RFR(S): 7174363: Arrays.copyOfRange leads to VM crash with -Xcomp -server if executed by testing framework

Roland Westrelin roland.westrelin at oracle.com
Wed Jun 13 01:28:56 PDT 2012


2 bugs with Arrays.copyOfRange:

- The intrinsified Arrays.copyOfRange(original, from, to) uses min(original.length - from, allocated_array.length) as the number of elements to copy. If from > original.length, this number is negative but generate_arraycopy() is called with length_never_negative set to true. That can lead to a crash.

- if from > to in copyOfRange(..., int from, int to) the intrinsics code lets the array allocation handle the negative length to - from which results in the wrong exception being thrown.


More information about the hotspot-compiler-dev mailing list