RFR: 8348631: Crash in PredictedCallGenerator::generate after JDK-8347006 [v2]

Tobias Hartmann thartmann at openjdk.org
Tue Jan 28 20:41:07 UTC 2025 

> We crash / assert during C2 compilation of intrinsics like `_getLength` because the cast emitted by the array guard added by [JDK-8347006](https://bugs.openjdk.org/browse/JDK-8347006) is folded to top:
> https://github.com/openjdk/jdk/blob/c33c1cfe7349ac657cd7bf54861227709d3c8f1b/src/hotspot/share/opto/library_call.cpp#L4302-L4305
> 
> This happens when C2's type system determines that the type of the object that we cast implements an interface other than `Serializable` or `Cloneable` and therefore can't be an array. This is possible since [JDK-8297933](https://bugs.openjdk.org/browse/JDK-8297933). Now unfortunately, control via the layout helper check is not (yet) folded due to:
> https://github.com/openjdk/jdk/blob/c33c1cfe7349ac657cd7bf54861227709d3c8f1b/src/hotspot/share/opto/memnode.cpp#L2215-L2223
> 
> This is probably an oversight from [JDK-8297933](https://bugs.openjdk.org/browse/JDK-8297933). Given that this is a regression in JDK 24, I'm going with a conservative approach of simply checking the cast for top and not using it if that's the case. In addition, I made the code more robust and added a compilation bailout (assert in debug) if an intrinsic produces a `top` result.
> 
> We should then properly fix this by making sure that the layout helper check is folded. I filed [JDK-8348853](https://bugs.openjdk.org/browse/JDK-8348853) for this.
> 
> Big thanks to @cushon for reporting this just in time for fixing in JDK 24!
> 
> Best regards,
> Tobias

Tobias Hartmann has updated the pull request incrementally with one additional commit since the last revision:

  Added comment

-------------

Changes:
  - all: https://git.openjdk.org/jdk/pull/23331/files
  - new: https://git.openjdk.org/jdk/pull/23331/files/4cf7f864..54fd3894

Webrevs:
 - full: https://webrevs.openjdk.org/?repo=jdk&pr=23331&range=01
 - incr: https://webrevs.openjdk.org/?repo=jdk&pr=23331&range=00-01

  Stats: 2 lines in 1 file changed: 2 ins; 0 del; 0 mod
  Patch: https://git.openjdk.org/jdk/pull/23331.diff
  Fetch: git fetch https://git.openjdk.org/jdk.git pull/23331/head:pull/23331

PR: https://git.openjdk.org/jdk/pull/23331

More information about the graal-dev mailing list