From 1353601dcc8f9ec3e12dea21dc61b3585a154b13 Mon Sep 17 00:00:00 2001
From: Matias Saavedra Silva <matsaave@openjdk.org>
Date: Wed, 4 Sep 2024 17:25:37 +0000
Subject: [PATCH] 8338924: C1: assert(0 <= i && i < _len) failed: illegal index
 5 for length 5

Co-authored-by: Dean Long <dlong@openjdk.org>
Reviewed-by: kvn, thartmann
---
 src/hotspot/share/c1/c1_GraphBuilder.cpp               |  8 ++++++++
 src/hotspot/share/compiler/methodLiveness.cpp          |  8 +++++++-
 test/hotspot/jtreg/ProblemList-Xcomp.txt               |  2 --
 .../hotspot/jtreg/runtime/interpreter/LastJsrTest.java | 10 ++++++----
 4 files changed, 21 insertions(+), 7 deletions(-)

diff --git a/src/hotspot/share/c1/c1_GraphBuilder.cpp b/src/hotspot/share/c1/c1_GraphBuilder.cpp
index dc4475a4b81..a2e903edc34 100644
--- a/src/hotspot/share/c1/c1_GraphBuilder.cpp
+++ b/src/hotspot/share/c1/c1_GraphBuilder.cpp
@@ -1389,6 +1389,11 @@ void GraphBuilder::jsr(int dest) {
   // If the bytecodes are strange (jumping out of a jsr block) then we
   // might end up trying to re-parse a block containing a jsr which
   // has already been activated. Watch for this case and bail out.
+  if (next_bci() >= method()->code_size()) {
+    // This can happen if the subroutine does not terminate with a ret,
+    // effectively turning the jsr into a goto.
+    BAILOUT("too-complicated jsr/ret structure");
+  }
   for (ScopeData* cur_scope_data = scope_data();
        cur_scope_data != nullptr && cur_scope_data->parsing_jsr() && cur_scope_data->scope() == scope();
        cur_scope_data = cur_scope_data->parent()) {
@@ -3736,6 +3741,9 @@ bool GraphBuilder::try_inline_intrinsics(ciMethod* callee, bool ignore_return) {
 bool GraphBuilder::try_inline_jsr(int jsr_dest_bci) {
   // Introduce a new callee continuation point - all Ret instructions
   // will be replaced with Gotos to this point.
+  if (next_bci() >= method()->code_size()) {
+    return false;
+  }
   BlockBegin* cont = block_at(next_bci());
   assert(cont != nullptr, "continuation must exist (BlockListBuilder starts a new block after a jsr");
 
diff --git a/src/hotspot/share/compiler/methodLiveness.cpp b/src/hotspot/share/compiler/methodLiveness.cpp
index 1b764882d10..7d65b20a159 100644
--- a/src/hotspot/share/compiler/methodLiveness.cpp
+++ b/src/hotspot/share/compiler/methodLiveness.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1998, 2023, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1998, 2024, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -222,6 +222,9 @@ void MethodLiveness::init_basic_blocks() {
           dest = _block_map->at(bytes.get_dest());
           assert(dest != nullptr, "branch destination must start a block.");
           dest->add_normal_predecessor(current_block);
+          if (bci + Bytecodes::length_for(code) >= method_len) {
+            break;
+          }
           BasicBlock *jsrExit = _block_map->at(current_block->limit_bci());
           assert(jsrExit != nullptr, "jsr return bci must start a block.");
           jsr_exit_list->append(jsrExit);
@@ -232,6 +235,9 @@ void MethodLiveness::init_basic_blocks() {
           dest = _block_map->at(bytes.get_far_dest());
           assert(dest != nullptr, "branch destination must start a block.");
           dest->add_normal_predecessor(current_block);
+          if (bci + Bytecodes::length_for(code) >= method_len) {
+            break;
+          }
           BasicBlock *jsrExit = _block_map->at(current_block->limit_bci());
           assert(jsrExit != nullptr, "jsr return bci must start a block.");
           jsr_exit_list->append(jsrExit);
diff --git a/test/hotspot/jtreg/ProblemList-Xcomp.txt b/test/hotspot/jtreg/ProblemList-Xcomp.txt
index 8d6b74c8132..9d91cad1dde 100644
--- a/test/hotspot/jtreg/ProblemList-Xcomp.txt
+++ b/test/hotspot/jtreg/ProblemList-Xcomp.txt
@@ -51,5 +51,3 @@ vmTestbase/nsk/jvmti/scenarios/capability/CM03/cm03t001/TestDescription.java 829
 vmTestbase/nsk/stress/thread/thread006.java 8321476 linux-all
 
 gc/arguments/TestNewSizeFlags.java 8299116 macosx-aarch64
-
-runtime/interpreter/LastJsrTest.java 8338924 generic-all
diff --git a/test/hotspot/jtreg/runtime/interpreter/LastJsrTest.java b/test/hotspot/jtreg/runtime/interpreter/LastJsrTest.java
index 913a304ae38..fd9cffe002d 100644
--- a/test/hotspot/jtreg/runtime/interpreter/LastJsrTest.java
+++ b/test/hotspot/jtreg/runtime/interpreter/LastJsrTest.java
@@ -23,18 +23,20 @@
 
 /*
  * @test
- * @bug 8335664
+ * @bug 8335664 8338924
  * @summary Ensure a program that ends with a JSR does not crash
  * @library /test/lib
  * @compile LastJsr.jasm
  * @compile LastJsrReachable.jasm
- * @run main/othervm LastJsrTest
+ * @run main/othervm -Xbatch LastJsrTest
  */
 
 public class LastJsrTest {
     public static void main(String[] args) {
-        LastJsr.test();
-        LastJsrReachable.test();
+        for (int i = 0; i < 1000; ++i) {
+            LastJsr.test();
+            LastJsrReachable.test();
+        }
         System.out.println("PASSED");
     }
 }