Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8306544

Integer arithmetic overflow in hash functions for some Type classes

XMLWordPrintable

      The class Type has a virtual function "hash()". Many of the subclasses implement this function by performing arithmetic (typically summing) values or hash codes of components.

      Some of those implementations combine the components using java_add, which is safe from overflow. (Though this is arguably an abuse of that function. The description of that suite of functions suggests their purpose is to emulate Java operations, not for "general-purpose arithmetic".)

      However, many others use ordinary "operator+" or "operator+=" to sum or accumulate values from components, with the values involved being signed integers. Many (all?) of these have the potential to overflow, which is UB. Probably in most or all of these such overflow won't be detected, and the compiler will normally generate code that happens to implicitly wrap. And negative hash codes seem to be okay.

      However, enabling UBSAN overflow checking will catch such overflows and complain. And we want to be able to use that sanitizer to help track down real overflow bugs.

      So all of these hash functions need to be examined and made overflow-safe.

      A case in point: enabling gcc -fsanitize=signed-integer-overflow detects an overflow in TypeLong::hash while building the JDK.

      ../../src/hotspot/share/opto/type.cpp:2034:19: runtime error: signed integer overflow: 9223372036854775807 + 9223372036854775807 cannot be represented in type 'long int'

      [I'm filing this as an enhancement rather than a bug, since I'm pretty sure the potential overflow won't cause any problems for normal builds.]

            dfenacci Damon Fenacci
            kbarrett Kim Barrett
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Created:
              Updated:
              Resolved: