On Thu, 9 Nov 2023 04:16:25 GMT, Roger Riggs <rri...@openjdk.org> wrote:
>> Strings, after construction, are immutable but may be constructed from
>> mutable arrays of bytes, characters, or integers.
>> The string constructors should guard against the effects of mutating the
>> arrays during construction that might invalidate internal invariants for the
>> correct behavior of operations on the resulting strings. In particular, a
>> number of operations have optimizations for operations on pairs of latin1
>> strings and pairs of non-latin1 strings, while operations between latin1 and
>> non-latin1 strings use a more general implementation.
>>
>> The changes include:
>>
>> - Adding a warning to each constructor with an array as an argument to
>> indicate that the results are indeterminate
>> if the input array is modified before the constructor returns.
>> The resulting string may contain any combination of characters sampled
>> from the input array.
>>
>> - Ensure that strings that are represented as non-latin1 contain at least
>> one non-latin1 character.
>> For latin1 inputs, whether the arrays contain ASCII, ISO-8859-1, UTF8, or
>> another encoding decoded to latin1 the scanning and compression is unchanged.
>> If a non-latin1 character is found, the string is represented as
>> non-latin1 with the added verification that a non-latin1 character is
>> present at the same index.
>> If that character is found to be latin1, then the input array has been
>> modified and the result of the scan may be incorrect.
>> Though a ConcurrentModificationException could be thrown, the risk to an
>> existing application of an unexpected exception should be avoided.
>> Instead, the non-latin1 copy of the input is re-scanned and compressed;
>> that scan determines whether the latin1 or the non-latin1 representation is
>> returned.
>>
>> - The methods that scan for non-latin1 characters and their intrinsic
>> implementations are updated to return the index of the non-latin1 character.
>>
>> - String construction from StringBuilder and CharSequence must also be
>> guarded as their contents may be modified during construction.
>
> Roger Riggs has updated the pull request incrementally with three additional
> commits since the last revision:
>
> - Refactored extractCodePoints to avoid multiple resizes if the array was
> modified
> - Replaced isLatin1 implementation with `getChar(buf, ndx) <= 0xff`
> It performs better than the single byte array access by avoiding the
> bounds check.
> - Misc updates for review comments, javadoc cleanup
> Extra checking on maximum string lengths when calling toBytes().
src/java.base/share/classes/java/lang/StringUTF16.java line 279:
> 277: } else {
> 278: // Pass 1: Compute precise size of char[]; see
> extractCodePoints for caveat
> 279: int estSize = ndx + computeCodePointSize(val, off, end);
To avoid reallocations in `extractCodepoints()`, a way is to profit from the
presence of `latin1[]`, putting `latin1[i] = (byte) (cp >>> 16)`, starting from
`ndx`, while scanning the `val[]` in `computeCodePointSize()` to preserve
information about the upper bits of the codepoint.
Later, while copying the `val[]` codepoints to `utf16[]`, the info in
`latin1[]` is included in the `cp` just read from `val[]`, for example as in
`cp = (cp & 0xffff) | ((latin1[i] & 0xff) << 16)`.
The resulting codepoint would be BMP or supplementary as when it was scanned
during `computeCodePointSize()`, even in presence of later modifications, and
preserving the original value if it wasn't modified in the meantime. Since the
info about a codepoint needing 1 or 2 chars in `utf16[]` is preserved in
`latin1[]`, there should be no need for reallocations.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/16425#discussion_r1389509263
