RFR: 8339242: Fix overflow issues in AdlArena [v2]
Casper Norrbin
duke at openjdk.org
Tue Sep 3 13:58:20 UTC 2024
On Mon, 2 Sep 2024 11:54:40 GMT, Thomas Stuefe <stuefe at openjdk.org> wrote:
>> Casper Norrbin has updated the pull request incrementally with one additional commit since the last revision:
>>
>> arena realloc overflow check
>
> src/hotspot/share/memory/arena.cpp line 339:
>
>> 337: // See if we can resize in-place
>> 338: if( (c_old+old_size == _hwm) && // Adjusting recent thing
>> 339: ((size_t)(_max-c_old) >= corrected_new_size) ) { // Still fits where it sits, safe from overflow
>
> This change is correct, but it hides an important finding behind a reshuffling of parameters that someone else may innocently reshape later. It also makes the code less readable. Can we use something like saturated_add()?
>
> I would also add an explicit assert for a reasonable max size. Arena allocations should be small. Nobody should hand in sizes larger than a few MB, so asserting for size >= 2^31 (2g) would make sense. Anything as large as that is almost certainly an error we should trap on.
@tstuefe I've now added asserts and changed this check to use saturated adds.
The already existing `saturated_add()` only works on `int`s and `uint`s, so I made a version working on offsetting pointers. We still have to check for overflow (if the pointer addition was saturated), but the code becomes more readable.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/20774#discussion_r1742111702
More information about the hotspot-compiler-dev
mailing list