RFR: 8358706: Integer overflow with -XX:MinOopMapAllocation=-1
Paul Hübner
phubner at openjdk.org
Mon Dec 1 14:15:00 UTC 2025
On Mon, 1 Dec 2025 14:00:22 GMT, Casper Norrbin <cnorrbin at openjdk.org> wrote:
> Hi everyone,
>
> Passing a negative value to `-XX:MinOopMapAllocation` could trigger an integer overflow. This value is used as the initial size for the `OopMap` `GrowableArray` list inside `OopMapSet`. Negative inputs hits an assert when allocating for `GrowableArray`. Restricting this flag to positive values ensures we get a clear error message instead of a crash.
>
> Testing:
> - Oracle tier 1
> - Local tests with `-XX:MinOopMapAllocation=x`, covering both valid and invalid values.
src/hotspot/share/runtime/globals.hpp line 1674:
> 1672: \
> 1673: /* new oopmap storage allocation */ \
> 1674: develop(intx, MinOopMapAllocation, 8, \
Shouldn't we also make this an `int` while we're at it since a `GrowableArray`'s length is kept as an `int`?
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/28576#discussion_r2577252382
More information about the hotspot-runtime-dev
mailing list