[jdk16] RFR: 8259276: C2: Empty expression stack when reexecuting tableswitch/lookupswitch instructions after deoptimization
Vladimir Kozlov
kvn at openjdk.java.net
Fri Jan 22 23:52:48 UTC 2021
On Fri, 22 Jan 2021 23:49:06 GMT, Vladimir Kozlov <kvn at openjdk.org> wrote:
>> During parsing of `lookupswitch` and `tableswitch` instructions C2 may insert a safepoint. Corresponding JVM state has always re-execute bit set since the interpreter will unconditionally re-execute the instruction after deoptimization is over (see `AbstractInterpreter::bytecode_should_reexecute` for the full list of instructions).
>>
>> But `Parse::do_tableswitch()`/`Parse::do_lookupswitch()` attach wrong JVM state: it describes the state **after** the instruction since the first thing they do is they pop the operand from the expression stack. Instead, the JVM state **before** the instruction should be used to respect the re-execution in the interpreter.
>>
>> The bug manifests as a stack corruption after deoptimization at a broken safepoint.
>>
>> The fix is to keep the initial JVM state (before the instruction) intact until all the safepoints at the particular instruction are inserted.
>>
>> Testing:
>> - [ ] hs-tier1 - hs-tier7 (in progress)
>> - [ ] Kitchensink24h w/ -XX:+DeoptimizeALot (in progress)
>
> Make sense.
Add Fix request for JDK 16 to bug report.
-------------
PR: https://git.openjdk.java.net/jdk16/pull/130
More information about the hotspot-compiler-dev
mailing list