archive/jdk
1
0
Fork 0
mirror of https://github.com/openjdk/jdk.git synced 2025-08-27 14:54:52 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

8016474: Crash in sun.reflect.UnsafeObjectFieldAccessorImpl.get

Browse source 
C1's GetUnsafeObject G1 pre-barrier uses the wrong type to read the klass pointer.

Reviewed-by: iveresov, kvn
This commit is contained in:
Christian Thalinger 2013-07-29 16:32:38 -07:00
parent 16b4f55129
commit 5555a381fb
2 changed files with 72 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
hotspot/src/share/vm/c1/c1_LIRGenerator.cpp
View file

@ -2295,7 +2295,7 @@ void LIRGenerator::do_UnsafeGetObject(UnsafeGetObject* x) {
if (gen_type_check) {
// We have determined that offset == referent_offset && src != null.
// if (src->_klass->_reference_type == REF_NONE) -> continue
__ move(new LIR_Address(src.result(), oopDesc::klass_offset_in_bytes(), UseCompressedKlassPointers ? T_OBJECT : T_ADDRESS), src_klass);
__ move(new LIR_Address(src.result(), oopDesc::klass_offset_in_bytes(), T_ADDRESS), src_klass);
LIR_Address* reference_type_addr = new LIR_Address(src_klass, in_bytes(InstanceKlass::reference_type_offset()), T_BYTE);
LIR_Opr reference_type = new_register(T_INT);
__ move(reference_type_addr, reference_type);