RFR: 8374889: C2 VectorAPI: must handle impossible combination of signed cast from float

Tue Jan 13 07:50:16 UTC 2026

On Mon, 12 Jan 2026 19:36:04 GMT, Quan Anh Mai <qamai at openjdk.org> wrote:

>> I found this bug with the Template Framework (Vector API Library extension): https://github.com/openjdk/jdk/pull/28873
>> 
>> In `VectorCastNode::opcode`, we have an assert that we **cannot** have an `unsigned cast from float`, it would be nonsense.
>> https://github.com/openjdk/jdk/blob/2fbe47559e9ba45306bd08c3636647f865a75abd/src/hotspot/share/opto/vectornode.cpp#L1490-L1491
>> 
>> When we intrinsify `VectorSupport.convert`, we get a constant from the VectorAPI, that determines if we have a signed or unsigned cast, and other constants that determine the `from` and `to` types.
>> 
>> At runtime, the VectorAPI implementation can (I assume) never take a path of `unsigned cast from float`.
>> But it seems that nothing prevents the VM from compiling such an (unreachable) path.
>> 
>> Here is how I think it happens:
>> - `AbstractVector::castShape` creates a `C` conversion (lane-wise conversion). So at runtime, we will take the `C` switch-case in `AbstractVector::convert0`.
>> - Profiling can also make the `Z` (lane-wise reinterpret) switch-case live, because of other cast and reinterpret calls that use that code path. And we may not (yet) have proven that the `Z` switch-case is never taken.
>> - So we end up compiling the `Z` path, and call `VectorSupport.convert` with types `float` and `long`. And since the `Z` path sees that the from size is smaller than the to size, we get a `UCAST` (zero extension). Hence, we try to intrinsify a vector unsigned cast from float, and hit the assert.
>> 
>> https://github.com/openjdk/jdk/blob/2fbe47559e9ba45306bd08c3636647f865a75abd/src/jdk.incubator.vector/share/classes/jdk/incubator/vector/AbstractVector.java#L742-L743
>> 
>> That the `Z` path is unreachable for `castShape` seems to be an invariant that only the VectorAPI knows about, and the VM cannot directly know that and determine that it is dead code. Thus, **I propose that we just check for the condition when trying to intrinsify**, and refuse intrinsification if it is violated.
>
> src/hotspot/share/opto/vectorIntrinsics.cpp line 2338:
> 
>> 2336:     // expected to violate this at runtime, but we may compile unreachable code
>> 2337:     // where such impossible combinations arise.
>> 2338:     if (is_ucast && (!is_integral_type(elem_bt_from) || elem_bt_from == T_LONG)) {
> 
> I would suggest eagerly killing this path to be extra sure that it is indeed a dead path and we are not encountering some other issue here.

Hmm, indeed, we could try to put a `Halt` node here, right?
@merykitty How exactly would you do that? Are there places we already do that?

-------------

PR Review Comment: https://git.openjdk.org/jdk/pull/29169#discussion_r2685230666