JDK-7053520 : JSR292: crash in invokedynamic with C1 using tiered and compressed oops
  • Type: Bug
  • Component: hotspot
  • Sub-Component: compiler
  • Affected Version: hs21
  • Priority: P1
  • Status: Closed
  • Resolution: Fixed
  • OS: generic
  • CPU: generic
  • Submitted: 2011-06-10
  • Updated: 2014-01-16
  • Resolved: 2011-06-18
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 7 JDK 8 Other
7Fixed 8Fixed hs21Fixed
Description
Running JSR 292 test cases with TieredCompilation and UseCompressedOops results in crashes.
Comments
Verified via a lot of jsr292 tests in comiler nighlies w/ enabled TieredCompilation as well as in promotion after jdk8b102 (JDK-8008938). Note: COops is enabled by default on many hosts by ergonomics.
16-01-2014
EVALUATION http://hg.openjdk.java.net/hsx/hotspot-rt/hotspot/rev/c8f2186acf6d
18-06-2011
EVALUATION http://hg.openjdk.java.net/jdk7/hotspot-rt/hotspot/rev/3275a6560cf7
18-06-2011
EVALUATION http://hg.openjdk.java.net/jdk7/hotspot/hotspot/rev/3275a6560cf7
17-06-2011
EVALUATION Fix is to code generated for invokedynamic, which is why the CR is flagged as JSR292-related.
17-06-2011
EVALUATION http://hg.openjdk.java.net/hsx/hotspot-comp/hotspot/rev/c8f2186acf6d
14-06-2011
SUGGESTED FIX diff -r 642c68c75db9 src/share/vm/c1/c1_LIRGenerator.cpp --- a/src/share/vm/c1/c1_LIRGenerator.cpp +++ b/src/share/vm/c1/c1_LIRGenerator.cpp @@ -2799,7 +2799,7 @@ void LIRGenerator::do_Invoke(Invoke* x) // Load CallSite object from constant pool cache. __ oop2reg(cpcache->constant_encoding(), tmp); - __ load(new LIR_Address(tmp, call_site_offset, T_OBJECT), tmp); + __ move_wide(new LIR_Address(tmp, call_site_offset, T_OBJECT), tmp); // Load target MethodHandle from CallSite object. __ load(new LIR_Address(tmp, java_lang_invoke_CallSite::target_offset_in_bytes(), T_OBJECT), receiver);
10-06-2011
EVALUATION We are trying to decode the address of the CallSite object stored in constant pool cache as if it were an oop but it's a raw pointer which results in crashes. The fix is to replace the load instruction with move_wide.
10-06-2011