8216549: Mismatched unsafe access to non escaping object fails
Reviewed-by: vlivanov, kvn, thartmann
--- a/src/hotspot/share/opto/escape.cpp Fri Jan 11 11:42:23 2019 -0800
+++ b/src/hotspot/share/opto/escape.cpp Fri Jan 11 10:03:00 2019 +0100
@@ -1727,7 +1727,8 @@
//
Node* n = field->ideal_node();
for (DUIterator_Fast imax, i = n->fast_outs(imax); i < imax; i++) {
- if (n->fast_out(i)->is_LoadStore()) {
+ Node* u = n->fast_out(i);
+ if (u->is_LoadStore() || (u->is_Mem() && u->as_Mem()->is_mismatched_access())) {
jobj->set_scalar_replaceable(false);
return;
}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/test/hotspot/jtreg/compiler/unsafe/MismatchedUnsafeLoadFromNewObject.java Fri Jan 11 10:03:00 2019 +0100
@@ -0,0 +1,93 @@
+/*
+ * Copyright (c) 2019, Red Hat, Inc. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/*
+ * @test
+ * @bug 8216549
+ * @summary Mismatched unsafe access to non escaping object fails
+ *
+ * @modules java.base/jdk.internal.misc
+ * @run main/othervm -XX:-UseOnStackReplacement -XX:-BackgroundCompilation MismatchedUnsafeLoadFromNewObject
+ */
+
+import java.lang.reflect.Field;
+import jdk.internal.misc.Unsafe;
+
+public class MismatchedUnsafeLoadFromNewObject {
+ public volatile int f_int = -1;
+ public volatile int f_int2 = -1;
+
+ public static Unsafe unsafe = Unsafe.getUnsafe();
+ public static final long f_int_off;
+ public static final long f_int2_off;
+
+ static {
+ Field f_int_field = null;
+ Field f_int2_field = null;
+ try {
+ f_int_field = MismatchedUnsafeLoadFromNewObject.class.getField("f_int");
+ f_int2_field = MismatchedUnsafeLoadFromNewObject.class.getField("f_int2");
+ } catch (Exception e) {
+ System.out.println("reflection failed " + e);
+ e.printStackTrace();
+ }
+ f_int_off = unsafe.objectFieldOffset(f_int_field);
+ f_int2_off = unsafe.objectFieldOffset(f_int2_field);
+ }
+
+ static public void main(String[] args) {
+ for (int i = 0; i < 20_000; i++) {
+ byte res = test1();
+ if (res != -1) {
+ throw new RuntimeException("Incorrect result: " + res);
+ }
+ res = test2();
+ if (res != -1) {
+ throw new RuntimeException("Incorrect result: " + res);
+ }
+ int res2 = test3();
+ if (res2 != -1) {
+ throw new RuntimeException("Incorrect result: " + res2);
+ }
+ }
+ }
+
+ static byte test1() {
+ MismatchedUnsafeLoadFromNewObject t = new MismatchedUnsafeLoadFromNewObject();
+ return unsafe.getByte(t, f_int_off);
+ }
+
+ static byte test2() {
+ MismatchedUnsafeLoadFromNewObject t = new MismatchedUnsafeLoadFromNewObject();
+ return unsafe.getByte(t, f_int_off+1);
+ }
+
+ static int test3() {
+ MismatchedUnsafeLoadFromNewObject t = new MismatchedUnsafeLoadFromNewObject();
+ if (f_int_off < f_int2_off) {
+ return unsafe.getIntUnaligned(t, f_int_off+1);
+ } else {
+ return unsafe.getIntUnaligned(t, f_int2_off+1);
+ }
+ }
+}