7056380: VM crashes with SIGSEGV in compiled code

Summary: code was using andq reg, imm instead of addq addr, imm Reviewed-by: kvn, jrose, twisti

7056380: VM crashes with SIGSEGV in compiled code
Summary: code was using andq reg, imm instead of addq addr, imm Reviewed-by: kvn, jrose, twisti
d9b5f39e · never · 0a7975f0 · d9b5f39e · d9b5f39e · d9b5f39e
Showing with 25 addition and 35 deletion

src/cpu/x86/vm/assembler_x86.cpp src/cpu/x86/vm/assembler_x86.cpp +8 -0

src/cpu/x86/vm/assembler_x86.hpp src/cpu/x86/vm/assembler_x86.hpp +1 -0

src/cpu/x86/vm/x86_64.ad src/cpu/x86/vm/x86_64.ad +16 -35

未找到文件。
--- a/src/cpu/x86/vm/assembler_x86.cpp
+++ b/src/cpu/x86/vm/assembler_x86.cpp
@@ -3804,6 +3804,14 @@ void Assembler::addq(Register dst, Register src) {
  emit_arith(0x03, 0xC0, dst, src);
 }
+void Assembler::andq(Address dst, int32_t imm32) {
+  InstructionMark im(this);
+  prefixq(dst);
+  emit_byte(0x81);
+  emit_operand(rsp, dst, 4);
+  emit_long(imm32);
+}
 void Assembler::andq(Register dst, int32_t imm32) {
  (void) prefixq_and_encode(dst->encoding());
  emit_arith(0x81, 0xE0, dst, imm32);

--- a/src/cpu/x86/vm/assembler_x86.hpp
+++ b/src/cpu/x86/vm/assembler_x86.hpp
@@ -779,6 +779,7 @@ private:
  void andl(Register dst, Address src);
  void andl(Register dst, Register src);
+  void andq(Address  dst, int32_t imm32);
  void andq(Register dst, int32_t imm32);
  void andq(Register dst, Address src);
  void andq(Register dst, Register src);

--- a/src/cpu/x86/vm/x86_64.ad
+++ b/src/cpu/x86/vm/x86_64.ad
@@ -830,6 +830,17 @@ void encode_CopyXD( CodeBuffer &cbuf, int dst_encoding, int src_encoding ) {
  }
 }
+// This could be in MacroAssembler but it's fairly C2 specific
+void emit_cmpfp_fixup(MacroAssembler& _masm) {
+  Label exit;
+  __ jccb(Assembler::noParity, exit);
+  __ pushf();
+  __ andq(Address(rsp, 0), 0xffffff2b);
+  __ popf();
+  __ bind(exit);
+  __ nop(); // (target for branch to avoid branch to branch)
+}
 //=============================================================================
 const bool Matcher::constant_table_absolute_addressing = true;
@@ -2173,27 +2184,9 @@ encode %{
    emit_rm(cbuf, 0x3, $dst$$reg & 7, $src$$reg & 7);
  %}
-  enc_class cmpfp_fixup()
+  enc_class cmpfp_fixup() %{
-  %{
+      MacroAssembler _masm(&cbuf);
-    // jnp,s exit
+      emit_cmpfp_fixup(_masm);
-    emit_opcode(cbuf, 0x7B);
-    emit_d8(cbuf, 0x0A);
-    // pushfq
-    emit_opcode(cbuf, 0x9C);
-    // andq $0xffffff2b, (%rsp)
-    emit_opcode(cbuf, Assembler::REX_W);
-    emit_opcode(cbuf, 0x81);
-    emit_opcode(cbuf, 0x24);
-    emit_opcode(cbuf, 0x24);
-    emit_d32(cbuf, 0xffffff2b);
-    // popfq
-    emit_opcode(cbuf, 0x9D);
-    // nop (target for branch to avoid branch to branch)
-    emit_opcode(cbuf, 0x90);
  %}
  enc_class cmpfp3(rRegI dst)
@@ -10253,14 +10246,8 @@ instruct cmpF_cc_imm(rFlagsRegU cr, regF src, immF con) %{
            "popfq\n"
    "exit:   nop\t# avoid branch to branch" %}
  ins_encode %{
-    Label L_exit;
    __ ucomiss($src$$XMMRegister, $constantaddress($con));
-    __ jcc(Assembler::noParity, L_exit);
+    emit_cmpfp_fixup(_masm);
-    __ pushf();
-    __ andq(rsp, 0xffffff2b);
-    __ popf();
-    __ bind(L_exit);
-    __ nop();
  %}
  ins_pipe(pipe_slow);
 %}
@@ -10341,14 +10328,8 @@ instruct cmpD_cc_imm(rFlagsRegU cr, regD src, immD con) %{
            "popfq\n"
    "exit:   nop\t# avoid branch to branch" %}
  ins_encode %{
-    Label L_exit;
    __ ucomisd($src$$XMMRegister, $constantaddress($con));
-    __ jcc(Assembler::noParity, L_exit);
+    emit_cmpfp_fixup(_masm);
-    __ pushf();
-    __ andq(rsp, 0xffffff2b);
-    __ popf();
-    __ bind(L_exit);
-    __ nop();
  %}
  ins_pipe(pipe_slow);
 %}