From 2ee98f2172df27c0e57738e214d7a1f0739ac916 Mon Sep 17 00:00:00 2001 From: Mathieu Chartier Date: Wed, 10 Aug 2016 10:08:58 -0700 Subject: [PATCH] Fix negative array size checking Mask out the alignment after the size check. Was broken in previous CL. Test: target test 412 --64 with CC + baker Bug: 30162165 Change-Id: Ic4eb7229fb742490cd9193baf0faa2be6b454f38 --- runtime/arch/arm64/quick_entrypoints_arm64.S | 12 +++++++----- runtime/generated/asm_support_gen.h | 2 ++ tools/cpp-define-generator/constant_globals.def | 1 + 3 files changed, 10 insertions(+), 5 deletions(-) diff --git a/runtime/arch/arm64/quick_entrypoints_arm64.S b/runtime/arch/arm64/quick_entrypoints_arm64.S index 439f8d46b..48b9d4464 100644 --- a/runtime/arch/arm64/quick_entrypoints_arm64.S +++ b/runtime/arch/arm64/quick_entrypoints_arm64.S @@ -1938,10 +1938,13 @@ END art_quick_alloc_object_rosalloc // (for 64 bit alignment). and \xTemp0, \xTemp0, #4 add \xTemp1, \xTemp1, \xTemp0 - and \xTemp1, \xTemp1, #OBJECT_ALIGNMENT_MASK_TOGGLED // Round up the object size by the - // object alignment. (addr + 7) & ~7. - // Add by 7 is done above. - + and \xTemp1, \xTemp1, #OBJECT_ALIGNMENT_MASK_TOGGLED64 // Apply alignemnt mask + // (addr + 7) & ~7. The mask must + // be 64 bits to keep high bits in + // case of overflow. + // Negative sized arrays are handled here since xCount holds a zero extended 32 bit value. + // Negative ints become large 64 bit unsigned ints which will always be larger than max signed + // 32 bit int. Since the max shift for arrays is 3, it can not become a negative 64 bit int. cmp \xTemp1, #MIN_LARGE_OBJECT_THRESHOLD // Possibly a large object, go slow bhs \slowPathLabel // path. @@ -1955,7 +1958,6 @@ END art_quick_alloc_object_rosalloc sub \xTemp2, \xTemp2, \xTemp0 cmp \xTemp1, \xTemp2 bhi \slowPathLabel - // "Point of no slow path". Won't go to the slow path from here on. OK to clobber x0 and x1. // Move old thread_local_pos to x0 // for the return value. diff --git a/runtime/generated/asm_support_gen.h b/runtime/generated/asm_support_gen.h index 3d3cc4e04..32ec29202 100644 --- a/runtime/generated/asm_support_gen.h +++ b/runtime/generated/asm_support_gen.h @@ -98,6 +98,8 @@ DEFINE_CHECK_EQ(static_cast(LOCK_WORD_MARK_BIT_MASK_SHIFTED), (static_ DEFINE_CHECK_EQ(static_cast(OBJECT_ALIGNMENT_MASK), (static_cast(art::kObjectAlignment - 1))) #define OBJECT_ALIGNMENT_MASK_TOGGLED 0xfffffff8 DEFINE_CHECK_EQ(static_cast(OBJECT_ALIGNMENT_MASK_TOGGLED), (static_cast(~static_cast(art::kObjectAlignment - 1)))) +#define OBJECT_ALIGNMENT_MASK_TOGGLED64 0xfffffffffffffff8 +DEFINE_CHECK_EQ(static_cast(OBJECT_ALIGNMENT_MASK_TOGGLED64), (static_cast(~static_cast(art::kObjectAlignment - 1)))) #define ROSALLOC_MAX_THREAD_LOCAL_BRACKET_SIZE 128 DEFINE_CHECK_EQ(static_cast(ROSALLOC_MAX_THREAD_LOCAL_BRACKET_SIZE), (static_cast((art::gc::allocator::RosAlloc::kMaxThreadLocalBracketSize)))) #define ROSALLOC_BRACKET_QUANTUM_SIZE_SHIFT 3 diff --git a/tools/cpp-define-generator/constant_globals.def b/tools/cpp-define-generator/constant_globals.def index 1e24d64dd..a3ccc72bb 100644 --- a/tools/cpp-define-generator/constant_globals.def +++ b/tools/cpp-define-generator/constant_globals.def @@ -25,6 +25,7 @@ DEFINE_OBJECT_EXPR(ALIGNMENT_MASK, size_t, art::kObjectAlignment - 1) DEFINE_OBJECT_EXPR(ALIGNMENT_MASK_TOGGLED, uint32_t, ~static_cast(art::kObjectAlignment - 1)) +DEFINE_OBJECT_EXPR(ALIGNMENT_MASK_TOGGLED64, uint64_t, ~static_cast(art::kObjectAlignment - 1)) #undef DEFINE_OBJECT_EXPR -- 2.11.0