RFR: 8274130: C2: MulNode::Ideal chained transformations may act on wrong nodes
Tobias Hartmann
thartmann at openjdk.java.net
Mon Sep 27 06:22:00 UTC 2021
On Wed, 22 Sep 2021 10:12:16 GMT, Aleksey Shipilev <shade at openjdk.org> wrote:
> I was puzzled by it when fixing JDK-8274060. It looks that new optimizations added by [JDK-8273454](https://bugs.openjdk.java.net/browse/JDK-8273454) and [JDK-8263006](https://bugs.openjdk.java.net/browse/JDK-8263006) rewire `in(1)` and `in(2)` in `MulNode::Ideal`, which means the chained transformations should see them? Yet, both inputs and their `Type`-s are cached locally and not refreshed. I have not seen failures due to this yet, but it looks that the current code is subtly incorrect because of this.
>
> I thought about doing `return this` instead of `progress = true`, so that we leave `MulNode::Ideal` once we hit any transform and hope to return back, but I wondered if that would expose us to different graph shapes in-between successive `MulNode::Ideal` calls, which might have other unintended consequences. Therefore, I opted to a more conservative patch.
>
> Additional testing:
> - [x] `compiler/` tests
> - [x] `tier1` tests
> - [x] 100K Fuzzer tests (one unrelated failure)
That looks good to me (I would prefer the pointer asterisk next to the type though).
-------------
Marked as reviewed by thartmann (Reviewer).
PR: https://git.openjdk.java.net/jdk/pull/5631
More information about the hotspot-compiler-dev
mailing list