Fix CHECK_CAST problem in the Jit.

The Jit has previously (and wrongly) assumed that because any CHECK_CAST
operation had previously succeeded in the interpreter, that the class
that check cast's object was being check against would already be resolved.
However, if the object being checked is NULL, no attempt is made to resolve
the class.  First bug flushed out by the Jit's stress mode (woohoo).

diff --git a/vm/compiler/codegen/arm/Codegen.c b/vm/compiler/codegen/arm/Codegen.c
index 1261e7d..5dea431 100644 (file)
--- a/vm/compiler/codegen/arm/Codegen.c
+++ b/vm/compiler/codegen/arm/Codegen.c
@@ -2568,6 +2568,19 @@ static bool handleFmt21c_Fmt31c(CompilationUnit *cUnit, MIR *mir)
              */
             ClassObject *classPtr =
               (cUnit->method->clazz->pDvmDex->pResClasses[mir->dalvikInsn.vB]);
+            /*
+             * Note: It is possible that classPtr is NULL at this point,
+             * even though this instruction has been successfully interpreted.
+             * If the previous interpretation had a null source, the
+             * interpreter would not have bothered to resolve the clazz.
+             * Bail out to the interpreter in this case, and log it
+             * so that we can tell if it happens frequently.
+             */
+            if (classPtr == NULL) {
+                 LOGD("null clazz in OP_CHECK_CAST, single-stepping");
+                 genInterpSingleStep(cUnit, mir);
+                 return false;
+            }
             flushAllRegs(cUnit);   /* Send everything to home location */
             loadConstant(cUnit, r1, (int) classPtr );
             rlSrc = getSrcLoc(cUnit, mir, 0);