From eafb22164bf08fef85e29fb4bb7d79572ddfe80c Mon Sep 17 00:00:00 2001 From: Igor Veresov Date: Wed, 8 Dec 2010 02:36:36 -0800 Subject: [PATCH] 7005241: C1: SEGV in java.util.concurrent.LinkedTransferQueue.xfer() with compressed oops Implementation of the CAS primitive for x64 compressed oops was incorrect. It kills rscratch2 register (r11), which is allocatable in C1. Also, we don't need to restore cmpval as it's never used after that, so we need only one temporary register, which can be scratch1. Reviewed-by: kvn, never --- hotspot/src/cpu/x86/vm/c1_LIRAssembler_x86.cpp | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/hotspot/src/cpu/x86/vm/c1_LIRAssembler_x86.cpp b/hotspot/src/cpu/x86/vm/c1_LIRAssembler_x86.cpp index 25596b2c0d4..724d8411bb5 100644 --- a/hotspot/src/cpu/x86/vm/c1_LIRAssembler_x86.cpp +++ b/hotspot/src/cpu/x86/vm/c1_LIRAssembler_x86.cpp @@ -1993,15 +1993,14 @@ void LIR_Assembler::emit_compare_and_swap(LIR_OpCompareAndSwap* op) { if ( op->code() == lir_cas_obj) { #ifdef _LP64 if (UseCompressedOops) { - __ mov(rscratch1, cmpval); __ encode_heap_oop(cmpval); - __ mov(rscratch2, newval); - __ encode_heap_oop(rscratch2); + __ mov(rscratch1, newval); + __ encode_heap_oop(rscratch1); if (os::is_MP()) { __ lock(); } - __ cmpxchgl(rscratch2, Address(addr, 0)); - __ mov(cmpval, rscratch1); + // cmpval (rax) is implicitly used by this instruction + __ cmpxchgl(rscratch1, Address(addr, 0)); } else #endif {