RFR: 8339242: Fix overflow issues in AdlArena [v2]
Kim Barrett
kbarrett at openjdk.org
Mon Sep 2 17:47:18 UTC 2024
On Mon, 2 Sep 2024 14:58:04 GMT, Casper Norrbin <duke at openjdk.org> wrote:
>> src/hotspot/share/memory/arena.cpp line 339:
>>
>>> 337: // See if we can resize in-place
>>> 338: if( (c_old+old_size == _hwm) && // Adjusting recent thing
>>> 339: ((size_t)(_max-c_old) >= corrected_new_size) ) { // Still fits where it sits, safe from overflow
>>
>> This change is correct, but it hides an important finding behind a reshuffling of parameters that someone else may innocently reshape later. It also makes the code less readable. Can we use something like saturated_add()?
>>
>> I would also add an explicit assert for a reasonable max size. Arena allocations should be small. Nobody should hand in sizes larger than a few MB, so asserting for size >= 2^31 (2g) would make sense. Anything as large as that is almost certainly an error we should trap on.
>
> I would support this.
>
> May be possible to just use `saturated_add()`. Would be limited to `max_jint`, but with an assert for sizes above 2^31, that shouldn't be an issue. Will look into it.
Please, not `max_jint`. This limit isn't tied to Java integer semantics. `MAX_INT` might be appropriate.
(Yes, I know they likely have the same value.)
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/20774#discussion_r1741152312
More information about the hotspot-compiler-dev
mailing list