<html>
  <head>
    <meta content="text/html; charset=UTF-8" http-equiv="Content-Type">
  </head>
  <body text="#000000" bgcolor="#FFFFFF">
    answer inline.<br>
    <br>
    <div class="moz-cite-prefix">On 2014-04-30 21:17, Christian
      Thalinger wrote:<br>
    </div>
    <blockquote
      cite="mid:EA8ACCC3-22E4-4B96-93B8-C849196E5E6F@oracle.com"
      type="cite">
      <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
      <br>
      <div>
        <div>On Apr 30, 2014, at 3:06 AM, Nils Eliasson <<a
            moz-do-not-send="true"
            href="mailto:nils.eliasson@oracle.com">nils.eliasson@oracle.com</a>>
          wrote:</div>
        <br class="Apple-interchange-newline">
        <blockquote type="cite">Hi,<br>
          <br>
          I would like some feedback on this change from the c1 experts.
          It's made in platform dependent code and will be added to the
          other plattforms as well before submit.<br>
          <br>
          This change fixes a bug that has been observed in testing, and
          dug up from a core file, but haven't reproduced standalone
          yet. When patching for checkcast the oop we are casting is not
          kept in an oopmap during the runtime patching call, a one time
          chance per run.<br>
          <br>
          The current change is for all the patching stub cases
          (access_field_id, load_klass_id, load_mirror_id,
          load_appendix_id) - is that needed? </blockquote>
        <div><br>
        </div>
        This looks reasonable.  What you are saying is that at:</div>
      <div><br>
      </div>
      <div><span style="font-family: Courier;"> 0x00007f20c94359c5:
          callq  0x00007f20c942e3e0  ; OopMap{[32]=Oop off=266}</span><br
          style="font-family: Courier;">
      </div>
      <div><br>
      </div>
      <div>the OopMap does not contain the object (in this case in rdx)
        and so is not handled during a GC, correct?</div>
    </blockquote>
    <br>
    Yes<br>
    <br>
    <blockquote
      cite="mid:EA8ACCC3-22E4-4B96-93B8-C849196E5E6F@oracle.com"
      type="cite">
      <div><br>
        <blockquote type="cite">Do you see any potential for breaking
          anything? It is difficult to trigger a GC at exact this point
          during a test.<br>
        </blockquote>
        <div><br>
        </div>
        Can’t you trigger a GC inside the runtime call by calling:</div>
      <div><br>
      </div>
      <div>
        <div style="margin: 0px; font-size: 11px; font-family: Monaco;"> 
            <span style="color: #006141">Universe</span>::heap()->collect(<span
            style="color: #006141">GCCause</span>::<span style="color:
            #0326cc">_java_lang_system_gc</span>);</div>
        <div><br>
        </div>
        <div>?</div>
      </div>
    </blockquote>
    <br>
    Yes, that did the trick. Now I have a reliable reproducer. <br>
    <br>
    Thank you!<br>
    <br>
    //Nils<br>
    <br>
    <blockquote
      cite="mid:EA8ACCC3-22E4-4B96-93B8-C849196E5E6F@oracle.com"
      type="cite">
      <div>
        <div><br>
        </div>
      </div>
      <div>
        <blockquote type="cite"><br>
          <a moz-do-not-send="true"
            href="http://cr.openjdk.java.net/%7Eneliasso/8031475/webrev.01/">http://cr.openjdk.java.net/~neliasso/8031475/webrev.01/</a><br>
          <a class="moz-txt-link-freetext" href="https://bugs.openjdk.java.net/browse/JDK-8031475">https://bugs.openjdk.java.net/browse/JDK-8031475</a><br>
          <br>
          Thanks,<br>
          Nils Eliasson<br>
          <br>
          <br>
          Code example:<br>
          <br>
           0x00007f20c943590c: mov    $0x718d65d38,%rdx  ;   {oop(a
          'BeanImpl2')}   // oops to be casted in rdx<br>
           0x00007f20c9435916: cmp    $0x0,%rdx<br>
           0x00007f20c943591a: je     0x00007f20c9435967   // jump to
          patching stub<br>
           // patch location<br>
           0x00007f20c9435920: jmpq   0x00007f20c94359c5  ;   {no_reloc}<br>
           0x00007f20c9435925: add    %al,(%rax)<br>
           0x00007f20c9435927: add    %al,(%rax)<br>
           0x00007f20c9435929: add    %cl,-0x3eb7f786(%rbx)<br>
           0x00007f20c943592f: out    %eax,$0x3<br>
           // end of patch location<br>
           0x00007f20c9435931: cmp    %rbx,%rdi<br>
           0x00007f20c9435934: je     0x00007f20c9435967 // A
          dereference of rdx somewhere here may crash if the oop has
          moved during a gc<br>
           0x00007f20c943593a: mov    0x10(%rbx),%esi<br>
           0x00007f20c943593d: cmp    (%rdi,%rsi,1),%rbx<br>
           0x00007f20c9435941: je     0x00007f20c9435967<br>
          <br>
           ...<br>
          <br>
           ;; PatchingStub slow case<br>
           ;;  patch template<br>
           0x00007f20c94359b6: mov    $0x0,%rbx          ;
            {metadata(NULL)}<br>
           ;; patch data encoded as movl<br>
           0x00007f20c94359c0: mov    $0xa050f00,%eax<br>
           ;; patch entry point<br>
           0x00007f20c94359c5: callq  0x00007f20c942e3e0  ;
          OopMap{[32]=Oop off=266}   // rdx not live here, may safepoint
          on return from runtime call<br>
                                                         ;*checkcast<br>
                                                         ; -
          TestCheckCast::main@25 (line 24)<br>
                                                         ;
            {runtime_call}<br>
           0x00007f20c94359ca: jmpq   0x00007f20c9435920   // back to
          normal control flow after patching<br>
          <br>
        </blockquote>
      </div>
      <br>
    </blockquote>
    <br>
  </body>
</html>