From de7d96bd84ba81580e36f556587496e497ec1daf Mon Sep 17 00:00:00 2001
Date: Mon, 24 Jun 2019 16:39:29 +0000
Subject: [PATCH] 8167409: Invalid value passed to critical JNI function

summary: Invalid value passed to critical JNI function
LLT: hotspot/test/compiler/runtime/CheckLongArgs.java
Bug url: https://bugs.openjdk.java.net/browse/JDK-8167409

---
 hotspot/src/cpu/x86/vm/sharedRuntime_x86_64.cpp    |   2 +-
 .../argumentcorruption/CheckLongArgs.java          |  46 +++++++++++++++++++++
 .../argumentcorruption/libCNCheckLongArgs.c        |  30 ++++++++++++++
 3 files changed, 77 insertions(+), 1 deletion(-)
 create mode 100644 hotspot/test/runtime/criticalnatives/argumentcorruption/CheckLongArgs.java
 create mode 100644 hotspot/test/runtime/criticalnatives/argumentcorruption/libCNCheckLongArgs.c

diff --git a/hotspot/src/cpu/x86/vm/sharedRuntime_x86_64.cpp b/hotspot/src/cpu/x86/vm/sharedRuntime_x86_64.cpp
index 5c62d7180b..22c90a59d8 100644
--- a/hotspot/src/cpu/x86/vm/sharedRuntime_x86_64.cpp
+++ b/hotspot/src/cpu/x86/vm/sharedRuntime_x86_64.cpp
@@ -2198,7 +2198,7 @@ nmethod* SharedRuntime::generate_native_wrapper(MacroAssembler* masm,
   int pinned_slot = oop_handle_offset;
 
   VMRegPair tmp_vmreg;
-  tmp_vmreg.set1(rbx->as_VMReg());
+  tmp_vmreg.set2(rbx->as_VMReg());
 
   if (!is_critical_native) {
     for (int i = total_in_args - 1, c_arg = total_c_args - 1; i >= 0; i--, c_arg--) {
diff --git a/hotspot/test/runtime/criticalnatives/argumentcorruption/CheckLongArgs.java b/hotspot/test/runtime/criticalnatives/argumentcorruption/CheckLongArgs.java
new file mode 100644
index 0000000000..15d7c04977
--- /dev/null
+++ b/hotspot/test/runtime/criticalnatives/argumentcorruption/CheckLongArgs.java
@@ -0,0 +1,46 @@
+/*
+ * @test
+ * @author yansendao
+ * @requires os.arch != "aarch64"
+ * @run main/othervm -Xcomp -XX:+CriticalJNINatives compiler.runtime.criticalnatives.argumentcorruption.CheckLongArgs
+ */
+package compiler.runtime.criticalnatives.argumentcorruption;
+public class CheckLongArgs {
+    static {
+        String path = System.getProperty("test.src");
+        String arch = System.getProperty("os.arch");
+        String name = System.getProperty("os.name");
+        if (path == null)
+            System.loadLibrary("CNCheckLongArgs");
+        else if (name.indexOf("Linux") != -1 && path != null)
+            System.load(path + "/lib/" + arch + "/libCNCheckLongArgs.so");
+        else
+            throw new RuntimeException("unsupport arch or os!");
+    }
+    static native void m1(long a1, long a2, long a3, long a4,  long a5, long a6, long a7, long a8, byte[] result);
+    static native void m2(long a1, int[] a2, long a3, int[] a4, long a5, int[] a6, long a7, int[] a8, long a9, byte[] result);
+    public static void main(String args[]) throws Exception {
+        test();
+    }
+    private static void test() throws Exception {
+        int[] l1 = { 1111, 2222, 3333 };
+        int[] l2 = { 4444, 5555, 6666 };
+        int[] l3 = { 7777, 8888, 9999 };
+        int[] l4 = { 1010, 2020, 3030 };
+        byte[] result = { -1 };
+        m1(1111111122222222L, 3333333344444444L, 5555555566666666L, 7777777788888888L, 9999999900000000L, 1212121234343434L,
+           5656565678787878L, 9090909012121212L, result);
+        check(result[0]);
+        result[0] = -1;
+        m2(1111111122222222L, l1, 3333333344444444L, l2, 5555555566666666L, l3, 7777777788888888L, l4, 9999999900000000L, result);
+        check(result[0]);
+    }
+    private static void check(byte result) throws Exception {
+        if (result != 2) {
+            if (result == 1) {
+              throw new Exception("critical native arguments mismatch");
+            }
+            throw new Exception("critical native lookup failed");
+        }
+    }
+}
diff --git a/hotspot/test/runtime/criticalnatives/argumentcorruption/libCNCheckLongArgs.c b/hotspot/test/runtime/criticalnatives/argumentcorruption/libCNCheckLongArgs.c
new file mode 100644
index 0000000000..c805d75af3
--- /dev/null
+++ b/hotspot/test/runtime/criticalnatives/argumentcorruption/libCNCheckLongArgs.c
@@ -0,0 +1,30 @@
+#include "jni.h"
+JNIEXPORT void JNICALL JavaCritical_compiler_runtime_criticalnatives_argumentcorruption_CheckLongArgs_m1
+  (jlong a1, jlong a2, jlong a3, jlong a4, jlong a5, jlong a6, jlong a7, jlong a8,jint result_length,jbyte* result) {
+
+  if (a1 != 1111111122222222LL || a2 != 3333333344444444LL || a3 != 5555555566666666LL || a4 != 7777777788888888LL ||
+      a5 != 9999999900000000LL || a6 != 1212121234343434LL || a7 != 5656565678787878LL || a8 != 9090909012121212LL ||
+      result_length != 1 || result[0] != -1) {
+    result[0] = 1;
+  } else {
+    result[0] = 2;
+  }
+}
+
+JNIEXPORT void JNICALL JavaCritical_compiler_runtime_criticalnatives_argumentcorruption_CheckLongArgs_m2
+  (jlong a1, jint a2_length, jint* a2, jlong a3, jint a4_length, jint* a4, jlong a5, jint a6_length, jint* a6, jlong a7,
+   jint a8_length, jint* a8, jlong a9, jint result_length, jbyte* result) {
+  if (a1 != 1111111122222222LL || a2_length != 3 || a2[0] != 1111 || a3 != 3333333344444444LL || a4_length != 3 || a4[0] != 4444 ||
+      a5 != 5555555566666666LL || a6_length != 3 || a6[0] != 7777 || a7 != 7777777788888888LL || a8_length != 3 || a8[0] != 1010 || a9 != 9999999900000000LL ||
+      result_length != 1 || result[0] != -1) {
+    result[0] = 1;
+  } else {
+    result[0] = 2;
+  }
+}
+
+JNIEXPORT void JNICALL Java_compiler_runtime_criticalnatives_argumentcorruption_CheckLongArgs_m1
+  (JNIEnv * env, jclass jclazz, jlong a3, jlong a4, jlong a5, jlong a6, jlong a7, jlong a8, jlong a9, jlong a10, jbyteArray result) {}
+
+JNIEXPORT void JNICALL Java_compiler_runtime_criticalnatives_argumentcorruption_CheckLongArgs_m2
+  (JNIEnv * env, jclass jclazz, jlong a3, jintArray a4, jlong a5, jintArray a6, jlong a7, jintArray a8, jlong a9, jintArray a10, jlong a11, jbyteArray result) {}
-- 
2.12.3