8321974: Crash in ciKlass::is_subtype_of because TypeAryPtr::_klass is not initialized

[TobiHartmann]

JDK-8297933 added code that relies on lazy initialization of the TypeAryPtr::_klass field. However, there are cases when the field is not yet initialized, leading to a null pointer dereference at C2 compilation time.

In the failing case we process a CmpP:

 116  Phi  === 109 160 57  [[ 120 128 128 ]]  #long[int:1..2] (java/lang/Cloneable,java/io/Serializable):NotNull:exact * !jvms: TestSimple::test @ bci:11 (line 32)
  10  Parm  === 3  [[ 173 143 128 40 120 128 94 72 83 ]] Parm0: long[int:>=0] (java/lang/Cloneable,java/io/Serializable):exact * !jvms: TestSimple::test @ bci:-1 (line 29)
 120  CmpP  === _ 10 116  [[ 121 ]]  !jvms: TestSimple::test @ bci:13 (line 32)

CmpPNode::sub performs a subtype check to check if the klasses of its two operands are unrelated. We crash in ciKlass::is_subtype_of because the TypeAryPtr::_klass field is not initialized ( = nullptr) for the 116 Phi operand.

The issue only reproduces with release builds because additional verification code in Type::meet_helper in debug builds calls klass() which leads to eager initialization of the _klass field. When disabling the verification code, the issue also reproduces with debug builds and we hit the this_one->_klass != nullptr && other->_klass != nullptr assert in TypePtr::is_same_java_type_as_helper_for_array.

The fix is to always use the klass() method for accesses which makes sure that the field is properly initialized since the overhead is negligible. The patch also includes some unrelated removal of dead code in TypeAryPtr::compute_klass (after JDK-8297933, the verify argument is always false).

Thanks,
Tobias

---

Progress

• Change must be properly reviewed (1 review required, with at least 1 Reviewer)
• Change must not contain extraneous whitespace
• Commit message must refer to an issue

Issue

• JDK-8321974: Crash in ciKlass::is_subtype_of because TypeAryPtr::_klass is not initialized (Bug - P2)

Reviewers

• Roland Westrelin (@rwestrel - Reviewer)
• Vladimir Kozlov (@vnkozlov - Reviewer)

Reviewing

Using git

Checkout this PR locally:
$ git fetch https://git.openjdk.org/jdk.git pull/17085/head:pull/17085
$ git checkout pull/17085

Update a local copy of the PR:
$ git checkout pull/17085
$ git pull https://git.openjdk.org/jdk.git pull/17085/head

Using Skara CLI tools

Checkout this PR locally:
$ git pr checkout 17085

View PR using the GUI difftool:
$ git pr show -t 17085

Using diff file

Download this PR as a diff file:
https://git.openjdk.org/jdk/pull/17085.diff

Webrev

Link to Webrev Comment

[bridgekeeper]

👋 Welcome back thartmann! A progress list of the required criteria for merging this PR into master will be added to the body of your pull request. There are additional pull request commands available for use with this pull request.

[openjdk]

@TobiHartmann The following label will be automatically applied to this pull request:

• hotspot-compiler

When this pull request is ready to be reviewed, an "RFR" email will be sent to the corresponding mailing list. If you would like to change these labels, use the /label pull request command.

[mlbridge]

Webrevs

• 00: Full (4568433a)

[rwestrel]

Looks good to me.

[openjdk]

@TobiHartmann This change now passes all automated pre-integration checks.

ℹ️ This project also has non-automated pre-integration requirements. Please see the file CONTRIBUTING.md for details.

After integration, the commit message for the final commit will be:

8321974: Crash in ciKlass::is_subtype_of because TypeAryPtr::_klass is not initialized

Reviewed-by: roland, kvn

You can use pull request commands such as /summary, /contributor and /issue to adjust it as needed.

At the time when this comment was updated there had been 1 new commit pushed to the master branch:

• 9320ef9: 8321973: Parallel: Remove unused methods in AdaptiveSizePolicy

Please see this link for an up-to-date comparison between the source branch of this pull request and the master branch.
As there are no conflicts, your changes will automatically be rebased on top of these commits when integrating. If you prefer to avoid this automatic rebasing, please check the documentation for the /integrate command for further details.

➡️ To integrate this PR with the above commit message to the master branch, type /integrate in a new comment.

[TobiHartmann]

Thanks for the quick review, Roland!

[vnkozlov]

Good.

[TobiHartmann]

Thanks for the review, Vladimir!

[TobiHartmann]

/integrate

[openjdk]

Going to push as commit c8ad7b7.
Since your change was applied there have been 3 commits pushed to the master branch:

• cf94854: 8321565: [REDO] Heap dump does not contain virtual Thread stack references
• 7ece9e9: 8321400: java/foreign/TestStubAllocFailure.java fails with code cache exhaustion
• 9320ef9: 8321973: Parallel: Remove unused methods in AdaptiveSizePolicy

Your commit was automatically rebased without conflicts.

[openjdk]

@TobiHartmann Pushed as commit c8ad7b7.

💡 You may see a message that your pull request was closed with unmerged commits. This can be safely ignored.

[TobiHartmann]

/backport jdk22

[openjdk]

@TobiHartmann the backport was successfully created on the branch backport-TobiHartmann-c8ad7b7f in my personal fork of openjdk/jdk22. To create a pull request with this backport targeting openjdk/jdk22:master, just click the following link:

➡️ Create pull request

The title of the pull request is automatically filled in correctly and below you find a suggestion for the pull request body:

Hi all,

This pull request contains a backport of commit c8ad7b7f from the openjdk/jdk repository.

The commit being backported was authored by Tobias Hartmann on 14 Dec 2023 and was reviewed by Roland Westrelin and Vladimir Kozlov.

Thanks!

If you need to update the source branch of the pull then run the following commands in a local clone of your personal fork of openjdk/jdk22:

$ git fetch https://github.com/openjdk-bots/jdk22.git backport-TobiHartmann-c8ad7b7f:backport-TobiHartmann-c8ad7b7f
$ git checkout backport-TobiHartmann-c8ad7b7f
# make changes
$ git add paths/to/changed/files
$ git commit --message 'Describe additional changes made'
$ git push https://github.com/openjdk-bots/jdk22.git backport-TobiHartmann-c8ad7b7f