Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Array max size auditing and fixes #6671

Merged
merged 5 commits into from May 13, 2021
Merged

Array max size auditing and fixes #6671

merged 5 commits into from May 13, 2021

Conversation

headius
Copy link
Member

@headius headius commented May 12, 2021

This is a follow-up to #6670 that audits other locations we allocate arrays.

@headius
Move buffer length calc to utility method
f97ba53 
This also reduces the fallback maximum to Integer.MAX_VALUE - 2,
which seems to be the actual effective size for allocating a new
array. See jruby#6670.
@headius headius added this to the JRuby 9.2.18.0 milestone May 12, 2021
@headius headius changed the title Move buffer length calc to utility method Array max size auditing and fixes May 12, 2021
@headius headius mentioned this pull request May 12, 2021
Merged
@headius
Copy link
Member Author

headius commented May 12, 2021

Hmm... so it turns out this effective max array size varies across VMs. As pointed out in some answers here, the OpenJDK ArrayList impl uses MAX_VALUE - 8 to be safe, but there does not appear to be any way to query for the actual effective maximum.

https://stackoverflow.com/questions/45196984/is-it-possible-to-query-the-java-vm-to-find-the-maximum-possible-array-size-how

We may want to make our max also MAX_VALUE - 8 since that would correspond to a 64-bit pointer alignment.

@headius
Fix String#* to consider proper max array size
eada15f 
Based on explorations for jruby#6670 we found that the effective max
array size is actually Integer.MAX_VALUE - 2, so this localizes
the multiplication logic and uses that limit as the upper bound.

$ jruby -w -e 'foo = "x" * 2147483645; p :ok'
:ok

$ jruby -w -e 'foo = "x" * 2147483646; p :ok'
ArgumentError: argument too big
       * at org/jruby/RubyString.java:1197
  <main> at -e:1
@headius
Copy link
Member Author

headius commented May 12, 2021

The array size maximum from AbstractCollection (mentioned in the SO answers above) appears to have been refactored into a utility similar to what we have in this PR:

openjdk/jdk@218204b#diff-62a6afd2b76188557fb1b7ccabcfd8398d08eec42983af0c562ef72a588324bf

I think it is probably appropriate for us to use MAX_VALUE - 8 since OpenJDK has normalized on that value.

@headius headius merged commit 35d6d38 into jruby:jruby-9.2 May 13, 2021
@headius headius deleted the array_overflow_fixes branch May 13, 2021 21:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
JRuby 9.2.18.0
Development

Successfully merging this pull request may close these issues.

None yet
1 participant
@headius