JDK-8247979 : aarch64: missing side effect of killing flags for clearArray_reg_reg
  • Type: Bug
  • Component: hotspot
  • Sub-Component: compiler
  • Affected Version: 11,15,16
  • Priority: P4
  • Status: Resolved
  • Resolution: Fixed
  • OS: generic
  • CPU: aarch64
  • Submitted: 2020-06-22
  • Updated: 2024-11-13
  • Resolved: 2020-06-23
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 11 JDK 16 Other
11.0.11-oracleFixed 16 b03Fixed openjdk8u292Fixed
Related Reports
Relates :  
JDK-8257192 - Integrate AArch64 JIT port into 8u
Description
    In clearArray_reg_reg, we call function: MacroAssembler::zero words(Register ptr, Register cnt).
    This function modifies the flags register by doing a cmp instruction at entry.  But this is not reflected in the side effect of clearArray_reg_reg.
    We didn't see this is triggers problems.  But this may pose similar risk as bug: 8224828: aarch64: rflags is not correct after safepoint poll.
    Fix is trivial:

diff -r 2342d5af52b7 src/hotspot/cpu/aarch64/aarch64.ad
--- a/src/hotspot/cpu/aarch64/aarch64.ad        Mon Jun 22 08:09:23 2020 +0200
+++ b/src/hotspot/cpu/aarch64/aarch64.ad        Mon Jun 22 15:58:05 2020 +0800
@@ -13845,7 +13845,7 @@
 instruct clearArray_reg_reg(iRegL_R11 cnt, iRegP_R10 base, Universe dummy, rFlagsReg cr)
 %{
   match(Set dummy (ClearArray cnt base));
-  effect(USE_KILL cnt, USE_KILL base);
+  effect(USE_KILL cnt, USE_KILL base, KILL cr);

   ins_cost(4 * INSN_COST);
   format %{ "ClearArray $cnt, $base" %}

BTW: clearArray_imm_reg does not have the issue since it calls a different function: MacroAssembler::zero_words(Register base, u_int64_t cnt)

13843 // clearing of an array
13844
13845 instruct clearArray_reg_reg(iRegL_R11 cnt, iRegP_R10 base, Universe dummy, rFlagsReg cr)
13846 %{
13847   match(Set dummy (ClearArray cnt base));
13848   effect(USE_KILL cnt, USE_KILL base);
13849
13850   ins_cost(4 * INSN_COST);
13851   format %{ "ClearArray $cnt, $base" %}
13852
13853   ins_encode %{
13854     __ zero_words($base$$Register, $cnt$$Register);
13855   %}
13856
13857   ins_pipe(pipe_class_memory);
13858 %}

4771 void MacroAssembler::zero_words(Register ptr, Register cnt)
4772 {
4773   assert(is_power_of_2(zero_words_block_size), "adjust this");
4774   assert(ptr == r10 && cnt == r11, "mismatch in register usage");
4775
4776   BLOCK_COMMENT("zero_words {");
4777   cmp(cnt, (u1)zero_words_block_size);               <=================
Comments
Fix request (11u) JDK-11 is affected by this bug so a backport of the fix would be desirable. Patch applies cleanly. Tier1-3 tested on aarch64 linux platform.
17-07-2020
Changeset: cb9d3efe Author: Dong Wangya <wangyadong4@huawei.com> Committer: Fei Yang <fyang@openjdk.org> Date: 2020-06-22 20:26:02 +0000 URL: https://git.openjdk.java.net/panama-foreign/commit/cb9d3efe
02-07-2020
Changeset: cb9d3efe Author: Dong Wangya <wangyadong4@huawei.com> Committer: Fei Yang <fyang@openjdk.org> Date: 2020-06-22 20:26:02 +0000 URL: https://git.openjdk.java.net/amber/commit/cb9d3efe
02-07-2020
Changeset: cb9d3efe Author: Dong Wangya <wangyadong4@huawei.com> Committer: Fei Yang <fyang@openjdk.org> Date: 2020-06-22 20:26:02 +0000 URL: https://git.openjdk.java.net/mobile/commit/cb9d3efe
02-07-2020
URL: https://hg.openjdk.java.net/jdk/jdk/rev/9fce19fdda7e User: fyang Date: 2020-06-23 16:06:53 +0000
23-06-2020