RFR: 8367129: Move input validation checks to Java for java.lang.StringLatin1 intrinsics [v2]
Raffaello Giulietti
rgiulietti at openjdk.org
Fri Feb 13 14:09:35 UTC 2026
On Thu, 12 Feb 2026 16:11:25 GMT, Volkan Yazici <vyazici at openjdk.org> wrote:
>> Moves input validation checks to Java for `java.lang.StringLatin1` intrinsics. While doing so, affected `java.lang.StringUTF16` methods needed to be updated due to relaxed checks at intrinsics. The javadocs of the touched methods are extensively overhauled.
>
> Volkan Yazici has updated the pull request incrementally with one additional commit since the last revision:
>
> Apply review feedback
src/java.base/share/classes/java/lang/StringLatin1.java line 174:
> 172: String.checkOffset(len2, length(other));
> 173: int lim = Math.min(len1, len2);
> 174: int k = ArraysSupport.mismatch(value, other, lim);
>From the `mismatch()` doc it isn't clear that the returned index (if not negative) is the _smallest_ one locating a mismatch.
Without this guarantee, this `compareTo()` method might return an incorrect value.
src/java.base/share/classes/java/lang/StringLatin1.java line 199:
> 197: // inline_string_compareTo
> 198: @IntrinsicCandidate
> 199: private static int compareToUTF16_0(byte[] value, byte[] other) {
I guess the `_` is to visually separate the 16 from the conventional 0?
Other intrinsics names, e.g., `compareTo0()` do not use a separator.
src/java.base/share/classes/java/lang/StringLatin1.java line 242:
> 240: static int compareToCI(byte[] value, byte[] other) {
> 241: int len1 = value.length; // Implicit null check on `value`
> 242: int len2 = other.length; // Implicit null check on `other`
Alternatively, if you prefer
Suggestion:
int len1 = value.length; // fail fast on null
int len2 = other.length; // fail fast on null
src/java.base/share/classes/java/lang/StringLatin1.java line 265:
> 263: static int compareToCI_UTF16(byte[] value, byte[] other) {
> 264: Objects.requireNonNull(value);
> 265: Objects.requireNonNull(other);
You could leave these checks out and rely on the following two lines for a fast fail on `null`, similarly to the latin1 case above.
But adding the checks looks cleaner.
src/java.base/share/classes/java/lang/StringLatin1.java line 428:
> 426: *
> 427: * @throws NullPointerException if {@code value} is null
> 428: * @throws StringIndexOutOfBoundsException if the sub-ranges are out of bounds
Suggestion:
* @throws StringIndexOutOfBoundsException if the sub-range is out of bounds
src/java.base/share/classes/java/lang/StringLatin1.java line 508:
> 506: @IntrinsicCandidate
> 507: private static int indexOf0(byte[] value, int valueToIndex, byte[] str, int strToIndex, int valueFromIndex) {
> 508: byte first = str[0];
There's no protection in the 5 parameter caller agains an empty (0 length) `str`, so this can throw.
I didn't look at the intrinsic to verify whether it assumes `str.length` > 0.
src/java.base/share/classes/java/lang/StringLatin1.java line 1025:
> 1023:
> 1024: /**
> 1025: * Exhaustively copies characters from a Latin-1 string byte array sub-range
Stylistically, why "Exhaustively"?
src/java.base/share/classes/java/lang/StringLatin1.java line 1072:
> 1070: static void inflate(byte[] src, int srcOff, byte[] dst, int dstOff, int len) {
> 1071: String.checkBoundsOffCount(srcOff, len, src.length); // Implicit null check on `src`
> 1072: Objects.requireNonNull(dst);
As above, you could rely on `StringUTF16.length(dst)` below to fail fast on `null`.
But it looks fine as it is now.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/28832#discussion_r2804047503
PR Review Comment: https://git.openjdk.org/jdk/pull/28832#discussion_r2804059770
PR Review Comment: https://git.openjdk.org/jdk/pull/28832#discussion_r2804087560
PR Review Comment: https://git.openjdk.org/jdk/pull/28832#discussion_r2804122486
PR Review Comment: https://git.openjdk.org/jdk/pull/28832#discussion_r2804136126
PR Review Comment: https://git.openjdk.org/jdk/pull/28832#discussion_r2804205561
PR Review Comment: https://git.openjdk.org/jdk/pull/28832#discussion_r2804292351
PR Review Comment: https://git.openjdk.org/jdk/pull/28832#discussion_r2804301436
More information about the core-libs-dev
mailing list