_args_passed && sig_bt[i + 1] == T_VOID, "expecting half");
           // V9ism: doubles go in EVEN/ODD regs and stack slots
           int double_index = (j << 1);
           param_array_reg.set2(VMRegImpl::stack2reg(double_index));
@@ -1261,7 +1261,7 @@
         break;
       case T_DOUBLE:
       case T_LONG:
-        assert(sig_bt[i + 1] == T_VOID, "expecting half");
+        assert((i + 1) < total_args_passed && sig_bt[i + 1] == T_VOID, "expecting half");
         regs[i].set_pair(int_stk_helper(i + 1), int_stk_helper(i));
         break;
       case T_VOID: regs[i].set_bad(); break;
--- a/hotspot/src/cpu/x86/vm/sharedRuntime_x86_32.cpp	Mon Dec 19 02:33:30 2016 -0800
+++ b/hotspot/src/cpu/x86/vm/sharedRuntime_x86_32.cpp	Mon Dec 19 06:25:12 2016 -0800
@@ -478,12 +478,12 @@
       }
       break;
     case T_LONG:
-      assert(sig_bt[i+1] == T_VOID, "missing Half" );
+      assert((i + 1) < total_args_passed && sig_bt[i+1] == T_VOID, "missing Half" );
       regs[i].set2(VMRegImpl::stack2reg(dstack));
       dstack += 2;
       break;
     case T_DOUBLE:
-      assert(sig_bt[i+1] == T_VOID, "missing Half" );
+      assert((i + 1) < total_args_passed && sig_bt[i+1] == T_VOID, "missing Half" );
       if( freg_arg0 == (uint)i ) {
         regs[i].set2(xmm0->as_VMReg());
       } else if( freg_arg1 == (uint)i ) {
@@ -1001,7 +1001,7 @@
     case T_DOUBLE: // The stack numbering is reversed from Java
       // Since C arguments do not get reversed, the ordering for
       // doubles on the stack must be opposite the Java convention
-      assert(sig_bt[i+1] == T_VOID, "missing Half" );
+      assert((i + 1) < total_args_passed && sig_bt[i+1] == T_VOID, "missing Half" );
       regs[i].set2(VMRegImpl::stack2reg(stack));
       stack += 2;
       break;
--- a/hotspot/src/cpu/x86/vm/sharedRuntime_x86_64.cpp	Mon Dec 19 02:33:30 2016 -0800
+++ b/hotspot/src/cpu/x86/vm/sharedRuntime_x86_64.cpp	Mon Dec 19 06:25:12 2016 -0800
@@ -474,7 +474,7 @@
       regs[i].set_bad();
       break;
     case T_LONG:
-      assert(sig_bt[i + 1] == T_VOID, "expecting half");
+      assert((i + 1) < total_args_passed && sig_bt[i + 1] == T_VOID, "expecting half");
       // fall through
     case T_OBJECT:
     case T_ARRAY:
@@ -495,7 +495,7 @@
       }
       break;
     case T_DOUBLE:
-      assert(sig_bt[i + 1] == T_VOID, "expecting half");
+      assert((i + 1) < total_args_passed && sig_bt[i + 1] == T_VOID, "expecting half");
       if (fp_args < Argument::n_float_register_parameters_j) {
         regs[i].set2(FP_ArgReg[fp_args++]->as_VMReg());
       } else {
@@ -1014,7 +1014,7 @@
         }
         break;
       case T_LONG:
-        assert(sig_bt[i + 1] == T_VOID, "expecting half");
+        assert((i + 1) < total_args_passed && sig_bt[i + 1] == T_VOID, "expecting half");
         // fall through
       case T_OBJECT:
       case T_ARRAY:
@@ -1045,7 +1045,7 @@
         }
         break;
       case T_DOUBLE:
-        assert(sig_bt[i + 1] == T_VOID, "expecting half");
+        assert((i + 1) < total_args_passed && sig_bt[i + 1] == T_VOID, "expecting half");
         if (fp_args < Argument::n_float_register_parameters_c) {
           regs[i].set2(FP_ArgReg[fp_args++]->as_VMReg());
 #ifdef _WIN64