P4
Unsafe is inherently unsafe and we need to clearly spell out the restrictions put on the values passed in or returned from Unsafe::makePrivateBuffer and Unsafe::finishPrivateBuffer.
To be more specific, a value returned by Unsafe::makePrivateBuffer should be under similar restrictions as a value returned by the bytecode new. Note that the following points may be a little overly restrictive:
- Each larval object created by the bytecode new has a distinct verification type. As a result, a value returned from Unsafe::makePrivateBuffer can only be assigned to a local variable if it is an effectively final variable and there is no other value that can be assigned to that variable in all control paths.
- Each larval object created by the bytecode new can only be passed to a bytecode putfield, or to pass it to a constructor as the receiver. As a result, it is illegal to use the value returned by Unsafe::makePrivateBuffer in any circumstance except passing to Unsafe::putXXX to set the fields of the object, or to Unsafe::finishPrivateBuffer to finalize the larval object and create a non-larval object from the larval one.
- In non-Unsafe execution, after the constructor invocation, the verifier replaces all the values in the current VM state that have the same type as the receiver with a non-larval value. As a result, after invoking Unsafe::finishPrivateBuffer, the larval value must not be used again, and all operations must be performed on the non-larval value returned by the method instead.
- Value passed to Unsafe::finishPrivateBuffer must be returned by Unsafe::makePrivateBuffer.
To be more specific, a value returned by Unsafe::makePrivateBuffer should be under similar restrictions as a value returned by the bytecode new. Note that the following points may be a little overly restrictive:
- Each larval object created by the bytecode new has a distinct verification type. As a result, a value returned from Unsafe::makePrivateBuffer can only be assigned to a local variable if it is an effectively final variable and there is no other value that can be assigned to that variable in all control paths.
- Each larval object created by the bytecode new can only be passed to a bytecode putfield, or to pass it to a constructor as the receiver. As a result, it is illegal to use the value returned by Unsafe::makePrivateBuffer in any circumstance except passing to Unsafe::putXXX to set the fields of the object, or to Unsafe::finishPrivateBuffer to finalize the larval object and create a non-larval object from the larval one.
- In non-Unsafe execution, after the constructor invocation, the verifier replaces all the values in the current VM state that have the same type as the receiver with a non-larval value. As a result, after invoking Unsafe::finishPrivateBuffer, the larval value must not be used again, and all operations must be performed on the non-larval value returned by the method instead.
- Value passed to Unsafe::finishPrivateBuffer must be returned by Unsafe::makePrivateBuffer.
- relates to
-
JDK-8239003 [lworld] C2 should respect larval state when scalarizing
-
- Open
-