JDK-6477531 : memnode.cpp,100 assert(consistent,"adr_type must match alias idx") triggered during 1st pass of IGVN
  • Type: Bug
  • Component: hotspot
  • Sub-Component: compiler
  • Affected Version: 5.0u8
  • Priority: P4
  • Status: Closed
  • Resolution: Duplicate
  • OS: generic
  • CPU: generic
  • Submitted: 2006-10-03
  • Updated: 2010-12-08
  • Resolved: 2010-12-08
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 7
7Resolved
Related Reports
Duplicate :  
Description
This is a defect discovered by the customer using -XX:+CompileTheWorld option. It has never occured in production. Customer can reproduce this using their own testing framework that allows to compile certain specific inline tree. Customer proposes a proactive fix for this issue (see suggested fix)

--------------------------------------------------------------------
I have encountered a C2 defect related to IGVN and address types.  My
fix is scheduled for a release, so I'd like to get a review from Sun.

Symptom in v1.5.0_08:
 memnode.cpp,100 assert(consistent,"adr_type must match alias idx")

I looked for a possible fix in 6.0, but did not notice anything, and
didn't see a report in the Sun bug database.  I haven't been able to
test with 6.0 yet.

The assert occurs during the first pass of IGVN.

Before IGVN we have an AddP feeding a LoadP.

958	AddP	=== _ (NULL)  955 (LoadKlass)  955 (LoadKlass)  957 (ConI)
  [24700958]  Klass:klass java/lang/Object: 02dcdba0:NotNull+280 *

959	LoadP	=== _ (NULL)  1711 (MergeMem)  958 (AddP)
  @klass java/lang/Object: 02dcdba0:NotNull+280 *, idx=22;
  [24700959] Oop:java/lang/Object:NotNull *

During IGVN, the base address of 958-AddP is reduced to a constant:

1714	ConP	===  0 (Root)
  [45801714]  Klass:precise klass java/lang/String:
02dc52d8:Constant:exact *

IGVN pops 959-LoadP before 958-AddP and performs
MemNode::Ideal_common.  Inside MemNode::Ideal_common we have:

const Type *t_adr = phase->type( address ); <= (klass Object+280)
const TypePtr *adr_t = adr_type(); <= (klass String:exact+280)
consistent = phase->C->must_alias(adr_t, alias_idx ); <= false

-----------------------------------------------------------------------
Analysis:

The Object.hashcode native intrinsic loads a vtable entry from the
object's klass using the inexact klass type "klass java/lang/Object
+280".

Type inference later improves the precision of the klass type to
"klass java/lang/String+280".  However, flatten_alias_type() ASSUMES
that all klass fields beyond the initial Klass fields refer to static
fields and gives them a unique alias index.  But in this case, both
types refer to the same data so should have the same alias index.

-----------------------------------------------------------------------

Comments
EVALUATION Licensee provides evaluation and fix in other sections.
05-10-2006

SUGGESTED FIX Fix: +++ in flatten_alias_type if ( offset == Type::OffsetBot || offset < sizeof(Klass) ) { tj = tk = TypeKlassPtr::make( TypePtr::Constant, TypeKlassPtr::OBJECT->klass(), offset ); } + else if( tk->klass()->is_instance_klass() ) { + // ##HP: JAGag16839: adr_type must match alias idx + // (assert in memnode.cpp,100,Ideal_common) + // + // Certain intrinsics (Object.hashcode, Vector.elementAt) + // may load from the vtable, which may alias with + // subklasses. So any vtable access must be flattened. To + // be safe, only grant static fields a unique + // address--their klass is always guaranteed to be exact + // because static fields are not inherited. All other + // instanceKlass fields are flattened to java.lang.Object. + // Non-instance klasses have no inheritance, so need no + // flattening. + // + // We assume the system classes used for intrinsics are loaded. + ciInstanceKlass *k = tk->klass()->as_instance_klass(); + if( !k->contains_static_field_offset( offset ) ) { + tj = tk = TypeKlassPtr::make( TypePtr::Constant, + TypeKlassPtr::OBJECT->klass(), + offset ); + } + else { + // ##HP At this point assume our type is the address + // of a static field, and can safely acquire its own + // alias index. To verify, check the klass exactness. + assert( tk->klass_is_exact(), + "static field type must have exact klass" ); + } + } +++ in ciInstanceKlass +#ifdef HP + bool contains_static_field_offset(int offset) { + assert(is_loaded(), "must be loaded"); + return offset >= _offset_of_static_fields + && offset < (_offset_of_static_fields +(_static_field_size*wordSize)); + } +#endif // HP ----------------------------------------------------------------------- You can reproduce this defect by compiling com/sun/org/apache/xalan/internal/xsltc/runtime/AbstractTranslet:addDecimalF ormat:(Ljava/lang/String;Ljava/text/DecimalFormatSymbols;)V with the following inline tree: @ 12 com.sun.org.apache.xalan.internal.xsltc.runtime.Hashtable::<init>()V not inlined in image bcs: 53+9 invoked: 1 @ 29 java.text.DecimalFormat::<init>()V not inlined in image bcs: 53+171 invoked: 1 @ 39 java.text.DecimalFormat::setDecimalFormatSymbols(Ljava/text/DecimalFormatSym bols;)V not inlined in image bcs: 53+20 invoked: 1 @ 48 com.sun.org.apache.xalan.internal.xsltc.runtime.Hashtable::put(Ljava/lang/Ob ject;Ljava/lang/Object;)Ljava/lang/Object; inline (hot) bcs: 53+160 invoked: 1 @ 19 java.lang.String::hashCode()I inline (hot) bcs: 213+60 invoked: 154 @ 99 com.sun.org.apache.xalan.internal.xsltc.runtime.Hashtable::rehash()V inline (hot) bcs: 273+105 invoked: 1 @ 105 com.sun.org.apache.xalan.internal.xsltc.runtime.Hashtable::put(Ljava/lang/Ob ject;Ljava/lang/Object;)Ljava/lang/Object; inline (hot) bcs: 378+160 invoked: 1 @ 8 java.lang.NullPointerException::<init>()V not inlined in image bcs: 538+5 invoked: 1 Inlining intrinsic virtual jint java.lang.Object.hashCode() @ 99 com.sun.org.apache.xalan.internal.xsltc.runtime.Hashtable::rehash()V not inlined in image bcs: 538+105 invoked: 1 @ 105 com.sun.org.apache.xalan.internal.xsltc.runtime.Hashtable::put(Ljava/lang/Ob ject;Ljava/lang/Object;)Ljava/lang/Object; not inlined in image bcs: 538+160 invoked: 1 @ 113 com.sun.org.apache.xalan.internal.xsltc.runtime.HashtableEntry::<init>()V not inlined in image bcs: 538+5 invoked: 1 @ 113 com.sun.org.apache.xalan.internal.xsltc.runtime.HashtableEntry::<init>()V inline (hot) bcs: 538+5 invoked: 1 @ 1 java.lang.Object::<init>()V inline (hot) bcs: 543+1 invoked: 461
03-10-2006