Merge tag 'jdk-25.0.1+8' into sapmachine25

Author: RealCLanger

src/hotspot/share/classfile/stackMapTable.cpp

@@ -132,8 +132,16 @@ bool StackMapTable::match_stackmap(
 }
 
 void StackMapTable::check_jump_target(
-    StackMapFrame* frame, int32_t target, TRAPS) const {
+    StackMapFrame* frame, int bci, int offset, TRAPS) const {
   ErrorContext ctx;
+  // Jump targets must be within the method and the method size is limited. See JVMS 4.11
+  int min_offset = -1 * max_method_code_size;
+  if (offset < min_offset || offset > max_method_code_size) {
+    frame->verifier()->verify_error(ErrorContext::bad_stackmap(bci, frame),
+        "Illegal target of jump or branch (bci %d + offset %d)", bci, offset);
+    return;
+  }
+  int target = bci + offset;
   bool match = match_stackmap(
     frame, target, true, false, &ctx, CHECK_VERIFY(frame->verifier()));
   if (!match || (target < 0 || target >= _code_length)) {

src/hotspot/share/classfile/stackMapTable.hpp

@@ -67,7 +67,7 @@ class StackMapTable : public StackObj {
 
   // Check jump instructions. Make sure there are no uninitialized
   // instances on backward branch.
-  void check_jump_target(StackMapFrame* frame, int32_t target, TRAPS) const;
+  void check_jump_target(StackMapFrame* frame, int bci, int offset, TRAPS) const;
 
   // The following methods are only used inside this class.
 

src/hotspot/share/classfile/verifier.cpp

@@ -781,7 +781,6 @@ void ClassVerifier::verify_method(const methodHandle& m, TRAPS) {
 
     // Merge with the next instruction
     {
-      int target;
       VerificationType type, type2;
       VerificationType atype;
 
@@ -1606,9 +1605,8 @@ void ClassVerifier::verify_method(const methodHandle& m, TRAPS) {
         case Bytecodes::_ifle:
           current_frame.pop_stack(
             VerificationType::integer_type(), CHECK_VERIFY(this));
-          target = bcs.dest();
           stackmap_table.check_jump_target(
-            &current_frame, target, CHECK_VERIFY(this));
+            &current_frame, bcs.bci(), bcs.get_offset_s2(), CHECK_VERIFY(this));
           no_control_flow = false; break;
         case Bytecodes::_if_acmpeq :
         case Bytecodes::_if_acmpne :
@@ -1619,19 +1617,16 @@ void ClassVerifier::verify_method(const methodHandle& m, TRAPS) {
         case Bytecodes::_ifnonnull :
           current_frame.pop_stack(
             VerificationType::reference_check(), CHECK_VERIFY(this));
-          target = bcs.dest();
           stackmap_table.check_jump_target
-            (&current_frame, target, CHECK_VERIFY(this));
+            (&current_frame, bcs.bci(), bcs.get_offset_s2(), CHECK_VERIFY(this));
           no_control_flow = false; break;
         case Bytecodes::_goto :
-          target = bcs.dest();
           stackmap_table.check_jump_target(
-            &current_frame, target, CHECK_VERIFY(this));
+            &current_frame, bcs.bci(), bcs.get_offset_s2(), CHECK_VERIFY(this));
           no_control_flow = true; break;
         case Bytecodes::_goto_w :
-          target = bcs.dest_w();
           stackmap_table.check_jump_target(
-            &current_frame, target, CHECK_VERIFY(this));
+            &current_frame, bcs.bci(), bcs.get_offset_s4(), CHECK_VERIFY(this));
           no_control_flow = true; break;
         case Bytecodes::_tableswitch :
         case Bytecodes::_lookupswitch :
@@ -2280,15 +2275,14 @@ void ClassVerifier::verify_switch(
       }
     }
   }
-  int target = bci + default_offset;
-  stackmap_table->check_jump_target(current_frame, target, CHECK_VERIFY(this));
+  stackmap_table->check_jump_target(current_frame, bci, default_offset, CHECK_VERIFY(this));
   for (int i = 0; i < keys; i++) {
     // Because check_jump_target() may safepoint, the bytecode could have
     // moved, which means 'aligned_bcp' is no good and needs to be recalculated.
     aligned_bcp = align_up(bcs->bcp() + 1, jintSize);
-    target = bci + (jint)Bytes::get_Java_u4(aligned_bcp+(3+i*delta)*jintSize);
+    int offset = (jint)Bytes::get_Java_u4(aligned_bcp+(3+i*delta)*jintSize);
     stackmap_table->check_jump_target(
-      current_frame, target, CHECK_VERIFY(this));
+      current_frame, bci, offset, CHECK_VERIFY(this));
   }
   NOT_PRODUCT(aligned_bcp = nullptr);  // no longer valid at this point
 }
@@ -2549,7 +2543,12 @@ bool ClassVerifier::ends_in_athrow(u4 start_bc_offset) {
 
       case Bytecodes::_goto:
       case Bytecodes::_goto_w: {
-        int target = (opcode == Bytecodes::_goto ? bcs.dest() : bcs.dest_w());
+        int offset = (opcode == Bytecodes::_goto ? bcs.get_offset_s2() : bcs.get_offset_s4());
+        int min_offset = -1 * max_method_code_size;
+        // Check offset for overflow
+        if (offset < min_offset || offset > max_method_code_size) return false;
+
+        int target = bci + offset;
         if (visited_branches->contains(bci)) {
           if (bci_stack->is_empty()) {
             if (handler_stack->is_empty()) {
@@ -2607,7 +2606,10 @@ bool ClassVerifier::ends_in_athrow(u4 start_bc_offset) {
 
           // Push the switch alternatives onto the stack.
           for (int i = 0; i < keys; i++) {
-            int target = bci + (jint)Bytes::get_Java_u4(aligned_bcp+(3+i*delta)*jintSize);
+            int min_offset = -1 * max_method_code_size;
+            int offset = (jint)Bytes::get_Java_u4(aligned_bcp+(3+i*delta)*jintSize);
+            if (offset < min_offset || offset > max_method_code_size) return false;
+            int target = bci + offset;
             if (target > code_length) return false;
             bci_stack->push(target);
           }

src/hotspot/share/gc/z/zPageAllocator.cpp

@@ -1936,7 +1936,7 @@ void ZPageAllocator::cleanup_failed_commit_multi_partition(ZMultiPartitionAlloca
     }
 
     const size_t committed = allocation->committed_capacity();
-    const ZVirtualMemory non_harvested_vmem = vmem.last_part(allocation->harvested());
+    const ZVirtualMemory non_harvested_vmem = partial_vmem.last_part(allocation->harvested());
     const ZVirtualMemory committed_vmem = non_harvested_vmem.first_part(committed);
     const ZVirtualMemory non_committed_vmem = non_harvested_vmem.last_part(committed);
 

src/hotspot/share/gc/z/zPhysicalMemoryManager.cpp

@@ -214,9 +214,20 @@ void ZPhysicalMemoryManager::free(const ZVirtualMemory& vmem, uint32_t numa_id)
   });
 }
 
+static size_t inject_commit_limit(const ZVirtualMemory& vmem) {
+  // To facilitate easier interoperability with multi partition allocations we
+  // divide by ZNUMA::count(). Users of ZFailLargerCommits need to be aware of
+  // this when writing tests. In the future we could probe the VirtualMemoryManager
+  // and condition this division on whether the vmem is in the multi partition
+  // address space.
+  return align_up(MIN2(ZFailLargerCommits / ZNUMA::count(), vmem.size()), ZGranuleSize);
+}
+
 size_t ZPhysicalMemoryManager::commit(const ZVirtualMemory& vmem, uint32_t numa_id) {
   zbacking_index* const pmem = _physical_mappings.addr(vmem.start());
-  const size_t size = vmem.size();
+  const size_t size = ZFailLargerCommits > 0
+      ? inject_commit_limit(vmem)
+      : vmem.size();
 
   size_t total_committed = 0;
 

src/hotspot/share/gc/z/z_globals.hpp

@@ -118,6 +118,11 @@
   develop(bool, ZVerifyOops, false,                                         \
           "Verify accessed oops")                                           \
                                                                             \
+  develop(size_t, ZFailLargerCommits, 0,                                    \
+          "Commits larger than ZFailLargerCommits will be truncated, "      \
+          "used to stress page allocation commit failure paths "            \
+          "(0: Disabled)")                                                  \
+                                                                            \
   develop(uint, ZFakeNUMA, 1,                                               \
           "ZFakeNUMA is used to test the internal NUMA memory support "     \
           "without the need for UseNUMA")                                   \

src/hotspot/share/interpreter/bytecodeStream.hpp

@@ -100,8 +100,23 @@ class BaseBytecodeStream: StackObj {
   void            set_next_bci(int bci)          { assert(0 <= bci && bci <= method()->code_size(), "illegal bci"); _next_bci = bci; }
 
   // Bytecode-specific attributes
-  int             dest() const                   { return bci() + bytecode().get_offset_s2(raw_code()); }
-  int             dest_w() const                 { return bci() + bytecode().get_offset_s4(raw_code()); }
+  int get_offset_s2() const { return bytecode().get_offset_s2(raw_code()); }
+  int get_offset_s4() const { return bytecode().get_offset_s4(raw_code()); }
+
+  // These methods are not safe to use before or during verification as they may
+  // have large offsets and cause overflows
+  int dest() const {
+    int min_offset = -1 * max_method_code_size;
+    int offset = bytecode().get_offset_s2(raw_code());
+    guarantee(offset >= min_offset && offset <= max_method_code_size, "must be");
+    return bci() + offset;
+  }
+  int dest_w() const {
+    int min_offset = -1 * max_method_code_size;
+    int offset = bytecode().get_offset_s4(raw_code());
+    guarantee(offset >= min_offset && offset <= max_method_code_size, "must be");
+    return bci() + offset;
+  }
 
   // One-byte indices.
   u1              get_index_u1() const           { assert_raw_index_size(1); return *(jubyte*)(bcp()+1); }

src/java.base/share/classes/java/lang/AbstractStringBuilder.java

@@ -1448,8 +1448,8 @@ public AbstractStringBuilder insert(int dstOffset, CharSequence s,
         shift(currValue, coder, count, dstOffset, len);
         count += len;
         // Coder of CharSequence may be a mismatch, requiring the value array to be inflated
-        byte[] newValue = (s instanceof String str)
-            ? putStringAt(currValue, coder, count, dstOffset, str, start, end)
+        byte[] newValue = (s instanceof String str && str.length() == len)
+            ? putStringAt(currValue, coder, count, dstOffset, str)
             : putCharsAt(currValue, coder, count, dstOffset, s, start, end);
         if (currValue != newValue) {
             this.coder = UTF16;
@@ -1928,10 +1928,10 @@ private static byte[] inflateIfNeededFor(byte[] value, int count, byte coder, by
      * @param index the index to insert the string
      * @param str the string
      */
-     private static byte[] putStringAt(byte[] value, byte coder, int count, int index, String str, int off, int end) {
+     private static byte[] putStringAt(byte[] value, byte coder, int count, int index, String str) {
         byte[] newValue = inflateIfNeededFor(value, count, coder, str.coder());
         coder = (newValue == value) ? coder : UTF16;
-        str.getBytes(newValue, off, index, coder, end - off);
+        str.getBytes(newValue, 0, index, coder, str.length());
         return newValue;
     }
 

src/java.base/share/classes/java/time/LocalDate.java

@@ -182,11 +182,11 @@ public final class LocalDate
     /**
      * @serial The month-of-year.
      */
-    private final byte month;
+    private final short month;
     /**
      * @serial The day-of-month.
      */
-    private final byte day;
+    private final short day;
 
     //-----------------------------------------------------------------------
     /**
@@ -490,8 +490,8 @@ private static LocalDate resolvePreviousValid(int year, int month, int day) {
      */
     private LocalDate(int year, int month, int dayOfMonth) {
         this.year = year;
-        this.month = (byte) month;
-        this.day = (byte) dayOfMonth;
+        this.month = (short) month;
+        this.day = (short) dayOfMonth;
     }
 
     //-----------------------------------------------------------------------

src/java.base/share/classes/java/time/MonthDay.java

@@ -146,11 +146,11 @@ public final class MonthDay
     /**
      * @serial The month-of-year, not null.
      */
-    private final byte month;
+    private final int month;
     /**
      * @serial The day-of-month.
      */
-    private final byte day;
+    private final int day;
 
     //-----------------------------------------------------------------------
     /**
@@ -319,8 +319,8 @@ public static MonthDay parse(CharSequence text, DateTimeFormatter formatter) {
      * @param dayOfMonth  the day-of-month to represent, validated from 1 to 29-31
      */
     private MonthDay(int month, int dayOfMonth) {
-        this.month = (byte) month;
-        this.day = (byte) dayOfMonth;
+        this.month = month;
+        this.day = dayOfMonth;
     }
 
     //-----------------------------------------------------------------------