8279204: [BACKOUT] JDK-8278413: C2 crash when allocating array of size too large

Reviewed-by: chagedorn, kvn
2025-09-18 10:04:42 +02:00 · 2021-12-23 16:22:10 +00:00 · 2021-12-23 16:22:10 +00:00 · 04ad668921
commit 04ad668921
parent 730f67081d
9 changed files with 75 additions and 147 deletions
--- a/src/hotspot/share/opto/compile.cpp
+++ b/src/hotspot/share/opto/compile.cpp
@ -3742,7 +3742,7 @@ bool Compile::final_graph_reshaping() {
      // 'fall-thru' path, so expected kids is 1 less.
      if (n->is_PCTable() && n->in(0) && n->in(0)->in(0)) {
        if (n->in(0)->in(0)->is_Call()) {
-          CallNode* call = n->in(0)->in(0)->as_Call();
+          CallNode *call = n->in(0)->in(0)->as_Call();
          if (call->entry_point() == OptoRuntime::rethrow_stub()) {
            required_outcnt--;      // Rethrow always has 1 less kid
          } else if (call->req() > TypeFunc::Parms &&
@ -3751,25 +3751,22 @@ bool Compile::final_graph_reshaping() {
            // detected that the virtual call will always result in a null
            // pointer exception. The fall-through projection of this CatchNode
            // will not be populated.
-            Node* arg0 = call->in(TypeFunc::Parms);
+            Node *arg0 = call->in(TypeFunc::Parms);
            if (arg0->is_Type() &&
                arg0->as_Type()->type()->higher_equal(TypePtr::NULL_PTR)) {
              required_outcnt--;
            }
-          } else if (call->entry_point() == OptoRuntime::new_array_Java() ||
-                     call->entry_point() == OptoRuntime::new_array_nozero_Java()) {
+          } else if (call->entry_point() == OptoRuntime::new_array_Java() &&
+                     call->req() > TypeFunc::Parms+1 &&
+                     call->is_CallStaticJava()) {
            // Check for negative array length. In such case, the optimizer has
            // detected that the allocation attempt will always result in an
            // exception. There is no fall-through projection of this CatchNode .
-            assert(call->is_CallStaticJava(), "static call expected");
-            assert(call->len() > call->req() && call->in(call->req()) != NULL, "no precendent edge");
-            Node* valid_length_test = call->in(call->req());
-            call->rm_prec(call->req());
-            if (valid_length_test->find_int_con(1) == 0) {
+            Node *arg1 = call->in(TypeFunc::Parms+1);
+            if (arg1->is_Type() &&
+                arg1->as_Type()->type()->join(TypeInt::POS)->empty()) {
              required_outcnt--;
            }
-            assert(n->outcnt() == required_outcnt, "malformed control flow");
-            continue;
          }
        }
      }
@ -3778,13 +3775,6 @@ bool Compile::final_graph_reshaping() {
        record_method_not_compilable("malformed control flow");
        return true;            // Not all targets reachable!
      }
-    } else if (n->is_PCTable() && n->in(0) && n->in(0)->in(0) && n->in(0)->in(0)->is_Call()) {
-      CallNode* call = n->in(0)->in(0)->as_Call();
-      if (call->entry_point() == OptoRuntime::new_array_Java() ||
-          call->entry_point() == OptoRuntime::new_array_nozero_Java()) {
-        assert(call->len() > call->req() && call->in(call->req()) != NULL, "precedent edge expected");
-        call->rm_prec(call->req());
-      }
    }
    // Check that I actually visited all kids.  Unreached kids
    // must be infinite loops.