From d536ff4377834d56a3dac041e2b3666d9a74d7bd Mon Sep 17 00:00:00 2001 From: Vladimir Ivanov Date: Thu, 25 Aug 2016 12:52:18 +0300 Subject: [PATCH] 8155635: C2: Mixed unsafe accesses break alias analysis Reviewed-by: jrose, kvn --- hotspot/src/share/vm/opto/compile.cpp | 23 +++--- hotspot/src/share/vm/opto/library_call.cpp | 36 ++------- hotspot/src/share/vm/opto/type.cpp | 7 ++ hotspot/src/share/vm/opto/type.hpp | 2 + .../unsafe/MixedUnsafeStoreObject.java | 73 +++++++++++++++++++ 5 files changed, 103 insertions(+), 38 deletions(-) create mode 100644 hotspot/test/compiler/unsafe/MixedUnsafeStoreObject.java diff --git a/hotspot/src/share/vm/opto/compile.cpp b/hotspot/src/share/vm/opto/compile.cpp index 518caf6896c..f0b0e398ec1 100644 --- a/hotspot/src/share/vm/opto/compile.cpp +++ b/hotspot/src/share/vm/opto/compile.cpp @@ -1708,16 +1708,21 @@ Compile::AliasType* Compile::find_alias_type(const TypePtr* adr_type, bool no_cr const TypePtr* flat = flatten_alias_type(adr_type); #ifdef ASSERT - assert(flat == flatten_alias_type(flat), "idempotent"); - assert(flat != TypePtr::BOTTOM, "cannot alias-analyze an untyped ptr"); - if (flat->isa_oopptr() && !flat->isa_klassptr()) { - const TypeOopPtr* foop = flat->is_oopptr(); - // Scalarizable allocations have exact klass always. - bool exact = !foop->klass_is_exact() || foop->is_known_instance(); - const TypePtr* xoop = foop->cast_to_exactness(exact)->is_ptr(); - assert(foop == flatten_alias_type(xoop), "exactness must not affect alias type"); + { + ResourceMark rm; + assert(flat == flatten_alias_type(flat), "not idempotent: adr_type = %s; flat = %s => %s", + Type::str(adr_type), Type::str(flat), Type::str(flatten_alias_type(flat))); + assert(flat != TypePtr::BOTTOM, "cannot alias-analyze an untyped ptr: adr_type = %s", + Type::str(adr_type)); + if (flat->isa_oopptr() && !flat->isa_klassptr()) { + const TypeOopPtr* foop = flat->is_oopptr(); + // Scalarizable allocations have exact klass always. + bool exact = !foop->klass_is_exact() || foop->is_known_instance(); + const TypePtr* xoop = foop->cast_to_exactness(exact)->is_ptr(); + assert(foop == flatten_alias_type(xoop), "exactness must not affect alias type: foop = %s; xoop = %s", + Type::str(foop), Type::str(xoop)); + } } - assert(flat == flatten_alias_type(flat), "exact bit doesn't matter"); #endif int idx = AliasIdxTop; diff --git a/hotspot/src/share/vm/opto/library_call.cpp b/hotspot/src/share/vm/opto/library_call.cpp index 9780c4f0764..2fae1704c8f 100644 --- a/hotspot/src/share/vm/opto/library_call.cpp +++ b/hotspot/src/share/vm/opto/library_call.cpp @@ -2242,8 +2242,8 @@ const TypeOopPtr* LibraryCallKit::sharpen_unsafe_type(Compile::AliasType* alias_ #ifndef PRODUCT if (C->print_intrinsics() || C->print_inlining()) { - tty->print(" from base type: "); adr_type->dump(); - tty->print(" sharpened value: "); tjp->dump(); + tty->print(" from base type: "); adr_type->dump(); tty->cr(); + tty->print(" sharpened value: "); tjp->dump(); tty->cr(); } #endif // Sharpen the value type. @@ -2308,6 +2308,8 @@ bool LibraryCallKit::inline_unsafe_access(bool is_store, const BasicType type, c adr = make_unsafe_address(base, offset); if (_gvn.type(base)->isa_ptr() != TypePtr::NULL_PTR) { heap_base_oop = base; + } else if (type == T_OBJECT) { + return false; // off-heap oop accesses are not supported } // Can base be NULL? Otherwise, always on-heap access. @@ -2512,34 +2514,10 @@ bool LibraryCallKit::inline_unsafe_access(bool is_store, const BasicType type, c break; } - if (type != T_OBJECT) { - (void) store_to_memory(control(), adr, val, type, adr_type, mo, requires_atomic_access, unaligned, mismatched); + if (type == T_OBJECT) { + store_oop_to_unknown(control(), heap_base_oop, adr, adr_type, val, type, mo, mismatched); } else { - // Possibly an oop being stored to Java heap or native memory - if (!can_access_non_heap) { - // oop to Java heap. - (void) store_oop_to_unknown(control(), heap_base_oop, adr, adr_type, val, type, mo, mismatched); - } else { - // We can't tell at compile time if we are storing in the Java heap or outside - // of it. So we need to emit code to conditionally do the proper type of - // store. - - IdealKit ideal(this); -#define __ ideal. - // QQQ who knows what probability is here?? - __ if_then(heap_base_oop, BoolTest::ne, null(), PROB_UNLIKELY(0.999)); { - // Sync IdealKit and graphKit. - sync_kit(ideal); - Node* st = store_oop_to_unknown(control(), heap_base_oop, adr, adr_type, val, type, mo, mismatched); - // Update IdealKit memory. - __ sync_kit(this); - } __ else_(); { - __ store(__ ctrl(), adr, val, type, alias_type->index(), mo, requires_atomic_access, mismatched); - } __ end_if(); - // Final sync IdealKit and GraphKit. - final_sync(ideal); -#undef __ - } + store_to_memory(control(), adr, val, type, adr_type, mo, requires_atomic_access, unaligned, mismatched); } } diff --git a/hotspot/src/share/vm/opto/type.cpp b/hotspot/src/share/vm/opto/type.cpp index 84cf9d27ca6..43e47473168 100644 --- a/hotspot/src/share/vm/opto/type.cpp +++ b/hotspot/src/share/vm/opto/type.cpp @@ -1015,6 +1015,13 @@ void Type::dump_on(outputStream *st) const { st->print(" [narrowklass]"); } } + +//----------------------------------------------------------------------------- +const char* Type::str(const Type* t) { + stringStream ss; + t->dump_on(&ss); + return ss.as_string(); +} #endif //------------------------------singleton-------------------------------------- diff --git a/hotspot/src/share/vm/opto/type.hpp b/hotspot/src/share/vm/opto/type.hpp index 8179bc6794b..2cd3a2e835f 100644 --- a/hotspot/src/share/vm/opto/type.hpp +++ b/hotspot/src/share/vm/opto/type.hpp @@ -359,6 +359,8 @@ public: } virtual void dump2( Dict &d, uint depth, outputStream *st ) const; static void dump_stats(); + + static const char* str(const Type* t); #endif void typerr(const Type *t) const; // Mixing types error diff --git a/hotspot/test/compiler/unsafe/MixedUnsafeStoreObject.java b/hotspot/test/compiler/unsafe/MixedUnsafeStoreObject.java new file mode 100644 index 00000000000..e7ff724f528 --- /dev/null +++ b/hotspot/test/compiler/unsafe/MixedUnsafeStoreObject.java @@ -0,0 +1,73 @@ +/* + * Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +/* + * @test + * @bug 8155635 + * @modules java.base/jdk.internal.misc + * @run main/othervm -XX:+IgnoreUnrecognizedVMOptions -Xbatch -XX:-TieredCompilation compiler.unsafe.MixedUnsafeStoreObject + * @run main/othervm -Xbatch compiler.unsafe.MixedUnsafeStoreObject + */ + +package compiler.unsafe; + +import jdk.internal.misc.Unsafe; + +public class MixedUnsafeStoreObject { + static final Unsafe UNSAFE = Unsafe.getUnsafe(); + + static final long F_OFFSET; + + static { + try { + F_OFFSET = UNSAFE.objectFieldOffset(T.class.getDeclaredField("f")); + } catch (Exception e) { + throw new Error(e); + } + } + + static class T { + Object f; + } + + public static void testFieldInstanceObject(Object t) { + for (int c = 0; c < 20000; c++) { // trigger OSR compilation + // java/lang/Object+12 * + // _base = InstPtr, _ptr = BotPTR, _field = NULL, mismatched = true + UNSAFE.putObject(t, F_OFFSET, "foo"); + } + } + + public static void testFieldInstanceT(T t) { + for (int c = 0; c < 20000; c++) { // trigger OSR compilation + // ...$T+12 * + // _base = InstPtr, _ptr = BotPTR, _field = T.f, mismatched = false + UNSAFE.putObject(t, F_OFFSET, "foo"); + } + } + public static void main(String[] args) { + testFieldInstanceObject(new T()); + testFieldInstanceT(new T()); + } +} +