RFR: 8331717: C2: Crash with SIGFPE Because Loop Predication Wrongly Hoists Division Requiring Zero Check [v2]
Quan Anh Mai
qamai at openjdk.org
Wed Dec 18 13:32:40 UTC 2024
On Wed, 18 Dec 2024 12:22:57 GMT, theoweidmannoracle <duke at openjdk.org> wrote:
> IGVN/Idealization will now see that the zero-check-if for 230 DivI is dominated by the zero-check-if for 183 DivI and therefore remove it from the graph and attach 230 DivI to the RangeCheck. This seems a benign and useful transformation in general.
I believe the issue is right there. If a check is removed because it is equivalent to an dominating check, then the `DivI` (as well as all nodes that `depends_only_on_test` needs to be rewired to that dominating check, not to the `Region` that immediately dominates the removed one. In this case, the `230 DivI` needs to be rewired to `175 IfTrue` (the zero check of `183 DivI`), not to `293 RangeCheck`.
If you want to rewire the `DivI` to `293 RangeCheck`, then you need to pin the `DivI`, making it not `depends_only_on_test`. A similar logic can be found in here for array accesses:
https://github.com/openjdk/jdk/blob/8efc5585b74714df6cf8e66853cb63d223534455/src/hotspot/share/opto/ifnode.cpp#L1583
-------------
PR Comment: https://git.openjdk.org/jdk/pull/22666#issuecomment-2551331924
More information about the hotspot-compiler-dev
mailing list