[9] RFR(S): 8155608: String intrinsic range checks are not strict enough
Vladimir Kozlov
vladimir.kozlov at oracle.com
Thu Apr 28 23:07:08 UTC 2016
In StringUTF16.java should getChars() throw when srcBegin > srcEnd? Or there is check in other place?
Hotspot test changes seems fine but do you really need new helper methods? Why not allocate dst array in TestStringIntrinsicRangeChecks.java?
Thanks,
Vladimir
On 4/28/16 3:45 AM, Tobias Hartmann wrote:
> Hi
>
> please review the following patch:
>
> https://bugs.openjdk.java.net/browse/JDK-8155608
> http://cr.openjdk.java.net/~thartmann/8155608/jdk/webrev.00/
> http://cr.openjdk.java.net/~thartmann/8155608/hotspot/webrev.00/
>
> Some String API methods use StringUTF16.putChar/getChar to read a char value from a byte array. For performance reasons, putChar/getChar is intrinsified by C1/C2 without range checks (like the Unsafe counterparts). The Java callers are responsible for adding the corresponding explicit range checks if necessary.
>
> I noticed that the Java level range checks in StringUTF16::compress(), StringUTF16::getChars() and StringLatin1::inflate() are not strong enough. Offset and length need to be multiplied by two because they index a char value in a byte array. I added a regression test that triggers the problem and also checks the other relevant intrinsics by invoking the methods with different arguments.
>
> Tested with regression test (-Xint/-Xcomp) and RBT (running).
>
> Thanks,
> Tobias
>
More information about the hotspot-dev
mailing list