[lworld] Integrated: 8377480: [lworld] incorrect execution due to EA pointer comparison optimization at scalarized call

Roland Westrelin roland at openjdk.org
Thu Feb 12 14:01:03 UTC 2026 

On Wed, 11 Feb 2026 14:05:12 GMT, Roland Westrelin <roland at openjdk.org> wrote:

> EA goes over arguments to a non inlined call and uses
> `BCEscapeAnalyzer` to add edges to the `ConnectionGraph`. With
> valhalla, that code goes over inputs to a `CallNode` using the
> scalarized calling convention and queries `BCEscapeAnalyzer` with the
> index of the argument in the scalarized CC but `BCEscapeAnalyzer` has
> no knowledge of the scalarized CC. So `is_arg_returned()` for instance
> is passed the wrong argument number and EA, as a result, can add
> incorrect edges to the `ConnectionGraph`.
> 
> In the test case:
> 
> 
>     static value class MyValue {
>         Object o;
> 
>         MyValue(Object o) {
>             this.o = o;
>         }
>     }
> 
>     static int test1(Object o) {
>         MyValue v = new MyValue(null);
>         Object res = notInlined(v, o);
>         if (res == null) {
>             return 1;
>         }
>         return 2;
>     }
> 
>     static Object notInlined(MyValue arg1, Object arg2) {
>         return arg2;
>     }
> 
> 
> 2nd argument is returned by `notInlined()`. The second argument in the
> scalarized CC in `test1()` is `Myvalue.o`. So EA deduces that the
> return value of `notInlined()` is `v.o` (which is `null`) instead of
> `o` which is non null.
> 
> With this EA:
> 
>     public static void test2() {
>         MyValue arg = new MyValue(null);
>         MyValue res = notInlined2(arg);
>         if (res.o != null) {
>             throw new RuntimeException("never taken");
>         }
>     }
>     
>     static MyValue notInlined2(MyValue v) {
>         return v;
>     }
> 
> 
> 
> the fixed logic connects the return of `notInlined2` with `v.o`.

This pull request has now been integrated.

Changeset: 38124ce0
Author:    Roland Westrelin <roland at openjdk.org>
URL:       https://git.openjdk.org/valhalla/commit/38124ce094f42dc446e4499bd9d1a85443b34ca3
Stats:     260 lines in 8 files changed: 247 ins; 3 del; 10 mod

8377480: [lworld] incorrect execution due to EA pointer comparison optimization at scalarized call

Reviewed-by: thartmann

-------------

PR: https://git.openjdk.org/valhalla/pull/2079

More information about the valhalla-dev mailing list