[jdk21u-dev] RFR: 8358334: C2/Shenandoah: incorrect execution with Unsafe
William Kemper
wkemper at openjdk.org
Thu Jun 19 18:28:35 UTC 2025
On Wed, 18 Jun 2025 13:48:14 GMT, Roland Westrelin <roland at openjdk.org> wrote:
> Patch doesn't apply cleanly:
>
> - jdk21u still has IU barriers: context for some of the changes is
> different.
>
> - Because of IU barriers, there's an extra call to `fix_ctrl()` for
> which the renaming to `nodes_above_barriers` must be applied.
>
> - The initial patch makes a subtle change that doesn't affect jdk
> 25/26 in the code that was
> refactored. `ShenandoahBarrierC2Support::push_data_inputs_at_control()`
> is introduced with logic:
>
> if (in != nullptr && phase->has_ctrl(in) && phase->get_ctrl(in) == ctrl) {
>
>
> which replaces the same logic in
> `ShenandoahBarrierC2Support::fix_ctrl()` but also a slightly
> different logic in
> `ShenandoahBarrierC2Support::is_dominator_same_ctrl()`:
>
>
> if (m->in(i) != nullptr && phase->ctrl_or_self(m->in(i)) == c) {
>
>
> that is, it uses `ctrl_or_self()` which works for both data nodes
> and control nodes but the new method uses `has_ctrl(in) &&
> get_ctrl(in)` which can only be true for data nodes. That change
> causes failures in jdk 21 again because of IU barriers that produce
> a new memory state when expanded and need the logic from
> `MemoryGraphFixer`. What I propose in this backport to be on the
> safe side is to leave
> `ShenandoahBarrierC2Support::is_dominator_same_ctrl()` alone (not
> apply that part of the refactoring).
>
> Tested with hotspot_gc_shenandoah + tier1 with -XX:+UseShenandoahGC
My approval doesn't count for anything here, but in case it helps grease the wheels: I ran this test without the patch and observed it fail. I ran the test with the patch and observed it pass. Thank you for the backport!
-------------
Marked as reviewed by wkemper (Author).
PR Review: https://git.openjdk.org/jdk21u-dev/pull/1901#pullrequestreview-2943789176
More information about the jdk-updates-dev
mailing list