Avoid removing new-instance instruction twice.
Includes a fail-before/pass-after regression test.
Rationale:
In some corner cases, one new instance reached more than one
java.lang.String.<init> method call. As a result, the new
instance instruction appeared multiple times in the vector
uninitialized_strings_. A second removal crashes the compiler.
This change list avoid the crash by simply skipping instructions
that are already removed.
BUG=27847265
Change-Id: I7f8a4f84ea3c184e1529ec3e90bd6749c83c445b
diff --git a/compiler/optimizing/ssa_builder.cc b/compiler/optimizing/ssa_builder.cc
index 09ca8b7..294d00f 100644
--- a/compiler/optimizing/ssa_builder.cc
+++ b/compiler/optimizing/ssa_builder.cc
@@ -458,6 +458,7 @@
}
for (HNewInstance* new_instance : uninitialized_strings_) {
+ DCHECK(new_instance->IsInBlock());
// Replace NewInstance of String with NullConstant if not used prior to
// calling StringFactory. In case of deoptimization, the interpreter is
// expected to skip null check on the `this` argument of the StringFactory call.
@@ -972,7 +973,13 @@
// Replacing the NewInstance might render it redundant. Keep a list of these
// to be visited once it is clear whether it is has remaining uses.
if (arg_this->IsNewInstance()) {
- uninitialized_strings_.push_back(arg_this->AsNewInstance());
+ HNewInstance* new_instance = arg_this->AsNewInstance();
+ // Note that in some rare cases (b/27847265), the same NewInstance may be seen
+ // multiple times. We should only consider it once for removal, so we
+ // ensure it is not added more than once.
+ if (!ContainsElement(uninitialized_strings_, new_instance)) {
+ uninitialized_strings_.push_back(new_instance);
+ }
} else {
DCHECK(arg_this->IsPhi());
// NewInstance is not the direct input of the StringFactory call. It might
diff --git a/test/591-new-instance-string/expected.txt b/test/591-new-instance-string/expected.txt
new file mode 100644
index 0000000..b0aad4d
--- /dev/null
+++ b/test/591-new-instance-string/expected.txt
@@ -0,0 +1 @@
+passed
diff --git a/test/591-new-instance-string/info.txt b/test/591-new-instance-string/info.txt
new file mode 100644
index 0000000..16c7b1f
--- /dev/null
+++ b/test/591-new-instance-string/info.txt
@@ -0,0 +1 @@
+Regression test on new-instance that reaches multiple <init> calls.
diff --git a/test/591-new-instance-string/smali/new-instance.smali b/test/591-new-instance-string/smali/new-instance.smali
new file mode 100644
index 0000000..42559ca
--- /dev/null
+++ b/test/591-new-instance-string/smali/new-instance.smali
@@ -0,0 +1,29 @@
+#
+# Copyright (C) 2016 The Android Open Source Project
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+.class public LNewInstance;
+.super Ljava/lang/Object;
+
+.method public static multipleInit(I)V
+ .registers 2
+ new-instance v0, Ljava/lang/String;
+ if-eqz v1, :Skip
+ invoke-direct {v0}, Ljava/lang/String;-><init>()V
+ goto :Done
+:Skip
+ invoke-direct {v0}, Ljava/lang/String;-><init>()V
+:Done
+ return-void
+.end method
diff --git a/test/591-new-instance-string/src/Main.java b/test/591-new-instance-string/src/Main.java
new file mode 100644
index 0000000..bd59b95
--- /dev/null
+++ b/test/591-new-instance-string/src/Main.java
@@ -0,0 +1,28 @@
+/*
+ * Copyright (C) 2016 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import java.lang.reflect.*;
+
+public class Main {
+
+ public static void main(String args[]) throws Throwable {
+ Class<?> c = Class.forName("NewInstance");
+ Method m = c.getMethod("multipleInit", int.class);
+ m.invoke(null, 0);
+ m.invoke(null, 1);
+ System.out.println("passed");
+ }
+}