JDK-8356184 : C2 MemorySegment: cast invariant Offset to Induction Variable prevents RCE
  • Type: Sub-task
  • Component: hotspot
  • Sub-Component: compiler
  • Affected Version: 25
  • Priority: P4
  • Status: New
  • Resolution: Unresolved
  • Submitted: 2025-05-05
  • Updated: 2025-05-06
Description
Simple MemorySegment long counted loops where a MemorySegement is accessed at an index computed by the sum of the induction variable and an invariant int offset fails to vectorize. This is due to missing RCE because the cast from int to long for IV offset is not necessarily linear.

See the attached test provided by [~epeter]. Run it with
 java -XX:CompileCommand=compileonly,Test1.\* -XX:CompileCommand=printcompilation,Test1.\* -XX:CompileCommand=TraceAutoVectorization,Test1.\*,SW_REJECTIONS,PRECONDITIONS -XX:+TraceNewVectors -XX:+TraceLoopOpts -Xbatch Test1.java
Comments
[~mhassig] To clarify a little: the ConvI2L is not linear, i.e. ConvI2L(i + invar) != ConvI2L(i) + ConvI2L(invar). The int addition may overflow, but the long addition does not overflow. We seem to have a long range check here, which currently does not seem to allow for cases where we are not sure there cannot be an int-overflow. It is also not about a "cast" (CastII, CastLL, CastPP, etc), but rather a "conversion", specifically ConvI2L. Therefore, I would suggest this title instead: C2 MemorySegment: long RangeCheck with ConvI2L(iv + invar) prevents RCE Can you also paste the IR of the long RangeCheck, with the input nodes, so we can see the iv-phi, ConvI2L and invar?
06-05-2025