Quick compiler: fix array overrun.
MIRGraph::InlineCalls() was using the MIR opcode to recover
Dalvik instruction flags - something that is only valid for
Dalvik opcodes and not the set of extended MIR opcodes.
This is probably the 3rd or 4th time we've had a bug using
the MIR opcode in situations that are only valid for the Dalvik
opcode subset. I took the opportunity to scan the code for
other cases of this (didn't find any), and did some cleanup while
I was in the neighborhood.
We should probably rework the DalvikOpcode/MirOpcode model whenver we
get around to removing DalvikInstruction from MIR.
Internal bug b/15352667: out-of-bound access in mir_optimization.cc
Change-Id: I75f06780468880892151e3cdd313e14bfbbaa489
diff --git a/compiler/dex/mir_graph.cc b/compiler/dex/mir_graph.cc
index 99dd50a..db28f3a 100644
--- a/compiler/dex/mir_graph.cc
+++ b/compiler/dex/mir_graph.cc
@@ -549,8 +549,7 @@
new_block->predecessors->Insert(cur_block->id);
MIR* new_insn = NewMIR();
*new_insn = *insn;
- insn->dalvikInsn.opcode =
- static_cast<Instruction::Code>(kMirOpCheck);
+ insn->dalvikInsn.opcode = static_cast<Instruction::Code>(kMirOpCheck);
// Associate the two halves.
insn->meta.throw_insn = new_insn;
new_block->AppendMIR(new_insn);
@@ -837,8 +836,7 @@
} else {
fprintf(file, " {%04x %s %s %s\\l}%s\\\n", mir->offset,
mir->ssa_rep ? GetDalvikDisassembly(mir) :
- (opcode < kMirOpFirst) ?
- Instruction::Name(mir->dalvikInsn.opcode) :
+ !IsPseudoMirOp(opcode) ? Instruction::Name(mir->dalvikInsn.opcode) :
extended_mir_op_names_[opcode - kMirOpFirst],
(mir->optimization_flags & MIR_IGNORE_RANGE_CHECK) != 0 ? " no_rangecheck" : " ",
(mir->optimization_flags & MIR_IGNORE_NULL_CHECK) != 0 ? " no_nullcheck" : " ",
@@ -1141,7 +1139,7 @@
nop = true;
}
- if (opcode >= kMirOpFirst) {
+ if (IsPseudoMirOp(opcode)) {
str.append(extended_mir_op_names_[opcode - kMirOpFirst]);
} else {
dalvik_format = Instruction::FormatOf(insn.opcode);