| Message ID | 20240702073934.21734-1-rsangam@mvista.com |
|---|---|
| State | New |
| Headers | show |
| Series | [meta-java,master] openjdk-8: Security fix for CVE-2024-21094 | expand |
Gentle reminder!!! Any update on this ?? Regards, Rohini Sangam On Tue, Jul 2, 2024 at 1:09 PM Rohini Sangam <rsangam@mvista.com> wrote: > CVE fixed: > -CVE-2024-21094 OpenJDK: C2 compilation fails with "Exceeded _node_regs > array" (8317507) > Upstream-Status: Backport from > https://github.com/openjdk/jdk8u/commit/43cb87550865a93c559c9e8eaa59fcb071301bd3 > > Signed-off-by: Rohini Sangam <rsangam@mvista.com> > Signed-off-by: Siddharth Doshi <sdoshi@mvista.com> > --- > .../openjdk/openjdk-8-release-common.inc | 1 + > .../patches-openjdk-8/CVE-2024-21094.patch | 637 ++++++++++++++++++ > 2 files changed, 638 insertions(+) > create mode 100644 > recipes-core/openjdk/patches-openjdk-8/CVE-2024-21094.patch > > diff --git a/recipes-core/openjdk/openjdk-8-release-common.inc > b/recipes-core/openjdk/openjdk-8-release-common.inc > index ff8d96e..f71eb10 100644 > --- a/recipes-core/openjdk/openjdk-8-release-common.inc > +++ b/recipes-core/openjdk/openjdk-8-release-common.inc > @@ -21,6 +21,7 @@ PATCHES_URI = "\ > file://2007-jdk-no-genx11-in-headless.patch \ > file://2008-jdk-no-unused-deps.patch \ > > file://2009-jdk-make-use-gcc-instead-of-ld-for-genSocketOptionRe.patch \ > + file://CVE-2024-21094.patch \ > " > HOTSPOT_UB_PATCH = "\ > file://1001-hotspot-fix-crash-on-JNI_CreateJavaVM.patch \ > diff --git a/recipes-core/openjdk/patches-openjdk-8/CVE-2024-21094.patch > b/recipes-core/openjdk/patches-openjdk-8/CVE-2024-21094.patch > new file mode 100644 > index 0000000..1852bd7 > --- /dev/null > +++ b/recipes-core/openjdk/patches-openjdk-8/CVE-2024-21094.patch > @@ -0,0 +1,637 @@ > +From 43cb87550865a93c559c9e8eaa59fcb071301bd3 Mon Sep 17 00:00:00 2001 > +From: Martin Balao <mbalao@openjdk.org> > +Date: Wed, 27 Mar 2024 03:21:25 +0000 > +Subject: [PATCH] CVE-2024-21094: 8317507: C2 compilation fails with > "Exceeded _node_regs > + array" > + > +Upstream-Status: Backport from > https://github.com/openjdk/jdk8u/commit/43cb87550865a93c559c9e8eaa59fcb071301bd3 > +CVE: CVE-2024-21094 > + > +Signed-off-by: Rohini Sangam <rsangam@mvista.com> > +--- > + .../hotspot/src/share/vm/adlc/output_c.cpp | 2 + > + .../regalloc/TestNodeRegArrayOverflow.java | 599 ++++++++++++++++++ > + 2 files changed, 601 insertions(+) > + create mode 100644 > hotspot/test/compiler/regalloc/TestNodeRegArrayOverflow.java > + > +diff --git a/hotspot/src/share/vm/adlc/output_c.cpp > b/hotspot/src/share/vm/adlc/output_c.cpp > +index 19916904..b85123b4 100644 > +--- a/hotspot/src/share/vm/adlc/output_c.cpp > ++++ b/hotspot/src/share/vm/adlc/output_c.cpp > +@@ -3023,6 +3023,8 @@ static void define_fill_new_machnode(bool used, > FILE *fp_cpp) { > + fprintf(fp_cpp, " if( i != cisc_operand() ) \n"); > + fprintf(fp_cpp, " to[i] = _opnds[i]->clone(C);\n"); > + fprintf(fp_cpp, " }\n"); > ++ fprintf(fp_cpp, " // Do not increment node index counter, since > node reuses my index\n"); > ++ fprintf(fp_cpp, " C->set_unique(C->unique() - 1);\n"); > + fprintf(fp_cpp, "}\n"); > + } > + fprintf(fp_cpp, "\n"); > +diff --git a/hotspot/test/compiler/regalloc/TestNodeRegArrayOverflow.java > b/hotspot/test/compiler/regalloc/TestNodeRegArrayOverflow.java > +new file mode 100644 > +index 00000000..281524cc > +--- /dev/null > ++++ b/hotspot/test/compiler/regalloc/TestNodeRegArrayOverflow.java > +@@ -0,0 +1,599 @@ > ++/* > ++ * Copyright (c) 2023, Oracle and/or its affiliates. All rights reserved. > ++ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. > ++ * > ++ * This code is free software; you can redistribute it and/or modify it > ++ * under the terms of the GNU General Public License version 2 only, as > ++ * published by the Free Software Foundation. > ++ * > ++ * This code is distributed in the hope that it will be useful, but > WITHOUT > ++ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or > ++ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License > ++ * version 2 for more details (a copy is included in the LICENSE file > that > ++ * accompanied this code). > ++ * > ++ * You should have received a copy of the GNU General Public License > version > ++ * 2 along with this work; if not, write to the Free Software Foundation, > ++ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. > ++ * > ++ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 > USA > ++ * or visit www.oracle.com if you need additional information or have > any > ++ * questions. > ++ */ > ++ > ++package compiler.regalloc; > ++ > ++/** > ++ * @test > ++ * @bug 8317507 > ++ * @summary Test that C2's PhaseRegAlloc::_node_regs (a > post-register-allocation > ++ * mapping from machine nodes to assigned registers) does not > overflow > ++ * in the face of a program with a high-density of CISC spilling > ++ * candidate nodes. > ++ * @run main/othervm -Xcomp > -XX:CompileOnly=compiler.regalloc.TestNodeRegArrayOverflow::testWithCompilerUnrolling > ++ > -XX:CompileCommand=dontinline,compiler.regalloc.TestNodeRegArrayOverflow::dontInline > ++ compiler.regalloc.TestNodeRegArrayOverflow compiler > ++ * @run main/othervm -Xcomp > -XX:CompileOnly=compiler.regalloc.TestNodeRegArrayOverflow::testWithManualUnrolling > ++ > -XX:CompileCommand=dontinline,compiler.regalloc.TestNodeRegArrayOverflow::dontInline > ++ compiler.regalloc.TestNodeRegArrayOverflow manual > ++ */ > ++ > ++public class TestNodeRegArrayOverflow { > ++ > ++ static int dontInline() { > ++ return 0; > ++ } > ++ > ++ static float testWithCompilerUnrolling(float inc) { > ++ int i = 0, j = 0; > ++ // This non-inlined method call causes 'inc' to be spilled. > ++ float f = dontInline(); > ++ // This two-level reduction loop is unrolled 512 times, which is > ++ // requested by the SLP-specific unrolling analysis, but not > vectorized. > ++ // Because 'inc' is spilled, each of the unrolled AddF nodes is > ++ // CISC-spill converted (PhaseChaitin::fixup_spills()). Before > the fix, > ++ // this causes the unique node index counter (Compile::_unique) > to grow > ++ // beyond the size of the node register array > ++ // (PhaseRegAlloc::_node_regs), and leads to overflow when > accessed for > ++ // nodes that are created later (e.g. during the peephole phase). > ++ while (i++ < 128) { > ++ for (j = 0; j < 16; j++) { > ++ f += inc; > ++ } > ++ } > ++ return f; > ++ } > ++ > ++ // This test reproduces the same failure as > 'testWithCompilerUnrolling' > ++ // without relying on loop transformations. > ++ static float testWithManualUnrolling(float inc) { > ++ int i = 0, j = 0; > ++ float f = dontInline(); > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ f += inc; > ++ return f; > ++ } > ++ > ++ public static void main(String[] args) { > ++ switch (args[0]) { > ++ case "compiler": > ++ testWithCompilerUnrolling(0); > ++ break; > ++ case "manual": > ++ testWithManualUnrolling(0); > ++ break; > ++ default: > ++ throw new IllegalArgumentException("Invalid mode: " + > args[0]); > ++ } > ++ } > ++} > +-- > +2.35.7 > + > -- > 2.34.1 > >
Gentle reminder!!! Any update on this ?? Regards, Rohini Sangam On Thu, Jul 11, 2024 at 12:37 PM Rohini Sangam <rsangam@mvista.com> wrote: > Gentle reminder!!! > Any update on this ?? > > Regards, > Rohini Sangam > > On Tue, Jul 2, 2024 at 1:09 PM Rohini Sangam <rsangam@mvista.com> wrote: > >> CVE fixed: >> -CVE-2024-21094 OpenJDK: C2 compilation fails with "Exceeded _node_regs >> array" (8317507) >> Upstream-Status: Backport from >> https://github.com/openjdk/jdk8u/commit/43cb87550865a93c559c9e8eaa59fcb071301bd3 >> >> Signed-off-by: Rohini Sangam <rsangam@mvista.com> >> Signed-off-by: Siddharth Doshi <sdoshi@mvista.com> >> --- >> .../openjdk/openjdk-8-release-common.inc | 1 + >> .../patches-openjdk-8/CVE-2024-21094.patch | 637 ++++++++++++++++++ >> 2 files changed, 638 insertions(+) >> create mode 100644 >> recipes-core/openjdk/patches-openjdk-8/CVE-2024-21094.patch >> >> diff --git a/recipes-core/openjdk/openjdk-8-release-common.inc >> b/recipes-core/openjdk/openjdk-8-release-common.inc >> index ff8d96e..f71eb10 100644 >> --- a/recipes-core/openjdk/openjdk-8-release-common.inc >> +++ b/recipes-core/openjdk/openjdk-8-release-common.inc >> @@ -21,6 +21,7 @@ PATCHES_URI = "\ >> file://2007-jdk-no-genx11-in-headless.patch \ >> file://2008-jdk-no-unused-deps.patch \ >> >> file://2009-jdk-make-use-gcc-instead-of-ld-for-genSocketOptionRe.patch \ >> + file://CVE-2024-21094.patch \ >> " >> HOTSPOT_UB_PATCH = "\ >> file://1001-hotspot-fix-crash-on-JNI_CreateJavaVM.patch \ >> diff --git a/recipes-core/openjdk/patches-openjdk-8/CVE-2024-21094.patch >> b/recipes-core/openjdk/patches-openjdk-8/CVE-2024-21094.patch >> new file mode 100644 >> index 0000000..1852bd7 >> --- /dev/null >> +++ b/recipes-core/openjdk/patches-openjdk-8/CVE-2024-21094.patch >> @@ -0,0 +1,637 @@ >> +From 43cb87550865a93c559c9e8eaa59fcb071301bd3 Mon Sep 17 00:00:00 2001 >> +From: Martin Balao <mbalao@openjdk.org> >> +Date: Wed, 27 Mar 2024 03:21:25 +0000 >> +Subject: [PATCH] CVE-2024-21094: 8317507: C2 compilation fails with >> "Exceeded _node_regs >> + array" >> + >> +Upstream-Status: Backport from >> https://github.com/openjdk/jdk8u/commit/43cb87550865a93c559c9e8eaa59fcb071301bd3 >> +CVE: CVE-2024-21094 >> + >> +Signed-off-by: Rohini Sangam <rsangam@mvista.com> >> +--- >> + .../hotspot/src/share/vm/adlc/output_c.cpp | 2 + >> + .../regalloc/TestNodeRegArrayOverflow.java | 599 ++++++++++++++++++ >> + 2 files changed, 601 insertions(+) >> + create mode 100644 >> hotspot/test/compiler/regalloc/TestNodeRegArrayOverflow.java >> + >> +diff --git a/hotspot/src/share/vm/adlc/output_c.cpp >> b/hotspot/src/share/vm/adlc/output_c.cpp >> +index 19916904..b85123b4 100644 >> +--- a/hotspot/src/share/vm/adlc/output_c.cpp >> ++++ b/hotspot/src/share/vm/adlc/output_c.cpp >> +@@ -3023,6 +3023,8 @@ static void define_fill_new_machnode(bool used, >> FILE *fp_cpp) { >> + fprintf(fp_cpp, " if( i != cisc_operand() ) \n"); >> + fprintf(fp_cpp, " to[i] = _opnds[i]->clone(C);\n"); >> + fprintf(fp_cpp, " }\n"); >> ++ fprintf(fp_cpp, " // Do not increment node index counter, since >> node reuses my index\n"); >> ++ fprintf(fp_cpp, " C->set_unique(C->unique() - 1);\n"); >> + fprintf(fp_cpp, "}\n"); >> + } >> + fprintf(fp_cpp, "\n"); >> +diff --git >> a/hotspot/test/compiler/regalloc/TestNodeRegArrayOverflow.java >> b/hotspot/test/compiler/regalloc/TestNodeRegArrayOverflow.java >> +new file mode 100644 >> +index 00000000..281524cc >> +--- /dev/null >> ++++ b/hotspot/test/compiler/regalloc/TestNodeRegArrayOverflow.java >> +@@ -0,0 +1,599 @@ >> ++/* >> ++ * Copyright (c) 2023, Oracle and/or its affiliates. All rights >> reserved. >> ++ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. >> ++ * >> ++ * This code is free software; you can redistribute it and/or modify it >> ++ * under the terms of the GNU General Public License version 2 only, as >> ++ * published by the Free Software Foundation. >> ++ * >> ++ * This code is distributed in the hope that it will be useful, but >> WITHOUT >> ++ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or >> ++ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License >> ++ * version 2 for more details (a copy is included in the LICENSE file >> that >> ++ * accompanied this code). >> ++ * >> ++ * You should have received a copy of the GNU General Public License >> version >> ++ * 2 along with this work; if not, write to the Free Software >> Foundation, >> ++ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. >> ++ * >> ++ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 >> USA >> ++ * or visit www.oracle.com if you need additional information or have >> any >> ++ * questions. >> ++ */ >> ++ >> ++package compiler.regalloc; >> ++ >> ++/** >> ++ * @test >> ++ * @bug 8317507 >> ++ * @summary Test that C2's PhaseRegAlloc::_node_regs (a >> post-register-allocation >> ++ * mapping from machine nodes to assigned registers) does not >> overflow >> ++ * in the face of a program with a high-density of CISC >> spilling >> ++ * candidate nodes. >> ++ * @run main/othervm -Xcomp >> -XX:CompileOnly=compiler.regalloc.TestNodeRegArrayOverflow::testWithCompilerUnrolling >> ++ >> -XX:CompileCommand=dontinline,compiler.regalloc.TestNodeRegArrayOverflow::dontInline >> ++ compiler.regalloc.TestNodeRegArrayOverflow compiler >> ++ * @run main/othervm -Xcomp >> -XX:CompileOnly=compiler.regalloc.TestNodeRegArrayOverflow::testWithManualUnrolling >> ++ >> -XX:CompileCommand=dontinline,compiler.regalloc.TestNodeRegArrayOverflow::dontInline >> ++ compiler.regalloc.TestNodeRegArrayOverflow manual >> ++ */ >> ++ >> ++public class TestNodeRegArrayOverflow { >> ++ >> ++ static int dontInline() { >> ++ return 0; >> ++ } >> ++ >> ++ static float testWithCompilerUnrolling(float inc) { >> ++ int i = 0, j = 0; >> ++ // This non-inlined method call causes 'inc' to be spilled. >> ++ float f = dontInline(); >> ++ // This two-level reduction loop is unrolled 512 times, which is >> ++ // requested by the SLP-specific unrolling analysis, but not >> vectorized. >> ++ // Because 'inc' is spilled, each of the unrolled AddF nodes is >> ++ // CISC-spill converted (PhaseChaitin::fixup_spills()). Before >> the fix, >> ++ // this causes the unique node index counter (Compile::_unique) >> to grow >> ++ // beyond the size of the node register array >> ++ // (PhaseRegAlloc::_node_regs), and leads to overflow when >> accessed for >> ++ // nodes that are created later (e.g. during the peephole >> phase). >> ++ while (i++ < 128) { >> ++ for (j = 0; j < 16; j++) { >> ++ f += inc; >> ++ } >> ++ } >> ++ return f; >> ++ } >> ++ >> ++ // This test reproduces the same failure as >> 'testWithCompilerUnrolling' >> ++ // without relying on loop transformations. >> ++ static float testWithManualUnrolling(float inc) { >> ++ int i = 0, j = 0; >> ++ float f = dontInline(); >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ f += inc; >> ++ return f; >> ++ } >> ++ >> ++ public static void main(String[] args) { >> ++ switch (args[0]) { >> ++ case "compiler": >> ++ testWithCompilerUnrolling(0); >> ++ break; >> ++ case "manual": >> ++ testWithManualUnrolling(0); >> ++ break; >> ++ default: >> ++ throw new IllegalArgumentException("Invalid mode: " + >> args[0]); >> ++ } >> ++ } >> ++} >> +-- >> +2.35.7 >> + >> -- >> 2.34.1 >> >>
I think you should CC Tim. Note that meta-java may not be maintained anymore. Alex On Wed, 17 Jul 2024 at 06:19, Rohini Sangam via lists.yoctoproject.org <rsangam=mvista.com@lists.yoctoproject.org> wrote: > > Gentle reminder!!! > Any update on this ?? > > Regards, > Rohini Sangam > > On Thu, Jul 11, 2024 at 12:37 PM Rohini Sangam <rsangam@mvista.com> wrote: >> >> Gentle reminder!!! >> Any update on this ?? >> >> Regards, >> Rohini Sangam >> >> On Tue, Jul 2, 2024 at 1:09 PM Rohini Sangam <rsangam@mvista.com> wrote: >>> >>> CVE fixed: >>> -CVE-2024-21094 OpenJDK: C2 compilation fails with "Exceeded _node_regs array" (8317507) >>> Upstream-Status: Backport from https://github.com/openjdk/jdk8u/commit/43cb87550865a93c559c9e8eaa59fcb071301bd3 >>> >>> Signed-off-by: Rohini Sangam <rsangam@mvista.com> >>> Signed-off-by: Siddharth Doshi <sdoshi@mvista.com> >>> --- >>> .../openjdk/openjdk-8-release-common.inc | 1 + >>> .../patches-openjdk-8/CVE-2024-21094.patch | 637 ++++++++++++++++++ >>> 2 files changed, 638 insertions(+) >>> create mode 100644 recipes-core/openjdk/patches-openjdk-8/CVE-2024-21094.patch >>> >>> diff --git a/recipes-core/openjdk/openjdk-8-release-common.inc b/recipes-core/openjdk/openjdk-8-release-common.inc >>> index ff8d96e..f71eb10 100644 >>> --- a/recipes-core/openjdk/openjdk-8-release-common.inc >>> +++ b/recipes-core/openjdk/openjdk-8-release-common.inc >>> @@ -21,6 +21,7 @@ PATCHES_URI = "\ >>> file://2007-jdk-no-genx11-in-headless.patch \ >>> file://2008-jdk-no-unused-deps.patch \ >>> file://2009-jdk-make-use-gcc-instead-of-ld-for-genSocketOptionRe.patch \ >>> + file://CVE-2024-21094.patch \ >>> " >>> HOTSPOT_UB_PATCH = "\ >>> file://1001-hotspot-fix-crash-on-JNI_CreateJavaVM.patch \ >>> diff --git a/recipes-core/openjdk/patches-openjdk-8/CVE-2024-21094.patch b/recipes-core/openjdk/patches-openjdk-8/CVE-2024-21094.patch >>> new file mode 100644 >>> index 0000000..1852bd7 >>> --- /dev/null >>> +++ b/recipes-core/openjdk/patches-openjdk-8/CVE-2024-21094.patch >>> @@ -0,0 +1,637 @@ >>> +From 43cb87550865a93c559c9e8eaa59fcb071301bd3 Mon Sep 17 00:00:00 2001 >>> +From: Martin Balao <mbalao@openjdk.org> >>> +Date: Wed, 27 Mar 2024 03:21:25 +0000 >>> +Subject: [PATCH] CVE-2024-21094: 8317507: C2 compilation fails with "Exceeded _node_regs >>> + array" >>> + >>> +Upstream-Status: Backport from https://github.com/openjdk/jdk8u/commit/43cb87550865a93c559c9e8eaa59fcb071301bd3 >>> +CVE: CVE-2024-21094 >>> + >>> +Signed-off-by: Rohini Sangam <rsangam@mvista.com> >>> +--- >>> + .../hotspot/src/share/vm/adlc/output_c.cpp | 2 + >>> + .../regalloc/TestNodeRegArrayOverflow.java | 599 ++++++++++++++++++ >>> + 2 files changed, 601 insertions(+) >>> + create mode 100644 hotspot/test/compiler/regalloc/TestNodeRegArrayOverflow.java >>> + >>> +diff --git a/hotspot/src/share/vm/adlc/output_c.cpp b/hotspot/src/share/vm/adlc/output_c.cpp >>> +index 19916904..b85123b4 100644 >>> +--- a/hotspot/src/share/vm/adlc/output_c.cpp >>> ++++ b/hotspot/src/share/vm/adlc/output_c.cpp >>> +@@ -3023,6 +3023,8 @@ static void define_fill_new_machnode(bool used, FILE *fp_cpp) { >>> + fprintf(fp_cpp, " if( i != cisc_operand() ) \n"); >>> + fprintf(fp_cpp, " to[i] = _opnds[i]->clone(C);\n"); >>> + fprintf(fp_cpp, " }\n"); >>> ++ fprintf(fp_cpp, " // Do not increment node index counter, since node reuses my index\n"); >>> ++ fprintf(fp_cpp, " C->set_unique(C->unique() - 1);\n"); >>> + fprintf(fp_cpp, "}\n"); >>> + } >>> + fprintf(fp_cpp, "\n"); >>> +diff --git a/hotspot/test/compiler/regalloc/TestNodeRegArrayOverflow.java b/hotspot/test/compiler/regalloc/TestNodeRegArrayOverflow.java >>> +new file mode 100644 >>> +index 00000000..281524cc >>> +--- /dev/null >>> ++++ b/hotspot/test/compiler/regalloc/TestNodeRegArrayOverflow.java >>> +@@ -0,0 +1,599 @@ >>> ++/* >>> ++ * Copyright (c) 2023, Oracle and/or its affiliates. All rights reserved. >>> ++ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. >>> ++ * >>> ++ * This code is free software; you can redistribute it and/or modify it >>> ++ * under the terms of the GNU General Public License version 2 only, as >>> ++ * published by the Free Software Foundation. >>> ++ * >>> ++ * This code is distributed in the hope that it will be useful, but WITHOUT >>> ++ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or >>> ++ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License >>> ++ * version 2 for more details (a copy is included in the LICENSE file that >>> ++ * accompanied this code). >>> ++ * >>> ++ * You should have received a copy of the GNU General Public License version >>> ++ * 2 along with this work; if not, write to the Free Software Foundation, >>> ++ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. >>> ++ * >>> ++ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA >>> ++ * or visit www.oracle.com if you need additional information or have any >>> ++ * questions. >>> ++ */ >>> ++ >>> ++package compiler.regalloc; >>> ++ >>> ++/** >>> ++ * @test >>> ++ * @bug 8317507 >>> ++ * @summary Test that C2's PhaseRegAlloc::_node_regs (a post-register-allocation >>> ++ * mapping from machine nodes to assigned registers) does not overflow >>> ++ * in the face of a program with a high-density of CISC spilling >>> ++ * candidate nodes. >>> ++ * @run main/othervm -Xcomp -XX:CompileOnly=compiler.regalloc.TestNodeRegArrayOverflow::testWithCompilerUnrolling >>> ++ -XX:CompileCommand=dontinline,compiler.regalloc.TestNodeRegArrayOverflow::dontInline >>> ++ compiler.regalloc.TestNodeRegArrayOverflow compiler >>> ++ * @run main/othervm -Xcomp -XX:CompileOnly=compiler.regalloc.TestNodeRegArrayOverflow::testWithManualUnrolling >>> ++ -XX:CompileCommand=dontinline,compiler.regalloc.TestNodeRegArrayOverflow::dontInline >>> ++ compiler.regalloc.TestNodeRegArrayOverflow manual >>> ++ */ >>> ++ >>> ++public class TestNodeRegArrayOverflow { >>> ++ >>> ++ static int dontInline() { >>> ++ return 0; >>> ++ } >>> ++ >>> ++ static float testWithCompilerUnrolling(float inc) { >>> ++ int i = 0, j = 0; >>> ++ // This non-inlined method call causes 'inc' to be spilled. >>> ++ float f = dontInline(); >>> ++ // This two-level reduction loop is unrolled 512 times, which is >>> ++ // requested by the SLP-specific unrolling analysis, but not vectorized. >>> ++ // Because 'inc' is spilled, each of the unrolled AddF nodes is >>> ++ // CISC-spill converted (PhaseChaitin::fixup_spills()). Before the fix, >>> ++ // this causes the unique node index counter (Compile::_unique) to grow >>> ++ // beyond the size of the node register array >>> ++ // (PhaseRegAlloc::_node_regs), and leads to overflow when accessed for >>> ++ // nodes that are created later (e.g. during the peephole phase). >>> ++ while (i++ < 128) { >>> ++ for (j = 0; j < 16; j++) { >>> ++ f += inc; >>> ++ } >>> ++ } >>> ++ return f; >>> ++ } >>> ++ >>> ++ // This test reproduces the same failure as 'testWithCompilerUnrolling' >>> ++ // without relying on loop transformations. >>> ++ static float testWithManualUnrolling(float inc) { >>> ++ int i = 0, j = 0; >>> ++ float f = dontInline(); >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ f += inc; >>> ++ return f; >>> ++ } >>> ++ >>> ++ public static void main(String[] args) { >>> ++ switch (args[0]) { >>> ++ case "compiler": >>> ++ testWithCompilerUnrolling(0); >>> ++ break; >>> ++ case "manual": >>> ++ testWithManualUnrolling(0); >>> ++ break; >>> ++ default: >>> ++ throw new IllegalArgumentException("Invalid mode: " + args[0]); >>> ++ } >>> ++ } >>> ++} >>> +-- >>> +2.35.7 >>> + >>> -- >>> 2.34.1 >>> > _._,_._,_ > ________________________________ > Links: > > You receive all messages sent to this group. > > View/Reply Online (#435) | Reply To Group | Reply To Sender | Mute This Topic | New Topic > Your Subscription | Contact Group Owner | Unsubscribe [alex.kanavin@gmail.com] > > _._,_._,_
Most of the metadata is identical on master, scarthgap and kirkstone. Stable release policy is that we must apply the patches to master and then back port to stable branches. No CVEs will be fixed in only kirkstone when they are also applicable to master and scarthgap. I cannot currently get any supported branch to build on a modern distro, such as those currently tested on the AutoBuilder. Therefore I cannot merge any patches. FWIW, my personal systems are Ybuntu 22.94 and Debian 12. We have zero continuous integration. We have zero ptest packages enabled. I have spent all the own-time and more on this situation without any real success or help. I will not devote more time to this situation unless things change. I do not use nor rely on meta-java. I do not have any customers paying me to work on it. The original maintainers all went silent many years ago. Unless the community steps up to get master branch reliably building in a way that could be turned into CI, we are at a standstill. We need to see a branch and configuration that can be reproduced by any one of us. On Wed, Jul 17, 2024 at 12:19 AM Alexander Kanavin via lists.yoctoproject.org <alex.kanavin=gmail.com@lists.yoctoproject.org> wrote: > I think you should CC Tim. Note that meta-java may not be maintained > anymore. > > Alex > > On Wed, 17 Jul 2024 at 06:19, Rohini Sangam via lists.yoctoproject.org > <rsangam=mvista.com@lists.yoctoproject.org> wrote: > > > > Gentle reminder!!! > > Any update on this ?? > > > > Regards, > > Rohini Sangam > > > > On Thu, Jul 11, 2024 at 12:37 PM Rohini Sangam <rsangam@mvista.com> > wrote: > >> > >> Gentle reminder!!! > >> Any update on this ?? > >> > >> Regards, > >> Rohini Sangam > >> > >> On Tue, Jul 2, 2024 at 1:09 PM Rohini Sangam <rsangam@mvista.com> > wrote: > >>> > >>> CVE fixed: > >>> -CVE-2024-21094 OpenJDK: C2 compilation fails with "Exceeded > _node_regs array" (8317507) > >>> Upstream-Status: Backport from > https://github.com/openjdk/jdk8u/commit/43cb87550865a93c559c9e8eaa59fcb071301bd3 > >>> > >>> Signed-off-by: Rohini Sangam <rsangam@mvista.com> > >>> Signed-off-by: Siddharth Doshi <sdoshi@mvista.com> > >>> --- > >>> .../openjdk/openjdk-8-release-common.inc | 1 + > >>> .../patches-openjdk-8/CVE-2024-21094.patch | 637 ++++++++++++++++++ > >>> 2 files changed, 638 insertions(+) > >>> create mode 100644 > recipes-core/openjdk/patches-openjdk-8/CVE-2024-21094.patch > >>> > >>> diff --git a/recipes-core/openjdk/openjdk-8-release-common.inc > b/recipes-core/openjdk/openjdk-8-release-common.inc > >>> index ff8d96e..f71eb10 100644 > >>> --- a/recipes-core/openjdk/openjdk-8-release-common.inc > >>> +++ b/recipes-core/openjdk/openjdk-8-release-common.inc > >>> @@ -21,6 +21,7 @@ PATCHES_URI = "\ > >>> file://2007-jdk-no-genx11-in-headless.patch \ > >>> file://2008-jdk-no-unused-deps.patch \ > >>> > file://2009-jdk-make-use-gcc-instead-of-ld-for-genSocketOptionRe.patch \ > >>> + file://CVE-2024-21094.patch \ > >>> " > >>> HOTSPOT_UB_PATCH = "\ > >>> file://1001-hotspot-fix-crash-on-JNI_CreateJavaVM.patch \ > >>> diff --git > a/recipes-core/openjdk/patches-openjdk-8/CVE-2024-21094.patch > b/recipes-core/openjdk/patches-openjdk-8/CVE-2024-21094.patch > >>> new file mode 100644 > >>> index 0000000..1852bd7 > >>> --- /dev/null > >>> +++ b/recipes-core/openjdk/patches-openjdk-8/CVE-2024-21094.patch > >>> @@ -0,0 +1,637 @@ > >>> +From 43cb87550865a93c559c9e8eaa59fcb071301bd3 Mon Sep 17 00:00:00 2001 > >>> +From: Martin Balao <mbalao@openjdk.org> > >>> +Date: Wed, 27 Mar 2024 03:21:25 +0000 > >>> +Subject: [PATCH] CVE-2024-21094: 8317507: C2 compilation fails with > "Exceeded _node_regs > >>> + array" > >>> + > >>> +Upstream-Status: Backport from > https://github.com/openjdk/jdk8u/commit/43cb87550865a93c559c9e8eaa59fcb071301bd3 > >>> +CVE: CVE-2024-21094 > >>> + > >>> +Signed-off-by: Rohini Sangam <rsangam@mvista.com> > >>> +--- > >>> + .../hotspot/src/share/vm/adlc/output_c.cpp | 2 + > >>> + .../regalloc/TestNodeRegArrayOverflow.java | 599 > ++++++++++++++++++ > >>> + 2 files changed, 601 insertions(+) > >>> + create mode 100644 > hotspot/test/compiler/regalloc/TestNodeRegArrayOverflow.java > >>> + > >>> +diff --git a/hotspot/src/share/vm/adlc/output_c.cpp > b/hotspot/src/share/vm/adlc/output_c.cpp > >>> +index 19916904..b85123b4 100644 > >>> +--- a/hotspot/src/share/vm/adlc/output_c.cpp > >>> ++++ b/hotspot/src/share/vm/adlc/output_c.cpp > >>> +@@ -3023,6 +3023,8 @@ static void define_fill_new_machnode(bool used, > FILE *fp_cpp) { > >>> + fprintf(fp_cpp, " if( i != cisc_operand() ) \n"); > >>> + fprintf(fp_cpp, " to[i] = _opnds[i]->clone(C);\n"); > >>> + fprintf(fp_cpp, " }\n"); > >>> ++ fprintf(fp_cpp, " // Do not increment node index counter, since > node reuses my index\n"); > >>> ++ fprintf(fp_cpp, " C->set_unique(C->unique() - 1);\n"); > >>> + fprintf(fp_cpp, "}\n"); > >>> + } > >>> + fprintf(fp_cpp, "\n"); > >>> +diff --git > a/hotspot/test/compiler/regalloc/TestNodeRegArrayOverflow.java > b/hotspot/test/compiler/regalloc/TestNodeRegArrayOverflow.java > >>> +new file mode 100644 > >>> +index 00000000..281524cc > >>> +--- /dev/null > >>> ++++ b/hotspot/test/compiler/regalloc/TestNodeRegArrayOverflow.java > >>> +@@ -0,0 +1,599 @@ > >>> ++/* > >>> ++ * Copyright (c) 2023, Oracle and/or its affiliates. All rights > reserved. > >>> ++ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. > >>> ++ * > >>> ++ * This code is free software; you can redistribute it and/or modify > it > >>> ++ * under the terms of the GNU General Public License version 2 only, > as > >>> ++ * published by the Free Software Foundation. > >>> ++ * > >>> ++ * This code is distributed in the hope that it will be useful, but > WITHOUT > >>> ++ * ANY WARRANTY; without even the implied warranty of > MERCHANTABILITY or > >>> ++ * FITNESS FOR A PARTIC > <https://www.google.com/maps/search/S+FOR+A+PARTIC?entry=gmail&source=g>ULAR > PURPOSE. See the GNU General Public License > >>> ++ * version 2 for more details (a copy is included in the LICENSE fil > <https://www.google.com/maps/search/e+details+(a+copy+is+included+in+the+LICENSE+fil?entry=gmail&source=g>e > that > >>> ++ * accompanied this code). > >>> ++ * > >>> ++ * You should have received a copy of the GNU General Public License > version > >>> ++ * 2 along with this work; if not, write to the Free Software > Foundation, > >>> ++ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. > >>> ++ * > >>> ++ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA > 94065 USA > >>> ++ * or visit www.oracle.com if you need additional information or > have any > >>> ++ * questions. > >>> ++ */ > >>> ++ > >>> ++package compiler.regalloc; > >>> ++ > >>> ++/** > >>> ++ * @test > >>> ++ * @bug 8317507 > >>> ++ * @summary Test that C2's PhaseRegAlloc::_node_regs (a > post-register-allocation > >>> ++ * mapping from machine nodes to assigned registers) does > not overflow > >>> ++ * in the face of a program with a high-density of CISC > spilling > >>> ++ * candidate nodes. > >>> ++ * @run main/othervm -Xcomp > -XX:CompileOnly=compiler.regalloc.TestNodeRegArrayOverflow::testWithCompilerUnrolling > >>> ++ > -XX:CompileCommand=dontinline,compiler.regalloc.TestNodeRegArrayOverflow::dontInline > >>> ++ compiler.regalloc.TestNodeRegArrayOverflow > compiler > >>> ++ * @run main/othervm -Xcomp > -XX:CompileOnly=compiler.regalloc.TestNodeRegArrayOverflow::testWithManualUnrolling > >>> ++ > -XX:CompileCommand=dontinline,compiler.regalloc.TestNodeRegArrayOverflow::dontInline > >>> ++ compiler.regalloc.TestNodeRegArrayOverflow > manual > >>> ++ */ > >>> ++ > >>> ++public class TestNodeRegArrayOverflow { > >>> ++ > >>> ++ static int dontInline() { > >>> ++ return 0; > >>> ++ } > >>> ++ > >>> ++ static float testWithCompilerUnrolling(float inc) { > >>> ++ int i = 0, j = 0; > >>> ++ // This non-inlined method call causes 'inc' to be spilled. > >>> ++ float f = dontInline(); > >>> ++ // This two-level reduction loop is unrolled 512 times, > which is > >>> ++ // requested by the SLP-specific unrolling analysis, but not > vectorized. > >>> ++ // Because 'inc' is spilled, each of the unrolled AddF nodes > is > >>> ++ // CISC-spill converted (PhaseChaitin::fixup_spills()). > Before the fix, > >>> ++ // this causes the unique node index counter > (Compile::_unique) to grow > >>> ++ // beyond the size of the node register array > >>> ++ // (PhaseRegAlloc::_node_regs), and leads to overflow when > accessed for > >>> ++ // nodes that are created later (e.g. during the peephole > phase). > >>> ++ while (i++ < 128) { > >>> ++ for (j = 0; j < 16; j++) { > >>> ++ f += inc; > >>> ++ } > >>> ++ } > >>> ++ return f; > >>> ++ } > >>> ++ > >>> ++ // This test reproduces the same failure as > 'testWithCompilerUnrolling' > >>> ++ // without relying on loop transformations. > >>> ++ static float testWithManualUnrolling(float inc) { > >>> ++ int i = 0, j = 0; > >>> ++ float f = dontInline(); > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ f += inc; > >>> ++ return f; > >>> ++ } > >>> ++ > >>> ++ public static void main(String[] args) { > >>> ++ switch (args[0]) { > >>> ++ case "compiler": > >>> ++ testWithCompilerUnrolling(0); > >>> ++ break; > >>> ++ case "manual": > >>> ++ testWithManualUnrolling(0); > >>> ++ break; > >>> ++ default: > >>> ++ throw new IllegalArgumentException("Invalid mode: " + > args[0]); > >>> ++ } > >>> ++ } > >>> ++} > >>> +-- > >>> +2.35.7 > >>> + > >>> -- > >>> 2.34.1 > >>> > > > > > -=-=-=-=-=-=-=-=-=-=-=- > Links: You receive all messages sent to this group. > View/Reply Online (#436): > https://lists.yoctoproject.org/g/yocto-patches/message/436 > Mute This Topic: https://lists.yoctoproject.org/mt/106996115/924729 > Group Owner: yocto-patches+owner@lists.yoctoproject.org > Unsubscribe: > https://lists.yoctoproject.org/g/yocto-patches/leave/13169857/924729/1023951714/xyzzy > [ticotimo@gmail.com] > -=-=-=-=-=-=-=-=-=-=-=- > > >
diff --git a/recipes-core/openjdk/openjdk-8-release-common.inc b/recipes-core/openjdk/openjdk-8-release-common.inc index ff8d96e..f71eb10 100644 --- a/recipes-core/openjdk/openjdk-8-release-common.inc +++ b/recipes-core/openjdk/openjdk-8-release-common.inc @@ -21,6 +21,7 @@ PATCHES_URI = "\ file://2007-jdk-no-genx11-in-headless.patch \ file://2008-jdk-no-unused-deps.patch \ file://2009-jdk-make-use-gcc-instead-of-ld-for-genSocketOptionRe.patch \ + file://CVE-2024-21094.patch \ " HOTSPOT_UB_PATCH = "\ file://1001-hotspot-fix-crash-on-JNI_CreateJavaVM.patch \ diff --git a/recipes-core/openjdk/patches-openjdk-8/CVE-2024-21094.patch b/recipes-core/openjdk/patches-openjdk-8/CVE-2024-21094.patch new file mode 100644 index 0000000..1852bd7 --- /dev/null +++ b/recipes-core/openjdk/patches-openjdk-8/CVE-2024-21094.patch @@ -0,0 +1,637 @@ +From 43cb87550865a93c559c9e8eaa59fcb071301bd3 Mon Sep 17 00:00:00 2001 +From: Martin Balao <mbalao@openjdk.org> +Date: Wed, 27 Mar 2024 03:21:25 +0000 +Subject: [PATCH] CVE-2024-21094: 8317507: C2 compilation fails with "Exceeded _node_regs + array" + +Upstream-Status: Backport from https://github.com/openjdk/jdk8u/commit/43cb87550865a93c559c9e8eaa59fcb071301bd3 +CVE: CVE-2024-21094 + +Signed-off-by: Rohini Sangam <rsangam@mvista.com> +--- + .../hotspot/src/share/vm/adlc/output_c.cpp | 2 + + .../regalloc/TestNodeRegArrayOverflow.java | 599 ++++++++++++++++++ + 2 files changed, 601 insertions(+) + create mode 100644 hotspot/test/compiler/regalloc/TestNodeRegArrayOverflow.java + +diff --git a/hotspot/src/share/vm/adlc/output_c.cpp b/hotspot/src/share/vm/adlc/output_c.cpp +index 19916904..b85123b4 100644 +--- a/hotspot/src/share/vm/adlc/output_c.cpp ++++ b/hotspot/src/share/vm/adlc/output_c.cpp +@@ -3023,6 +3023,8 @@ static void define_fill_new_machnode(bool used, FILE *fp_cpp) { + fprintf(fp_cpp, " if( i != cisc_operand() ) \n"); + fprintf(fp_cpp, " to[i] = _opnds[i]->clone(C);\n"); + fprintf(fp_cpp, " }\n"); ++ fprintf(fp_cpp, " // Do not increment node index counter, since node reuses my index\n"); ++ fprintf(fp_cpp, " C->set_unique(C->unique() - 1);\n"); + fprintf(fp_cpp, "}\n"); + } + fprintf(fp_cpp, "\n"); +diff --git a/hotspot/test/compiler/regalloc/TestNodeRegArrayOverflow.java b/hotspot/test/compiler/regalloc/TestNodeRegArrayOverflow.java +new file mode 100644 +index 00000000..281524cc +--- /dev/null ++++ b/hotspot/test/compiler/regalloc/TestNodeRegArrayOverflow.java +@@ -0,0 +1,599 @@ ++/* ++ * Copyright (c) 2023, Oracle and/or its affiliates. All rights reserved. ++ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. ++ * ++ * This code is free software; you can redistribute it and/or modify it ++ * under the terms of the GNU General Public License version 2 only, as ++ * published by the Free Software Foundation. ++ * ++ * This code is distributed in the hope that it will be useful, but WITHOUT ++ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or ++ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License ++ * version 2 for more details (a copy is included in the LICENSE file that ++ * accompanied this code). ++ * ++ * You should have received a copy of the GNU General Public License version ++ * 2 along with this work; if not, write to the Free Software Foundation, ++ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. ++ * ++ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA ++ * or visit www.oracle.com if you need additional information or have any ++ * questions. ++ */ ++ ++package compiler.regalloc; ++ ++/** ++ * @test ++ * @bug 8317507 ++ * @summary Test that C2's PhaseRegAlloc::_node_regs (a post-register-allocation ++ * mapping from machine nodes to assigned registers) does not overflow ++ * in the face of a program with a high-density of CISC spilling ++ * candidate nodes. ++ * @run main/othervm -Xcomp -XX:CompileOnly=compiler.regalloc.TestNodeRegArrayOverflow::testWithCompilerUnrolling ++ -XX:CompileCommand=dontinline,compiler.regalloc.TestNodeRegArrayOverflow::dontInline ++ compiler.regalloc.TestNodeRegArrayOverflow compiler ++ * @run main/othervm -Xcomp -XX:CompileOnly=compiler.regalloc.TestNodeRegArrayOverflow::testWithManualUnrolling ++ -XX:CompileCommand=dontinline,compiler.regalloc.TestNodeRegArrayOverflow::dontInline ++ compiler.regalloc.TestNodeRegArrayOverflow manual ++ */ ++ ++public class TestNodeRegArrayOverflow { ++ ++ static int dontInline() { ++ return 0; ++ } ++ ++ static float testWithCompilerUnrolling(float inc) { ++ int i = 0, j = 0; ++ // This non-inlined method call causes 'inc' to be spilled. ++ float f = dontInline(); ++ // This two-level reduction loop is unrolled 512 times, which is ++ // requested by the SLP-specific unrolling analysis, but not vectorized. ++ // Because 'inc' is spilled, each of the unrolled AddF nodes is ++ // CISC-spill converted (PhaseChaitin::fixup_spills()). Before the fix, ++ // this causes the unique node index counter (Compile::_unique) to grow ++ // beyond the size of the node register array ++ // (PhaseRegAlloc::_node_regs), and leads to overflow when accessed for ++ // nodes that are created later (e.g. during the peephole phase). ++ while (i++ < 128) { ++ for (j = 0; j < 16; j++) { ++ f += inc; ++ } ++ } ++ return f; ++ } ++ ++ // This test reproduces the same failure as 'testWithCompilerUnrolling' ++ // without relying on loop transformations. ++ static float testWithManualUnrolling(float inc) { ++ int i = 0, j = 0; ++ float f = dontInline(); ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ f += inc; ++ return f; ++ } ++ ++ public static void main(String[] args) { ++ switch (args[0]) { ++ case "compiler": ++ testWithCompilerUnrolling(0); ++ break; ++ case "manual": ++ testWithManualUnrolling(0); ++ break; ++ default: ++ throw new IllegalArgumentException("Invalid mode: " + args[0]); ++ } ++ } ++} +-- +2.35.7 +