RFR (S) 8211926: Catastrophic size_t underflow in BitMap::*_large methods
Kim Barrett
kim.barrett at oracle.com
Tue Nov 6 11:53:29 UTC 2018
> On Nov 5, 2018, at 7:07 PM, Kim Barrett <kim.barrett at oracle.com> wrote:
Some more comments
------------------------------------------------------------------------------
src/hotspot/share/utilities/bitMap.cpp
269 idx_t beg_full_word = word_index_round_up(beg);
Pre-existing: Note that word_index_round_up can overflow, not that
it's a practical concern. See JDK-8213415.
------------------------------------------------------------------------------
src/hotspot/share/utilities/bitMap.cpp
272 if ((end_full_word < beg_full_word) || (end_full_word - beg_full_word < BitsPerWord)) {
Rather than adding an additional check to prevent reaching the
underflow, consider something like the following, which doesn’t
have any under/overflow to worry about.
// Treat range as small if not more than this many words.
const idx_t small_word_count = 32;
idx_t beg_full_word = word_index(beg);
idx_t end_full_word = word_index(end);
if (beg_full_word + small_word_count >= end_full_word) {
return set_range(beg, end);
}
if (!is_word_aligned(beg)) {
++beg_full_word;
set_range_within_word(beg, bit_index(beg_full_word));
}
set_large_range_of_words(beg_full_word, end_full_word);
set_range_within_word(bit_index(end_full_word, end);
------------------------------------------------------------------------------
More information about the hotspot-dev
mailing list