2009/2/7 xiaoming gu <[email protected]>: > Hi, Egor. I checked the dump IR of an simple example with "if (obj != > null)". Following are the details: > > ===================================== > The simple example: > > public class Ldnull > { > public static void main(String arg[]) > { > Integer i = null; > int flag = Integer.parseInt(arg[0]); > if (flag == 0) > i = new Integer(0); > if (i != null) > System.out.println("i: "+i); > } > } > ===================================== > Just before hir2lir: > > Block ENTRY_L0: > Predecessors: > Successors: L9 UNWIND > I0:--- MethodEntry(Ldnull::main): () bcmap:0 > I5:defarg -) g1:cls:java/lang/String[] > I7:ldcnul #null -) t3:null_object * *// for > Integer i = null; > I8:stvar t3 -) v1:cls:.Unresolved // for Integer i > = null; > I10:chknull g1 -) g5:tau bcmap:4 > GOTO L9 > > Block L2: > Predecessors: L12 L16 > Successors: L4 L3 > I2:L2: bcmap:22 > I33:ldvar v1 -) g23:cls:.Unresolved // for if (i != > null) > I34:if cz.obj g23 goto L4 // for if (i != > null) > GOTO L3 > > ===================================== > After hir2lir: > > BB_1 > PersistentId = 0 > ExecCnt = 10000 > Loop: Depth=0, !hdr, hdr=NULL > Predcessors: BB_0_prolog > Successors: BB_2 [Prob=1](Br=I62) UN_29 [Prob=1e-007] BB_33 > [Prob=0](Br=I62) > I1: (AD:v0:cls:.Unresolved) =CopyPseudoInst/MOV > (AU:t2(1137246208):null_object) * *// for Integer i = null; > I61: (ID:v13(EFLGS):U_32) =CMP > t1:cls:java/lang/String[],o108(1137246208):cls:java/lang/String[] > I62: JZ BB_33 o109(0):I_32 (IU:v13(EFLGS):U_32) > > BB_12 > PersistentId = 2 > ExecCnt = 9999.99 > Loop: Depth=0, !hdr, hdr=NULL > Predcessors: BB_6 BB_11 > Successors: BB_30_epilog [Prob=0.241379](Br=I27) BB_13 > [Prob=0.758621](Br=I27) > I25: (AD:t43:cls:.Unresolved) =CopyPseudoInst/MOV > (AU:v0:cls:.Unresolved) // for if (i != null) > I26: (ID:v13(EFLGS):U_32) =CMP > t43:cls:.Unresolved,t44(1137246208):cls:.Unresolved // for if (i != null) > I27: JZ BB_30_epilog t45(0):I_32 (IU:v13(EFLGS):U_32) > ===================================== > After final pass, CMP is about two 64-bit registers (RBX and R12). Though > the flag register is in 32-bit, I don't it is a truncation. > > BB_1 > PersistentId = 0 > ExecCnt = 10000 > Loop: Depth=0, !hdr, hdr=NULL > Predcessors: BB_0_prolog > Successors: BB_2 [Prob=1](Br=I62) UN_29 [Prob=1e-007] BB_33 > [Prob=1e-007](Br=I62) > Layout Succ: BB_2 > Block code address: 00000000660D000D > 00000000660D000D I393: MOV > v0(R12):cls:.Unresolved,t2(1137246208):null_object * *// for Integer i = > null; > 00000000660D0017 I392: MOV > t150(R11):cls:java/lang/String[],t108(1137246208):cls:java/lang/String[] > 00000000660D0021 I61: (ID:v13(EFLGS):U_32) =CMP > t1(RCX):cls:java/lang/String[],t150(R11):cls:java/lang/String[] > 00000000660D0024 I62: JZ BB_33 t109(1577):I_32 (IU:v13(EFLGS):U_32) > > BB_12 > PersistentId = 2 > ExecCnt = 9999.99 > Loop: Depth=0, !hdr, hdr=NULL > Predcessors: BB_6 BB_11 > Successors: BB_30_epilog [Prob=0.241379](Br=I27) BB_13 > [Prob=0.758621](Br=I27) > Layout Succ: BB_13 > Block code address: 00000000660D0132 > 00000000660D0132 I365: MOV > t43(RBX):cls:.Unresolved,v0(R12):cls:.Unresolved // for if (i != null) > 00000000660D0135 I364: MOV > t153(R12):cls:.Unresolved,t44(1137246208):cls:.Unresolved // for if (i != > null) > 00000000660D013F I26: (ID:v13(EFLGS):U_32) =CMP > t43(RBX):cls:.Unresolved,t153(R12):cls:.Unresolved // for if (i != null) > 00000000660D0142 I27: JZ BB_30_epilog t45(660):I_32 (IU:v13(EFLGS):U_32) > > ===================================== > > Any comments? Thanks. -Xiaoming
You just confirmed that such simple example does not trigger that potentially dangerous IR pattern. Jitrino is a complex beast so may easily evade simplistic reasonings. As a side note, IR dump is not an ultimate authority for emitted code, better be verified via real debugger/disasembler. Thanks, Alexey > > On Fri, Feb 6, 2009 at 6:16 PM, Egor Pasko <[email protected]> wrote: > >> On the 0x550 day of Apache Harmony xiaoming gu wrote: >> > In latest version, I couldn't see the code mentioned in this JIRA. >> >> me too :( >> >> > And the only operations about heap base in HIR2LIR pass are for >> > zeroForComparison, ldnull, simpleLdInd, simpleStInd and >> > ldRef. Thanks. >> >> so, to sum up the compressed mode operation: zeroForComparison, >> simpleLdInd and simpleStInd all make a copy of heap base imm operand >> via mov (heapBaseOpnd() does that). Seems to be right. >> >> But ldnull does not do that. I understand that add/sub to ldnull imm >> operand will never happen on the code selection stage. But what about >> cmp? Suppose cmp accepts this 64 bit imm operand (heap base), then >> bang, it is truncated by encoder. >> >> Thinking of a possible reproducer in java: "if (obj != null) { ... }", >> seems like too common to be working incorrectly :) Still I do not >> understand what happens in this case. Xiaoming, do you have a clue? >> >> -- >> Egor Pasko >> >> > > > -- > China Runtime Technologies Lab, > SSG/SSD/MRTC, Intel >
