From 9c2a321a371c5e488963d731d68370b0620fc6dc Mon Sep 17 00:00:00 2001 From: rraghavan <unknown> Date: Thu, 1 Jun 2017 23:19:47 -0700 Subject: [PATCH] 8175345: Reported null pointer dereference defect groups Summary: Added required explicit NULL checks Reviewed-by: thartmann, kvn --- src/share/vm/opto/callnode.cpp | 4 ++-- src/share/vm/opto/ifnode.cpp | 5 +++-- src/share/vm/opto/loopTransform.cpp | 6 +++++- src/share/vm/opto/stringopts.cpp | 5 +++-- 4 files changed, 13 insertions(+), 7 deletions(-) diff --git a/src/share/vm/opto/callnode.cpp b/src/share/vm/opto/callnode.cpp index a99af8089..0320e312d 100644 --- a/src/share/vm/opto/callnode.cpp +++ b/src/share/vm/opto/callnode.cpp @@ -743,8 +743,8 @@ bool CallNode::may_modify(const TypeOopPtr *t_oop, PhaseTransform *phase) { } // May modify (by reflection) if an boxing object is passed // as argument or returned. - if (returns_pointer() && (proj_out(TypeFunc::Parms) != NULL)) { - Node* proj = proj_out(TypeFunc::Parms); + Node* proj = returns_pointer() ? proj_out(TypeFunc::Parms) : NULL; + if (proj != NULL) { const TypeInstPtr* inst_t = phase->type(proj)->isa_instptr(); if ((inst_t != NULL) && (!inst_t->klass_is_exact() || (inst_t->klass() == boxing_klass))) { diff --git a/src/share/vm/opto/ifnode.cpp b/src/share/vm/opto/ifnode.cpp index 957dc88db..c1ee19686 100644 --- a/src/share/vm/opto/ifnode.cpp +++ b/src/share/vm/opto/ifnode.cpp @@ -1081,8 +1081,9 @@ void IfNode::dominated_by( Node *prev_dom, PhaseIterGVN *igvn ) { // be skipped. For example, range check predicate has two checks // for lower and upper bounds. ProjNode* unc_proj = proj_out(1 - prev_dom->as_Proj()->_con)->as_Proj(); - if (unc_proj->is_uncommon_trap_proj(Deoptimization::Reason_predicate)) - prev_dom = idom; + if ((unc_proj != NULL) && (unc_proj->is_uncommon_trap_proj(Deoptimization::Reason_predicate))) { + prev_dom = idom; + } // Now walk the current IfNode's projections. // Loop ends when 'this' has no more uses. diff --git a/src/share/vm/opto/loopTransform.cpp b/src/share/vm/opto/loopTransform.cpp index a61c8a6b6..e39ffcb60 100644 --- a/src/share/vm/opto/loopTransform.cpp +++ b/src/share/vm/opto/loopTransform.cpp @@ -2714,6 +2714,11 @@ bool PhaseIdealLoop::intrinsify_fill(IdealLoopTree* lpt) { return false; } + Node* exit = head->loopexit()->proj_out(0); + if (exit == NULL) { + return false; + } + #ifndef PRODUCT if (TraceLoopOpts) { tty->print("ArrayFill "); @@ -2831,7 +2836,6 @@ bool PhaseIdealLoop::intrinsify_fill(IdealLoopTree* lpt) { */ // Redirect the old control and memory edges that are outside the loop. - Node* exit = head->loopexit()->proj_out(0); // Sometimes the memory phi of the head is used as the outgoing // state of the loop. It's safe in this case to replace it with the // result_mem. diff --git a/src/share/vm/opto/stringopts.cpp b/src/share/vm/opto/stringopts.cpp index 70962e302..d92a3d7a3 100644 --- a/src/share/vm/opto/stringopts.cpp +++ b/src/share/vm/opto/stringopts.cpp @@ -891,8 +891,9 @@ bool StringConcat::validate_control_flow() { ctrl_path.push(cn); ctrl_path.push(cn->proj_out(0)); ctrl_path.push(cn->proj_out(0)->unique_out()); - if (cn->proj_out(0)->unique_out()->as_Catch()->proj_out(0) != NULL) { - ctrl_path.push(cn->proj_out(0)->unique_out()->as_Catch()->proj_out(0)); + Node* catchproj = cn->proj_out(0)->unique_out()->as_Catch()->proj_out(0); + if (catchproj != NULL) { + ctrl_path.push(catchproj); } } else { ShouldNotReachHere(); -- GitLab