RFR: 8217717: ZGC: Broken oop map in C1 load barrier stub

Per Liden per.liden at oracle.com
Thu Jan 24 11:05:54 UTC 2019

The C1 load barrier stub for ZGC can emit a patching area for a lea 
instruction. However, the call into the VM to do the patching at this 
site is not associated with a proper oop map. As a result, we can end up 
with a stable oop in the base pointer register if a GC safepoint happens 
when we enter the VM to patch.

This problem is not super easy to reproduce by default, but is a serious 
bug when it happens. However, it is fairly easy to reproduce when also 
injecting a small delay in the ZNMethodTable::register_nmethod().

The proposed solution is to never allow patching to happen inside the 
load barrier stub. Instead, if patching is needed, we emit the lea 
instruction as part of the load preceding the load barrier. That will 
automatically generate the proper oop map for the patch site.

Bug: https://bugs.openjdk.java.net/browse/JDK-8217717
Webrev: http://cr.openjdk.java.net/~pliden/8217717/webrev.0

Testing: Manual testing and inspection of generated code. Passes 
gc-test-suite. Currently running tier1-3 on all platforms, and tier1-7 
on Linux/x86.


More information about the hotspot-gc-dev mailing list