-
Bug
-
Resolution: Fixed
-
P5
-
11, 16
-
b26
-
aarch64
-
generic
| Issue | Fix Version | Assignee | Priority | Status | Resolution | Resolved In Build |
|---|---|---|---|---|---|---|
| JDK-8258599 | 11.0.11-oracle | Dukebot | P5 | Resolved | Fixed | b01 |
| JDK-8259364 | 11.0.11 | Eric Liu | P5 | Resolved | Fixed | b01 |
Shift operation is undefined if the shift count greater than or equals to the length in bits of the promoted left operand. https://stackoverflow.com/a/18918340/5262383
Here is an example:
static int test_shift(int nbit) { return 1U << nbit;}
static int test_shift_32() { return 1U << 32;}
int main(int argc, char **argv) {
int r;
r = test_shift(32);
printf("%d\n", r); // 1
r = test_shift_32();
printf("%d\n", r); // 0
return 0;
}
For c2, Instruction_aarch64::patch(https://github.com/openjdk/jdk/blob/master/src/hotspot/cpu/aarch64/assembler_aarch64.hpp#L218) shared the same problem.
// piece of code from assembler_aarch64.hpp
static void patch(address a, int msb, int lsb, uint64_t val) {
int nbits = msb - lsb + 1;
guarantee(val < (1ULL << nbits), "Field too big for insn");
assert_cond(msb >= lsb);
unsigned mask = (1U << nbits) - 1;
val <<= lsb;
mask <<= lsb;
unsigned target = *(unsigned *)a;
target &= ~mask;
target |= val;
*(unsigned *)a = target;
}
When someone intends to patch an entire instruction with msb=31, lsb=0, there would be an unexpected result.
Here is an example:
static int test_shift(int nbit) { return 1U << nbit;}
static int test_shift_32() { return 1U << 32;}
int main(int argc, char **argv) {
int r;
r = test_shift(32);
printf("%d\n", r); // 1
r = test_shift_32();
printf("%d\n", r); // 0
return 0;
}
For c2, Instruction_aarch64::patch(https://github.com/openjdk/jdk/blob/master/src/hotspot/cpu/aarch64/assembler_aarch64.hpp#L218) shared the same problem.
// piece of code from assembler_aarch64.hpp
static void patch(address a, int msb, int lsb, uint64_t val) {
int nbits = msb - lsb + 1;
guarantee(val < (1ULL << nbits), "Field too big for insn");
assert_cond(msb >= lsb);
unsigned mask = (1U << nbits) - 1;
val <<= lsb;
mask <<= lsb;
unsigned target = *(unsigned *)a;
target &= ~mask;
target |= val;
*(unsigned *)a = target;
}
When someone intends to patch an entire instruction with msb=31, lsb=0, there would be an unexpected result.
- backported by
-
JDK-8258599 Unexpected result if patching an entire instruction on AArch64
-
- Resolved
-
-
-
- Resolved
-
