# HG changeset patch
# User mdoerr
# Date 1473952100 -7200
#      Thu Sep 15 17:08:20 2016 +0200
# Node ID 488d03b14c2dc804a183c6f6d351e0966a1961ce
# Parent  2429e047ae9b8d01226cb3611b6f56e895cc11d6
8166140: C1: Possible integer overflow in LIRGenerator::generate_address on several platforms
Reviewed-by:

diff --git a/src/cpu/aarch64/vm/c1_LIRGenerator_aarch64.cpp b/src/cpu/aarch64/vm/c1_LIRGenerator_aarch64.cpp
--- a/src/cpu/aarch64/vm/c1_LIRGenerator_aarch64.cpp
+++ b/src/cpu/aarch64/vm/c1_LIRGenerator_aarch64.cpp
@@ -140,10 +140,11 @@
 LIR_Address* LIRGenerator::generate_address(LIR_Opr base, LIR_Opr index,
                                             int shift, int disp, BasicType type) {
   assert(base->is_register(), "must be");
+  intx large_disp = disp;
 
   // accumulate fixed displacements
   if (index->is_constant()) {
-    disp += index->as_constant_ptr()->as_jint() << shift;
+    large_disp += (intx)(index->as_constant_ptr()->as_jint()) << shift;
     index = LIR_OprFact::illegalOpr;
   }
 
@@ -154,31 +155,31 @@
       __ shift_left(index, shift, tmp);
       index = tmp;
     }
-    if (disp != 0) {
+    if (large_disp != 0) {
       LIR_Opr tmp = new_pointer_register();
-      if (Assembler::operand_valid_for_add_sub_immediate(disp)) {
-        __ add(tmp, tmp, LIR_OprFact::intptrConst(disp));
+      if (Assembler::operand_valid_for_add_sub_immediate(large_disp)) {
+        __ add(tmp, tmp, LIR_OprFact::intptrConst(large_disp));
         index = tmp;
       } else {
-        __ move(tmp, LIR_OprFact::intptrConst(disp));
+        __ move(tmp, LIR_OprFact::intptrConst(large_disp));
         __ add(tmp, index, tmp);
         index = tmp;
       }
-      disp = 0;
+      large_disp = 0;
     }
-  } else if (disp != 0 && !Address::offset_ok_for_immed(disp, shift)) {
+  } else if (large_disp != 0 && !Address::offset_ok_for_immed(large_disp, shift)) {
     // index is illegal so replace it with the displacement loaded into a register
     index = new_pointer_register();
-    __ move(LIR_OprFact::intptrConst(disp), index);
-    disp = 0;
+    __ move(LIR_OprFact::intptrConst(large_disp), index);
+    large_disp = 0;
   }
 
   // at this point we either have base + index or base + displacement
-  if (disp == 0) {
+  if (large_disp == 0) {
     return new LIR_Address(base, index, type);
   } else {
-    assert(Address::offset_ok_for_immed(disp, 0), "must be");
-    return new LIR_Address(base, disp, type);
+    assert(Address::offset_ok_for_immed(large_disp, 0), "must be");
+    return new LIR_Address(base, large_disp, type);
   }
 }
 
diff --git a/src/cpu/ppc/vm/c1_LIRGenerator_ppc.cpp b/src/cpu/ppc/vm/c1_LIRGenerator_ppc.cpp
--- a/src/cpu/ppc/vm/c1_LIRGenerator_ppc.cpp
+++ b/src/cpu/ppc/vm/c1_LIRGenerator_ppc.cpp
@@ -157,10 +157,11 @@
 LIR_Address* LIRGenerator::generate_address(LIR_Opr base, LIR_Opr index,
                                             int shift, int disp, BasicType type) {
   assert(base->is_register(), "must be");
+  intx large_disp = disp;
 
   // Accumulate fixed displacements.
   if (index->is_constant()) {
-    disp += index->as_constant_ptr()->as_jint() << shift;
+    large_disp += (intx)(index->as_constant_ptr()->as_jint()) << shift;
     index = LIR_OprFact::illegalOpr;
   }
 
@@ -171,31 +172,31 @@
       __ shift_left(index, shift, tmp);
       index = tmp;
     }
-    if (disp != 0) {
+    if (large_disp != 0) {
       LIR_Opr tmp = new_pointer_register();
-      if (Assembler::is_simm16(disp)) {
-        __ add(index, LIR_OprFact::intptrConst(disp), tmp);
+      if (Assembler::is_simm16(large_disp)) {
+        __ add(index, LIR_OprFact::intptrConst(large_disp), tmp);
         index = tmp;
       } else {
-        __ move(LIR_OprFact::intptrConst(disp), tmp);
+        __ move(LIR_OprFact::intptrConst(large_disp), tmp);
         __ add(tmp, index, tmp);
         index = tmp;
       }
-      disp = 0;
+      large_disp = 0;
     }
-  } else if (!Assembler::is_simm16(disp)) {
+  } else if (!Assembler::is_simm16(large_disp)) {
     // Index is illegal so replace it with the displacement loaded into a register.
     index = new_pointer_register();
-    __ move(LIR_OprFact::intptrConst(disp), index);
-    disp = 0;
+    __ move(LIR_OprFact::intptrConst(large_disp), index);
+    large_disp = 0;
   }
 
   // At this point we either have base + index or base + displacement.
-  if (disp == 0) {
+  if (large_disp == 0) {
     return new LIR_Address(base, index, type);
   } else {
-    assert(Assembler::is_simm16(disp), "must be");
-    return new LIR_Address(base, disp, type);
+    assert(Assembler::is_simm16(large_disp), "must be");
+    return new LIR_Address(base, large_disp, type);
   }
 }
 
diff --git a/src/cpu/sparc/vm/c1_LIRGenerator_sparc.cpp b/src/cpu/sparc/vm/c1_LIRGenerator_sparc.cpp
--- a/src/cpu/sparc/vm/c1_LIRGenerator_sparc.cpp
+++ b/src/cpu/sparc/vm/c1_LIRGenerator_sparc.cpp
@@ -147,10 +147,11 @@
 LIR_Address* LIRGenerator::generate_address(LIR_Opr base, LIR_Opr index,
                                             int shift, int disp, BasicType type) {
   assert(base->is_register(), "must be");
+  intx large_disp = disp;
 
   // accumulate fixed displacements
   if (index->is_constant()) {
-    disp += index->as_constant_ptr()->as_jint() << shift;
+    large_disp += (intx)(index->as_constant_ptr()->as_jint()) << shift;
     index = LIR_OprFact::illegalOpr;
   }
 
@@ -161,31 +162,31 @@
       __ shift_left(index, shift, tmp);
       index = tmp;
     }
-    if (disp != 0) {
+    if (large_disp != 0) {
       LIR_Opr tmp = new_pointer_register();
-      if (Assembler::is_simm13(disp)) {
-        __ add(tmp, LIR_OprFact::intptrConst(disp), tmp);
+      if (Assembler::is_simm13(large_disp)) {
+        __ add(tmp, LIR_OprFact::intptrConst(large_disp), tmp);
         index = tmp;
       } else {
-        __ move(LIR_OprFact::intptrConst(disp), tmp);
+        __ move(LIR_OprFact::intptrConst(large_disp), tmp);
         __ add(tmp, index, tmp);
         index = tmp;
       }
-      disp = 0;
+      large_disp = 0;
     }
-  } else if (disp != 0 && !Assembler::is_simm13(disp)) {
+  } else if (large_disp != 0 && !Assembler::is_simm13(large_disp)) {
     // index is illegal so replace it with the displacement loaded into a register
     index = new_pointer_register();
-    __ move(LIR_OprFact::intptrConst(disp), index);
-    disp = 0;
+    __ move(LIR_OprFact::intptrConst(large_disp), index);
+    large_disp = 0;
   }
 
   // at this point we either have base + index or base + displacement
-  if (disp == 0) {
+  if (large_disp == 0) {
     return new LIR_Address(base, index, type);
   } else {
-    assert(Assembler::is_simm13(disp), "must be");
-    return new LIR_Address(base, disp, type);
+    assert(Assembler::is_simm13(large_disp), "must be");
+    return new LIR_Address(base, large_disp, type);
   }
 }
 
diff --git a/src/cpu/x86/vm/c1_LIRGenerator_x86.cpp b/src/cpu/x86/vm/c1_LIRGenerator_x86.cpp
--- a/src/cpu/x86/vm/c1_LIRGenerator_x86.cpp
+++ b/src/cpu/x86/vm/c1_LIRGenerator_x86.cpp
@@ -152,7 +152,7 @@
   assert(base->is_register(), "must be");
   if (index->is_constant()) {
     return new LIR_Address(base,
-                           (index->as_constant_ptr()->as_jint() << shift) + disp,
+                           ((intx)(index->as_constant_ptr()->as_jint()) << shift) + disp,
                            type);
   } else {
     return new LIR_Address(base, index, (LIR_Address::Scale)shift, disp, type);