RFR: 8271925: ZGC: Arraycopy stub passes invalid oop to load barrier
Tobias Hartmann
thartmann at openjdk.java.net
Thu Aug 5 08:22:41 UTC 2021
The fix for [JDK-8270461](https://bugs.openjdk.java.net/browse/JDK-8270461), see [PR 252](https://git.openjdk.java.net/jdk17/pull/252), made sure that the arraycopy offset when cloning an oop array always points to the first element of the array. However, it missed to adjust the copy length as well, leading to reading/copying 8 bytes beyond the end of the array.
This only reproduces in Valhalla (probably because the mark word layout differs there) and only with `-XX:-UseCompressedClassPointers`. I'll backport the fix to JDK 17u.
Thanks,
Tobias
-------------
Commit messages:
- 8271925: ZGC: Arraycopy stub passes invalid oop to load barrier
Changes: https://git.openjdk.java.net/jdk/pull/5014/files
Webrev: https://webrevs.openjdk.java.net/?repo=jdk&pr=5014&range=00
Issue: https://bugs.openjdk.java.net/browse/JDK-8271925
Stats: 9 lines in 1 file changed: 3 ins; 0 del; 6 mod
Patch: https://git.openjdk.java.net/jdk/pull/5014.diff
Fetch: git fetch https://git.openjdk.java.net/jdk pull/5014/head:pull/5014
PR: https://git.openjdk.java.net/jdk/pull/5014
More information about the hotspot-compiler-dev
mailing list