Mercurial > hg > openjdk > jdk8u > hotspot

changeset 9132:a6f289d66efe

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
8181872: C1: possible overflow when strength reducing integer multiply by constant Reviewed-by: kvn, andrew
author vlivanov
date Thu, 27 Feb 2020 05:58:53 +0000
parents 4df47a343601
children 6a809b1ac0a8
files src/cpu/x86/vm/c1_LIRGenerator_x86.cpp src/share/vm/c1/c1_LIRGenerator.cpp src/share/vm/c1/c1_LIRGenerator.hpp test/compiler/c1/MultiplyByMaxInt.java
diffstat 4 files changed, 61 insertions(+), 8 deletions(-) [+]
line wrap: on
line diff
--- a/src/cpu/x86/vm/c1_LIRGenerator_x86.cpp	Thu Feb 27 05:40:59 2020 +0000
+++ b/src/cpu/x86/vm/c1_LIRGenerator_x86.cpp	Thu Feb 27 05:58:53 2020 +0000
@@ -233,8 +233,8 @@
 }
 
 
-bool LIRGenerator::strength_reduce_multiply(LIR_Opr left, int c, LIR_Opr result, LIR_Opr tmp) {
-  if (tmp->is_valid()) {
+bool LIRGenerator::strength_reduce_multiply(LIR_Opr left, jint c, LIR_Opr result, LIR_Opr tmp) {
+  if (tmp->is_valid() && c > 0 && c < max_jint) {
     if (is_power_of_2(c + 1)) {
       __ move(left, tmp);
       __ shift_left(left, log2_jint(c + 1), left);
@@ -602,8 +602,8 @@
       bool use_constant = false;
       bool use_tmp = false;
       if (right_arg->is_constant()) {
-        int iconst = right_arg->get_jint_constant();
-        if (iconst > 0) {
+        jint iconst = right_arg->get_jint_constant();
+        if (iconst > 0 && iconst < max_jint) {
           if (is_power_of_2(iconst)) {
             use_constant = true;
           } else if (is_power_of_2(iconst - 1) || is_power_of_2(iconst + 1)) {
--- a/src/share/vm/c1/c1_LIRGenerator.cpp	Thu Feb 27 05:40:59 2020 +0000
+++ b/src/share/vm/c1/c1_LIRGenerator.cpp	Thu Feb 27 05:58:53 2020 +0000
@@ -539,11 +539,11 @@
 
     case Bytecodes::_imul:
       {
-        bool    did_strength_reduce = false;
+        bool did_strength_reduce = false;
 
         if (right->is_constant()) {
-          int c = right->as_jint();
-          if (is_power_of_2(c)) {
+          jint c = right->as_jint();
+          if (c > 0 && is_power_of_2(c)) {
             // do not need tmp here
             __ shift_left(left_op, exact_log2(c), result_op);
             did_strength_reduce = true;
--- a/src/share/vm/c1/c1_LIRGenerator.hpp	Thu Feb 27 05:40:59 2020 +0000
+++ b/src/share/vm/c1/c1_LIRGenerator.hpp	Thu Feb 27 05:58:53 2020 +0000
@@ -308,7 +308,7 @@
   // is_strictfp is only needed for mul and div (and only generates different code on i486)
   void arithmetic_op(Bytecodes::Code code, LIR_Opr result, LIR_Opr left, LIR_Opr right, bool is_strictfp, LIR_Opr tmp, CodeEmitInfo* info = NULL);
   // machine dependent.  returns true if it emitted code for the multiply
-  bool strength_reduce_multiply(LIR_Opr left, int constant, LIR_Opr result, LIR_Opr tmp);
+  bool strength_reduce_multiply(LIR_Opr left, jint constant, LIR_Opr result, LIR_Opr tmp);
 
   void store_stack_parameter (LIR_Opr opr, ByteSize offset_from_sp_in_bytes);
 
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/compiler/c1/MultiplyByMaxInt.java	Thu Feb 27 05:58:53 2020 +0000
@@ -0,0 +1,53 @@
+/*
+ * Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/*
+ * @test
+ * @bug 8181872
+ *
+ * @run main/othervm -XX:+IgnoreUnrecognizedVMOptions
+ *                   -XX:CompileThreshold=100 -XX:+TieredCompilation -XX:TieredStopAtLevel=1
+ *                   -XX:-BackgroundCompilation -XX:CompileCommand=dontinline,compiler.c1.MultiplyByMaxInt::test
+ *                   compiler.c1.MultiplyByMaxInt
+ * @run main/othervm -XX:+IgnoreUnrecognizedVMOptions -XX:-BackgroundCompilation
+ *                   -XX:CompileThreshold=100 -XX:+TieredCompilation -XX:TieredStopAtLevel=3
+ *                   -XX:CompileCommand=dontinline,compiler.c1.MultiplyByMaxInt::test
+ *                   compiler.c1.MultiplyByMaxInt
+ */
+package compiler.c1;
+
+public class MultiplyByMaxInt {
+    static int test(int x) {
+        int loops = (x >>> 4) & 7;
+        while (loops-- > 0) {
+            x = (x * 2147483647) % 16807;
+        }
+        return x;
+    }
+
+    public static void main(String[] args) {
+        for (int i = 0; i < 20000; i++) {
+            test(i);
+        }
+    }
+}