RFR (XXS): 8016474: Crash in sun.reflect.UnsafeObjectFieldAccessorImpl.get
Christian Thalinger
christian.thalinger at oracle.com
Wed Jul 24 14:37:03 PDT 2013
http://cr.openjdk.java.net/~twisti/8016474
8016474: Crash in sun.reflect.UnsafeObjectFieldAccessorImpl.get
Summary: C1's GetUnsafeObject G1 pre-barrier uses the wrong type to read the klass pointer.
Reviewed-by:
There is a bug in C1's GetUnsafeObject G1 pre-barrier code. If UseCompressedKlassPointers is on we use T_OBJECT to read the klass pointer of the object. If we also use a different object alignment like 16 or 32 (-XX:ObjectAlignmentInBytes=16) the klass pointer gets decoded with the wrong shift resulting in a wrong pointer and a crash.
The fix is to always use T_ADDRESS for klass pointer reads.
src/share/vm/c1/c1_LIRGenerator.cpp
test/compiler/unsafe/GetUnsafeObjectG1PreBarrier.java
More information about the hotspot-compiler-dev
mailing list