-
Notifications
You must be signed in to change notification settings - Fork 5.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
8330615: avoid signed integer overflows in zip_util.c readCen / hashN #18908
Conversation
👋 Welcome back mbaesken! A progress list of the required criteria for merging this PR into |
@MBaesken This change now passes all automated pre-integration checks. ℹ️ This project also has non-automated pre-integration requirements. Please see the file CONTRIBUTING.md for details. After integration, the commit message for the final commit will be:
You can use pull request commands such as /summary, /contributor and /issue to adjust it as needed. At the time when this comment was updated there had been 56 new commits pushed to the
As there are no conflicts, your changes will automatically be rebased on top of these commits when integrating. If you prefer to avoid this automatic rebasing, please check the documentation for the /integrate command for further details. ➡️ To integrate this PR with the above commit message to the |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM.
Please have a look at the failing tests and verify the failure is not related to this PR.
Thank you Matthias, for this change. Lance has run some internal CI tests and they have come back fine. I am in the process of running some more CI tests with this change and I should have the results, very likely by tomorrow. Please wait for those results before integrating. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Undefined behavior should always get fixed. Thanks for doing it!
Hi Lutz and Martin, thanks for the reviews! |
Hello Matthias, the tests completed a couple of hours back and no failures related to this change have been observed. Thank you for waiting. |
/integrate |
Going to push as commit 5af6b45.
Your commit was automatically rebased without conflicts. |
In the hashN usages of readCen from zip_util.c we see a lot of signed integer overflows.
For example in the java/util jtreg tests those are easily reproducable when compiling with -ftrapv (clang/gcc toolchains).
While those overflows never seem to cause crashes or similar errors, they are unwanted because
signed integer overflows in C cause undefined behavior.
See
https://www.gnu.org/software/c-intro-and-ref/manual/html_node/Signed-Overflow.html
So we might still get unwanted results (maybe bad/strange hashing, depending on compiler and optimization level).
Compilation with -ftrapv causes/triggers this SIGILL on macOS showing the issue :
Problematic frame:
C [libzip.dylib+0x6362] hashN+0x32
Stack: [0x000070000c496000,0x000070000c596000], sp=0x000070000c5957e0, free space=1021k
Native frames: (J=compiled Java code, j=interpreted, Vv=VM code, C=native code)
C [libzip.dylib+0x6362] hashN+0x32
C [libzip.dylib+0x5d5e] readCEN+0xd2e
C [libzip.dylib+0x4ee0] ZIP_Put_In_Cache0+0x160
V [libjvm.dylib+0x544b1e] ClassLoader::open_zip_file(char const*, char**, JavaThread*)+0x3e
V [libjvm.dylib+0x543fec] ClassLoader::create_class_path_entry(JavaThread*, char const*, stat const*, bool, bool)+0x6c
V [libjvm.dylib+0x543833] ClassLoader::setup_bootstrap_search_path_impl(JavaThread*, char const*)+0xf3
V [libjvm.dylib+0x54819b] classLoader_init1()+0x1b
V [libjvm.dylib+0x92602a] init_globals()+0x3a
V [libjvm.dylib+0x12b3b74] Threads::create_vm(JavaVMInitArgs*, bool*)+0x314
V [libjvm.dylib+0xa848f4] JNI_CreateJavaVM+0x64
C [libjli.dylib+0x4483] JavaMain+0x123
C [libjli.dylib+0x7529] ThreadJavaMain+0x9
C [libsystem_pthread.dylib+0x68fc] _pthread_start+0xe0
C [libsystem_pthread.dylib+0x2443] thread_start+0xf
Progress
Issue
Reviewers
Reviewing
Using
git
Checkout this PR locally:
$ git fetch https://git.openjdk.org/jdk.git pull/18908/head:pull/18908
$ git checkout pull/18908
Update a local copy of the PR:
$ git checkout pull/18908
$ git pull https://git.openjdk.org/jdk.git pull/18908/head
Using Skara CLI tools
Checkout this PR locally:
$ git pr checkout 18908
View PR using the GUI difftool:
$ git pr show -t 18908
Using diff file
Download this PR as a diff file:
https://git.openjdk.org/jdk/pull/18908.diff
Webrev
Link to Webrev Comment