RFR: JDK-8049516: sun.security.provider.SeedGenerator throws ArrayIndexOutOfBoundsException
Xuelei Fan
xuelei.fan at oracle.com
Wed Sep 21 01:58:11 UTC 2016
359 while (System.nanoTime() - startTime < 250000000) {
360 synchronized(this){};
- 361 latch++;
+ 361 latch = (latch + 1) % Integer.MAX_VALUE;
362 }
This block may be not CPU friendly as it may loop a large amount of
times in a very short period (250milli).
What's the usage of line 360? Just for some computation?
367 counter += latch;
The counter variable may be overflow too.
Xuelei
On 9/21/2016 8:57 AM, Jamil Nimeh wrote:
> Hello all,
>
> This fixes a bug found in stress testing where on faster CPUs the latch
> can overflow resulting in a negative array index. The fix avoids the
> overflow by resetting the latch to 0 when it reaches Integer.MAX_VALUE -
> 1 and will continue increasing from there.
>
> Bug: https://bugs.openjdk.java.net/browse/JDK-8049516
> Webrev: http://cr.openjdk.java.net/~jnimeh/reviews/8049516/webrev.01/
>
> Thanks,
> --Jamil
More information about the security-dev
mailing list