# HG changeset patch # User shade # Date 1541805902 -3600 # Sat Nov 10 00:25:02 2018 +0100 # Node ID eef6d06502afa1039e2ee758fa6769f416f032e2 # Parent 5b82f10dc82306d72c5b3a2fdc6b8765daa60667 8211926: Catastrophic size_t underflow in BitMap::*_large methods Reviewed-by: kbarrett diff --git a/src/hotspot/share/utilities/bitMap.cpp b/src/hotspot/share/utilities/bitMap.cpp --- a/src/hotspot/share/utilities/bitMap.cpp +++ b/src/hotspot/share/utilities/bitMap.cpp @@ -263,14 +263,24 @@ } } +bool BitMap::is_small_range_of_words(idx_t beg_full_word, idx_t end_full_word) { + // There is little point to call large version on small ranges. + // Need to check carefully, keeping potential idx_t underflow in mind. + // The threshold should be at least one word. + STATIC_ASSERT(small_range_words >= 1); + return (beg_full_word + small_range_words >= end_full_word); +} + void BitMap::set_large_range(idx_t beg, idx_t end) { verify_range(beg, end); idx_t beg_full_word = word_index_round_up(beg); idx_t end_full_word = word_index(end); - assert(end_full_word - beg_full_word >= 32, - "the range must include at least 32 bytes"); + if (is_small_range_of_words(beg_full_word, end_full_word)) { + set_range(beg, end); + return; + } // The range includes at least one full word. set_range_within_word(beg, bit_index(beg_full_word)); @@ -284,7 +294,7 @@ idx_t beg_full_word = word_index_round_up(beg); idx_t end_full_word = word_index(end); - if (end_full_word - beg_full_word < 32) { + if (is_small_range_of_words(beg_full_word, end_full_word)) { clear_range(beg, end); return; } @@ -368,8 +378,10 @@ idx_t beg_full_word = word_index_round_up(beg); idx_t end_full_word = word_index(end); - assert(end_full_word - beg_full_word >= 32, - "the range must include at least 32 bytes"); + if (is_small_range_of_words(beg_full_word, end_full_word)) { + par_at_put_range(beg, end, value); + return; + } // The range includes at least one full word. par_put_range_within_word(beg, bit_index(beg_full_word), value); diff --git a/src/hotspot/share/utilities/bitMap.hpp b/src/hotspot/share/utilities/bitMap.hpp --- a/src/hotspot/share/utilities/bitMap.hpp +++ b/src/hotspot/share/utilities/bitMap.hpp @@ -72,6 +72,10 @@ static const bm_word_t find_ones_flip = 0; static const bm_word_t find_zeros_flip = ~(bm_word_t)0; + // Threshold for performing small range operation, even when large range + // operation was requested. Measured in words. + static const size_t small_range_words = 32; + protected: // Return the position of bit within the word that contains it (e.g., if // bitmap words are 32 bits, return a number 0 <= n <= 31). @@ -117,6 +121,8 @@ static void clear_range_of_words(bm_word_t* map, idx_t beg, idx_t end); + static bool is_small_range_of_words(idx_t beg_full_word, idx_t end_full_word); + // The index of the first full word in a range. idx_t word_index_round_up(idx_t bit) const; diff --git a/src/hotspot/share/utilities/bitMap.inline.hpp b/src/hotspot/share/utilities/bitMap.inline.hpp --- a/src/hotspot/share/utilities/bitMap.inline.hpp +++ b/src/hotspot/share/utilities/bitMap.inline.hpp @@ -237,10 +237,12 @@ } inline void BitMap::set_large_range_of_words(idx_t beg, idx_t end) { + assert(beg <= end, "underflow"); memset(_map + beg, ~(unsigned char)0, (end - beg) * sizeof(bm_word_t)); } inline void BitMap::clear_large_range_of_words(idx_t beg, idx_t end) { + assert(beg <= end, "underflow"); memset(_map + beg, 0, (end - beg) * sizeof(bm_word_t)); } diff --git a/test/hotspot/gtest/utilities/test_bitMap_large.cpp b/test/hotspot/gtest/utilities/test_bitMap_large.cpp new file mode 100644 --- /dev/null +++ b/test/hotspot/gtest/utilities/test_bitMap_large.cpp @@ -0,0 +1,118 @@ +/* + * Copyright (c) 2018, Red Hat Inc. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +#include "precompiled.hpp" +#include "utilities/bitMap.inline.hpp" +#include "unittest.hpp" + +// Bitmap size should be large enough to accept large operations. +static const BitMap::idx_t BITMAP_SIZE = 8192; + +// The test would like to fuzz indexes in this window. Having the fuzz +// window at bitmap word size makes sure the test would touch every combination +// of indexes (un)aligned on word boundary. +static const BitMap::idx_t FUZZ_WINDOW = sizeof(BitMap::bm_word_t) * 8; + +static void verify_set(CHeapBitMap& map, BitMap::idx_t l, BitMap::idx_t r) { + for (BitMap::idx_t c = l; c < r; c++) { + EXPECT_TRUE(map.at(c)); + } +} + +static void verify_unset(CHeapBitMap& map, BitMap::idx_t l, BitMap::idx_t r) { + for (BitMap::idx_t c = l; c < r; c++) { + EXPECT_FALSE(map.at(c)); + } +} + +TEST(BitMap, clear_large_range) { + CHeapBitMap map(BITMAP_SIZE); + + map.set_range(0, BITMAP_SIZE); + verify_set(map, 0, BITMAP_SIZE); + + for (size_t size_class = 0; size_class <= BITMAP_SIZE; size_class = MAX2(1, size_class*2)) { + for (BitMap::idx_t l = 0; l < FUZZ_WINDOW; l++) { + for (BitMap::idx_t tr = l; tr < FUZZ_WINDOW; tr++) { + BitMap::idx_t r = MIN2(BITMAP_SIZE, size_class + tr); // avoid overflow + + map.clear_large_range(l, r); + verify_unset(map, l, r); + verify_set(map, 0, l); + verify_set(map, r, BITMAP_SIZE); + + // Restore cleared + map.set_range(l, r); + verify_set(map, l, r); + } + } + } +} + +TEST(BitMap, set_large_range) { + CHeapBitMap map(BITMAP_SIZE); + + map.clear(); + verify_unset(map, 0, BITMAP_SIZE); + + for (size_t size_class = 0; size_class <= BITMAP_SIZE; size_class = MAX2(1, size_class*2)) { + for (BitMap::idx_t l = 0; l < FUZZ_WINDOW; l++) { + for (BitMap::idx_t tr = l; tr < FUZZ_WINDOW; tr++) { + BitMap::idx_t r = MIN2(BITMAP_SIZE, size_class + tr); // avoid overflow + + map.set_large_range(l, r); + verify_set(map, l, r); + verify_unset(map, 0, l); + verify_unset(map, r, BITMAP_SIZE); + + // Restore set + map.clear_range(l, r); + verify_unset(map, l, r); + } + } + } +} + +TEST(BitMap, par_at_put_large_range) { + CHeapBitMap map(BITMAP_SIZE); + + map.clear(); + verify_unset(map, 0, BITMAP_SIZE); + + for (size_t size_class = 0; size_class <= BITMAP_SIZE; size_class = MAX2(1, size_class*2)) { + for (BitMap::idx_t l = 0; l < FUZZ_WINDOW; l++) { + for (BitMap::idx_t tr = l; tr < FUZZ_WINDOW; tr++) { + BitMap::idx_t r = MIN2(BITMAP_SIZE, size_class + tr); // avoid overflow + + map.par_at_put_large_range(l, r, true); + verify_set(map, l, r); + verify_unset(map, 0, l); + verify_unset(map, r, BITMAP_SIZE); + + // Restore set + map.clear_range(l, r); + verify_unset(map, l, r); + } + } + } +}