RFR: 8295486: Inconsistent constant field values observed during compilation [v5]

Vladimir Ivanov vlivanov at openjdk.org
Fri Jan 20 18:57:35 UTC 2023 

On Fri, 20 Jan 2023 08:09:52 GMT, Tobias Hartmann <thartmann at openjdk.org> wrote:

>> We hit a "not monotonic" assert because the new type of a load from a stable final field is more narrow than the old type which contradicts the assumption that types should only go from TOP to BOTTOM during CCP:
>> 
>> old: `narrowoop: java/lang/Integer:BotPTR:exact *`
>> new: `narrowoop: java/lang/Integer java.lang.Integer {0x000000062c41e548} ...`
>> 
>> or 
>> 
>> old: `narrowoop: java/lang/Integer java.lang.Integer {0x000000062c41e538} ...`
>> new: `narrowoop: java/lang/Integer java.lang.Integer {0x000000062c41e548} ...`
>> 
>> The problem is that a stable field can be (re-)initialized during compilation and since the value is not cached, contradicting types can be observed. In `LoadNode::Value`, we re-read the field value each time: 
>> 
>> https://github.com/openjdk/jdk/blob/872384707e89d03ede655aad16f360dc94f10152/src/hotspot/share/opto/memnode.cpp#L1994-L1997
>> 
>> https://github.com/openjdk/jdk/blob/872384707e89d03ede655aad16f360dc94f10152/src/hotspot/share/opto/type.cpp#L332-L337
>> 
>> The same problem exists for loads from stable arrays:
>> https://github.com/openjdk/jdk/blob/872384707e89d03ede655aad16f360dc94f10152/src/hotspot/share/opto/memnode.cpp#L1923
>> 
>> Caching the field value is not feasible as it would require a cache per ciInstance for all the fields and per ciArray for all the elements. Alternatively, we could keep track of the lookup and only do it once but that would also be lots of additional complexity for a benign issue.
>> 
>> Instead, I propose to skip verification during CCP when folding loads from stable fields. Non-stable, constant fields are not affected as `null` is a valid value for them and they would already be folded before CCP.
>> 
>> Thanks,
>> Tobias
>
> Tobias Hartmann has updated the pull request incrementally with one additional commit since the last revision:
> 
>   Fix to verification code

src/hotspot/share/ci/ciArray.cpp line 101:

> 99:     value = element_value_impl(elembt, get_arrayOop(), index);
> 100:   )
> 101:   return check_constant_value_cache(index, value);

It still unconditionally goes through VM transition on every call. If you check the cache first and call `element_value_impl()` only when there's a miss, then you can save on state transition when the cache is populated. But you would need additional call to update the cache.

src/hotspot/share/ci/ciObject.cpp line 183:

> 181:   for (int i = 0; i < _constant_values->length(); ++i) {
> 182:     ConstantValue cached_val = _constant_values->at(i);
> 183:     if (cached_val.off() == off) {

I'd also check that basic types matches (either with a runtime check or an assert).

-------------

PR: https://git.openjdk.org/jdk/pull/11861

More information about the hotspot-compiler-dev mailing list