On Wed, 21 Aug 2024 13:26:58 GMT, Maurizio Cimadamore <mcimadam...@openjdk.org> wrote:
> When working on startup improvements, I noticed that the method handle > returned by `MemoryLayout::offsetHandle` can overflow if the client calls the > handle with a base offset that is too big. > > In other similar situations, the layout API always fails with > `ArithmeticException` (see `MemoryLayout::scale`), so we should do the same > here. > > The fix is to use a `Math::addExact(long, long)` for the outermost add > operation in the computation of the offset method handle. That outermost > computation in fact is the only one that can overflow: it is an addition > between a user-provided base offset `B` and a layout offset `L`. `L` is > guaranteed not to overflow, by construction (as `L` is derived from a layout > path). But `B` + `L` might overflow, so the new logic checks for that. This pull request has now been integrated. Changeset: 1ff9ac72 Author: Maurizio Cimadamore <mcimadam...@openjdk.org> URL: https://git.openjdk.org/jdk/commit/1ff9ac7233d51a58fd54a92d2c45761478574cc7 Stats: 23 lines in 3 files changed: 14 ins; 1 del; 8 mod 8338731: MemoryLayout::offsetHandle can return a negative offset Reviewed-by: pminborg, psandoz ------------- PR: https://git.openjdk.org/jdk/pull/20662
