RFR: JDK-8049516: sun.security.provider.SeedGenerator throws ArrayIndexOutOfBoundsException

Xuelei Fan xuelei.fan at oracle.com
Wed Sep 21 01:58:11 UTC 2016


   359   while (System.nanoTime() - startTime < 250000000) {
   360       synchronized(this){};
- 361       latch++;
+ 361       latch = (latch + 1) % Integer.MAX_VALUE;
   362   }

This block may be not CPU friendly as it may loop a large amount of 
times in a very short period (250milli).

What's the usage of line 360?  Just for some computation?

367   counter += latch;
The counter variable may be overflow too.

Xuelei

On 9/21/2016 8:57 AM, Jamil Nimeh wrote:
> Hello all,
>
> This fixes a bug found in stress testing where on faster CPUs the latch
> can overflow resulting in a negative array index.  The fix avoids the
> overflow by resetting the latch to 0 when it reaches Integer.MAX_VALUE -
> 1 and will continue increasing from there.
>
> Bug: https://bugs.openjdk.java.net/browse/JDK-8049516
> Webrev: http://cr.openjdk.java.net/~jnimeh/reviews/8049516/webrev.01/
>
> Thanks,
> --Jamil


More information about the security-dev mailing list