RFR: 8287244: Add bound check in indexed memory access var handle
Maurizio Cimadamore
mcimadamore at openjdk.java.net
Tue May 24 14:56:39 UTC 2022
On Tue, 24 May 2022 14:51:10 GMT, Maurizio Cimadamore <mcimadamore at openjdk.org> wrote:
>> Constructing indexed var handles using the `MemoryLayout` API produces `VarHandle` which do not check the input indices for out-of-bounds conditions.
>> While this can never result in a VM crash (after all the memory segment will protect against "true" OOB access), it is still possible for an access expression to refer to parts of a segment that are logically unrelated.
>>
>> This patch adds a "logical" bound check to all indexed var handles generated using the layout API.
>> Benchmarks are not affected by the check. Users are still able to create custom "unchecked" var handles, using the combinator API in `MethodHandles`.
>
> src/java.base/share/classes/java/lang/foreign/MemoryLayout.java line 537:
>
>> 535: *
>> 536: * <ul>
>> 537: * <li>if {@code F > 0}, then {@code B = ceilDiv(C - S, F)}</li>
>
> These formulas come from the formula for computing the accessed index A:
>
> `A = S + I * F`
>
> And then deriving the value for I, by equating `A = C` (for F > 0) and `A = -1` (for F < 0) - that is equating the accessed index to the "first" out of bound index. `ceilDiv` ensures there is "some room" between the max/min index and the selected one.
Note also that these complex bound calculation are performed statically, when we build the layout path. When we're done, we just have an upper bound, which we can check against using `Objects.checkIndex`.
-------------
PR: https://git.openjdk.java.net/jdk/pull/8868
More information about the core-libs-dev
mailing list