[lworld] Integrated: 8377243: [lworld] HeapAccess<IS_DEST_UNINITIALIZED>::value_copy uses in the runtime are unsound
Axel Boldt-Christmas
aboldtch at openjdk.org
Fri Feb 6 14:01:44 UTC 2026
On Thu, 5 Feb 2026 14:32:44 GMT, Axel Boldt-Christmas <aboldtch at openjdk.org> wrote:
> `IS_DEST_UNINITIALIZED ` is ment to signal to the GC that you cannot read the contents of the field as it is uninitialized. This is used by the compiler which have strict control over its safepoints.
>
> The MemAllocator in the runtime has no such guarantees, and will clear all oop fields before handing the allocated object. These objects can have been seen by the GC and even tenured before the call `HeapAccess<IS_DEST_UNINITIALIZED>::value_copy`. This is unsound. ZGC for example could miss young to old edges if the destination object had been tenured.
>
> I propose we remove these and always use `HeapAccess<>::value_copy`. The behaviour will be the same for value objects which do not contain oops, and correct of values which contains oops. There is the potential in the future to add something along the lines of `IS_DEST_NULL` to provide more static information to the GC to optimise the barriers on. However the gain here is probably negligible.
This pull request has now been integrated.
Changeset: 4518df2c
Author: Axel Boldt-Christmas <aboldtch at openjdk.org>
URL: https://git.openjdk.org/valhalla/commit/4518df2c8d47a42c31cf67977d88652ce5f835c0
Stats: 22 lines in 4 files changed: 0 ins; 12 del; 10 mod
8377243: [lworld] HeapAccess<IS_DEST_UNINITIALIZED>::value_copy uses in the runtime are unsound
Reviewed-by: fparain
-------------
PR: https://git.openjdk.org/valhalla/pull/2048
More information about the valhalla-dev
mailing list