Loading...

XML

Word

Printable

Type: Bug
Resolution: Fixed
Priority: P2
Fix Version/s: 9
Affects Version/s: 9
Component/s: hotspot
Labels:
- noreg-sqe

Subcomponent:
compiler
Introduced In Build:
b120
Resolved In Build:
b131
CPU:

x86
Verification:
Verified

StubRoutines::_dtan overwrites the callee save register $rbx but does not restore the original value before returning.

In the caller method we execute:
0x7fe406be496f: mov %rsi,%rbx // Save 'this' to $rbx
0x7fe406be4972: mov %rdx,%r13
0x7fe406be4975: vmovq %rdx,%xmm0
0x7fe406be497a: movabs $0x7fe405003c7b,%r10
0x7fe406be4984: callq *%r10 // Call StubRoutines::_dtan (overwrites rbx with 0x8000)
0x7fe406be4987: vucomisd %xmm0,%xmm0
0x7fe406be498b: jp 0x7fe406be498f
0x7fe406be498d: je 0x7fe406be49c0
0x7fe406be498f: movabs $0x7ff8000000000000,%r9
0x7fe406be4999: movabs $0x71de35b60,%rdx
0x7fe406be49a3: mov %rbx,%rsi // Restore 'this'
0x7fe406be49a6: mov %r13,%rcx
0x7fe406be49a9: mov %rbp,%r8
0x7fe406be49ac: nop
0x7fe406be49ad: nop
0x7fe406be49ae: nop
0x7fe406be49af: callq 0x7fe40661dea0 // Call test_engine.print_result

We crash in test_engine.print_result() while trying to increment an integer field because 'this' is invalid.

The problem is in MacroAssembler::fast_tan() introduced by ~~JDK-8152907~~:
http://hg.openjdk.java.net/jdk9/hs-comp/hotspot/rev/33f10a35ce20#l16.1052

We miss a 'pop(rbx);' at the end of the stub.

duplicates

JDK-8158157 assert(Universe::heap()->is_in_or_null(r)) failed: bad receiver: 0x0000000000008000 (32768)

Closed

JDK-8160822 Crashed in ~RuntimeStub::resolve_opt_virtual_call

Closed

relates to

JDK-8152907 Update for x86 tan and log10 in the math lib

Resolved

Assignee:: Tobias Hartmann

Reporter:: Tobias Hartmann

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Created:: 2016-06-30 06:00

Updated:: 2017-08-07 02:56

Resolved:: 2016-07-04 02:56

Details

Description

Attachments

Issue Links

Activity

People

Dates