[9] RFR (S): 8134918: C2: Type speculation produces mismatched unsafe accesses
Vladimir Ivanov
vladimir.x.ivanov at oracle.com
Thu Apr 14 16:53:22 UTC 2016
http://cr.openjdk.java.net/~vlivanov/8134918/webrev.00/
https://bugs.openjdk.java.net/browse/JDK-8134918
Type speculation can produce mismatched unsafe accesses.
It injects a guard based on profile data and then propagate type info
down to the users. If there's an unsafe access, it can become mismatched
w.r.t. profile data being used.
It happens even for valid usages. If an unsafe access always matches
memory location at runtime, the code produced by type speculation in
that case is effectively dead.
What cause problems are unsafe OOP accesses (U.putObject()/getObject()
on non-OOP locations).
The fix is to avoid intrinsification of problematic accesses. Type
speculation injects precise type information, which is available during
intrinsification.
We could try to support mismatched unsafe object accesses instead, but I
don't see any value in that.
Testing: JPRT, pit-hs-comp (in progress).
Thanks!
Best regards,
Vladimir Ivanov
More information about the hotspot-compiler-dev
mailing list