RFR: 8305734: BitSet.get(int, int) always returns the empty BitSet when the Integer.MAX VALUE is set

Andy-Tatman duke at openjdk.org
Fri May 5 13:29:18 UTC 2023 

On Sat, 22 Apr 2023 01:26:08 GMT, Chen Liang <liach at openjdk.org> wrote:

> > I would be happy to fill out the CSR, but unfortunately I don't think I am able to currently as I'm not an author on OpenJDK and as such don't have a JBS account. (I reported the bug through the Oracle site, rather than through bugs.openjdk.org .) Would you be able to help out with this?
> 
> You can provide text for the Summary, Problem, Solution, and Specification parts of the CSR in this GitHub pull request, and I can help create a CSR for you with your provided contents. See https://wiki.openjdk.org/display/csr/Fields+of+a+CSR+Request

@liach 
My suggestion for the CSR (on the assumption this is indeed the way we decide to go): 

Summary:
Reject interactions with the bit at position Integer.MAX_VALUE in BitSet. 
This solves issues relating to the overflow of length(), as well as inconsistencies between 1 and 2 parameter versions of the methods set, clear, flip and get.

Problem:
BitSet.length() returns a negative value when Integer.MAX_VALUE is set, such as by using the set(int) method or by passing large arrays to a BitSet constructor. 
This also causes the get(fromIndex, toIndex) method to always return the empty BitSet when passed with valid parameters, regardless of the value of fromIndex and toIndex.

Furthermore, there is a discrepancy between bits that are accessible in a method such as set(int) and a method such as set(int,int). In the second method, because the method goes up to BUT NOT INCLUDING toIndex, it can never access the Integer.MAX_VALUE bit, while the first method can. 

Solution:
Prevent accessing the Integer.MAX_VALUE bit, such as by throwing an exception if methods try to access Integer.MAX_VALUE, such as in set(Integer.MAX_VALUE). 
For the methods that take in arrays and return a BitSet such as valueOf(longs[] longs),
these should specifically check and set the Integer.MAX_VALUE bit to 0 to avoid length() overflowing when wordsInUse refers to the word that contains the Integer.MAX_VALUE bit.

Specification:
length() returns a non-negative number.

In the methods set(int bitIndex), set(int bitIndex, int value), clear(int bitIndex), flip(int bitIndex) and get(int bitIndex), bitIndex must be smaller than Integer.MAX_VALUE. If Integer.MAX_VALUE is used, a IndexOutOfRangeException should be raised.

valueOf(...) ignores bits from bitIndex Integer.MAX_VALUE onwards (inclusive).

Risk:
Low.
Existing users who could set this bit would likely have already encounterd the bug with get(int,int) and length(). 

The change in valueOf(...)'s specifcation already reflects the functionality of the methods, the only change is that it now also applies to the bit at Integer.MAX_VALUE.

-------------

PR Comment: https://git.openjdk.org/jdk/pull/13388#issuecomment-1536259258

More information about the core-libs-dev mailing list