8155635: C2: Mixed unsafe accesses break alias analysis

Reviewed-by: jrose, kvn
2016-08-25 12:52:18 +03:00 · 2016-08-25 12:52:18 +03:00 · d536ff4377
commit d536ff4377
parent bf0209ffa9
5 changed files with 103 additions and 38 deletions
--- a/hotspot/src/share/vm/opto/compile.cpp
+++ b/hotspot/src/share/vm/opto/compile.cpp
@ -1708,16 +1708,21 @@ Compile::AliasType* Compile::find_alias_type(const TypePtr* adr_type, bool no_cr
  const TypePtr* flat = flatten_alias_type(adr_type);

 #ifdef ASSERT
-  assert(flat == flatten_alias_type(flat), "idempotent");
-  assert(flat != TypePtr::BOTTOM,     "cannot alias-analyze an untyped ptr");
-  if (flat->isa_oopptr() && !flat->isa_klassptr()) {
-    const TypeOopPtr* foop = flat->is_oopptr();
-    // Scalarizable allocations have exact klass always.
-    bool exact = !foop->klass_is_exact() || foop->is_known_instance();
-    const TypePtr* xoop = foop->cast_to_exactness(exact)->is_ptr();
-    assert(foop == flatten_alias_type(xoop), "exactness must not affect alias type");
+  {
+    ResourceMark rm;
+    assert(flat == flatten_alias_type(flat), "not idempotent: adr_type = %s; flat = %s => %s",
+           Type::str(adr_type), Type::str(flat), Type::str(flatten_alias_type(flat)));
+    assert(flat != TypePtr::BOTTOM, "cannot alias-analyze an untyped ptr: adr_type = %s",
+           Type::str(adr_type));
+    if (flat->isa_oopptr() && !flat->isa_klassptr()) {
+      const TypeOopPtr* foop = flat->is_oopptr();
+      // Scalarizable allocations have exact klass always.
+      bool exact = !foop->klass_is_exact() || foop->is_known_instance();
+      const TypePtr* xoop = foop->cast_to_exactness(exact)->is_ptr();
+      assert(foop == flatten_alias_type(xoop), "exactness must not affect alias type: foop = %s; xoop = %s",
+             Type::str(foop), Type::str(xoop));
+    }
  }
-  assert(flat == flatten_alias_type(flat), "exact bit doesn't matter");
 #endif

  int idx = AliasIdxTop;
--- a/hotspot/src/share/vm/opto/library_call.cpp
+++ b/hotspot/src/share/vm/opto/library_call.cpp
@ -2242,8 +2242,8 @@ const TypeOopPtr* LibraryCallKit::sharpen_unsafe_type(Compile::AliasType* alias_

 #ifndef PRODUCT
    if (C->print_intrinsics() || C->print_inlining()) {
-      tty->print("  from base type: ");  adr_type->dump();
-      tty->print("  sharpened value: ");  tjp->dump();
+      tty->print("  from base type:  ");  adr_type->dump(); tty->cr();
+      tty->print("  sharpened value: ");  tjp->dump();      tty->cr();
    }
 #endif
    // Sharpen the value type.
@ -2308,6 +2308,8 @@ bool LibraryCallKit::inline_unsafe_access(bool is_store, const BasicType type, c
  adr = make_unsafe_address(base, offset);
  if (_gvn.type(base)->isa_ptr() != TypePtr::NULL_PTR) {
    heap_base_oop = base;
+  } else if (type == T_OBJECT) {
+    return false; // off-heap oop accesses are not supported
  }

  // Can base be NULL? Otherwise, always on-heap access.
@ -2512,34 +2514,10 @@ bool LibraryCallKit::inline_unsafe_access(bool is_store, const BasicType type, c
      break;
    }

-    if (type != T_OBJECT) {
-      (void) store_to_memory(control(), adr, val, type, adr_type, mo, requires_atomic_access, unaligned, mismatched);
+    if (type == T_OBJECT) {
+      store_oop_to_unknown(control(), heap_base_oop, adr, adr_type, val, type, mo, mismatched);
    } else {
-      // Possibly an oop being stored to Java heap or native memory
-      if (!can_access_non_heap) {
-        // oop to Java heap.
-        (void) store_oop_to_unknown(control(), heap_base_oop, adr, adr_type, val, type, mo, mismatched);
-      } else {
-        // We can't tell at compile time if we are storing in the Java heap or outside
-        // of it. So we need to emit code to conditionally do the proper type of
-        // store.
-
-        IdealKit ideal(this);
-#define __ ideal.
-        // QQQ who knows what probability is here??
-        __ if_then(heap_base_oop, BoolTest::ne, null(), PROB_UNLIKELY(0.999)); {
-          // Sync IdealKit and graphKit.
-          sync_kit(ideal);
-          Node* st = store_oop_to_unknown(control(), heap_base_oop, adr, adr_type, val, type, mo, mismatched);
-          // Update IdealKit memory.
-          __ sync_kit(this);
-        } __ else_(); {
-          __ store(__ ctrl(), adr, val, type, alias_type->index(), mo, requires_atomic_access, mismatched);
-        } __ end_if();
-        // Final sync IdealKit and GraphKit.
-        final_sync(ideal);
-#undef __
-      }
+      store_to_memory(control(), adr, val, type, adr_type, mo, requires_atomic_access, unaligned, mismatched);
    }
  }

--- a/hotspot/src/share/vm/opto/type.cpp
+++ b/hotspot/src/share/vm/opto/type.cpp
@ -1015,6 +1015,13 @@ void Type::dump_on(outputStream *st) const {
    st->print(" [narrowklass]");
  }
 }
+
+//-----------------------------------------------------------------------------
+const char* Type::str(const Type* t) {
+  stringStream ss;
+  t->dump_on(&ss);
+  return ss.as_string();
+}
 #endif

 //------------------------------singleton--------------------------------------
--- a/hotspot/src/share/vm/opto/type.hpp
+++ b/hotspot/src/share/vm/opto/type.hpp
@ -359,6 +359,8 @@ public:
  }
  virtual void dump2( Dict &d, uint depth, outputStream *st ) const;
  static  void dump_stats();
+
+  static const char* str(const Type* t);
 #endif
  void typerr(const Type *t) const; // Mixing types error

--- a/hotspot/test/compiler/unsafe/MixedUnsafeStoreObject.java
+++ b/hotspot/test/compiler/unsafe/MixedUnsafeStoreObject.java
@ -0,0 +1,73 @@
+/*
+ * Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/*
+ * @test
+ * @bug 8155635
+ * @modules java.base/jdk.internal.misc
+ * @run main/othervm -XX:+IgnoreUnrecognizedVMOptions -Xbatch -XX:-TieredCompilation compiler.unsafe.MixedUnsafeStoreObject
+ * @run main/othervm -Xbatch compiler.unsafe.MixedUnsafeStoreObject
+ */
+
+package compiler.unsafe;
+
+import jdk.internal.misc.Unsafe;
+
+public class MixedUnsafeStoreObject {
+    static final Unsafe UNSAFE = Unsafe.getUnsafe();
+
+    static final long F_OFFSET;
+
+    static {
+        try {
+            F_OFFSET = UNSAFE.objectFieldOffset(T.class.getDeclaredField("f"));
+        } catch (Exception e) {
+            throw new Error(e);
+        }
+    }
+
+    static class T {
+        Object f;
+    }
+
+    public static void testFieldInstanceObject(Object t) {
+        for (int c = 0; c < 20000; c++) { // trigger OSR compilation
+            // java/lang/Object+12 *
+            // _base = InstPtr, _ptr = BotPTR, _field = NULL, mismatched = true
+            UNSAFE.putObject(t, F_OFFSET, "foo");
+        }
+    }
+
+    public static void testFieldInstanceT(T t) {
+        for (int c = 0; c < 20000; c++) { // trigger OSR compilation
+            // ...$T+12 *
+            // _base = InstPtr, _ptr = BotPTR, _field = T.f, mismatched = false
+            UNSAFE.putObject(t, F_OFFSET, "foo");
+        }
+    }
+    public static void main(String[] args) {
+        testFieldInstanceObject(new T());
+        testFieldInstanceT(new T());
+    }
+}
+