You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@lucene.apache.org by "Christine Poerschke (JIRA)" <ji...@apache.org> on 2015/12/24 11:39:49 UTC
[jira] [Updated] (LUCENE-6948) ArrayIndexOutOfBoundsException in PagedBytes$Reader.fill

     [ https://issues.apache.org/jira/browse/LUCENE-6948?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Christine Poerschke updated LUCENE-6948:
----------------------------------------
    Attachment: LUCENE-6948.patch

Attaching patch against trunk with the fix proposed by Michael, plus two unrelated initialCapacity tweaks which I noticed whilst looking at code in the file.

> ArrayIndexOutOfBoundsException in PagedBytes$Reader.fill
> --------------------------------------------------------
>
>                 Key: LUCENE-6948
>                 URL: https://issues.apache.org/jira/browse/LUCENE-6948
>             Project: Lucene - Core
>          Issue Type: Bug
>          Components: core/search
>    Affects Versions: 4.10.4
>            Reporter: Michael Lawley
>         Attachments: LUCENE-6948.patch
>
>
> With a very large index (in our case > 10G), we are seeing exceptions like:
> java.lang.ArrayIndexOutOfBoundsException: -62400
> 	at org.apache.lucene.util.PagedBytes$Reader.fill(PagedBytes.java:116)
> 	at org.apache.lucene.search.FieldCacheImpl$BinaryDocValuesImpl$1.get(FieldCacheImpl.java:1342)
> 	at org.apache.lucene.search.join.TermsCollector$SV.collect(TermsCollector.java:106)
> 	at org.apache.lucene.search.Weight$DefaultBulkScorer.scoreAll(Weight.java:193)
> 	at org.apache.lucene.search.Weight$DefaultBulkScorer.score(Weight.java:163)
> 	at org.apache.lucene.search.BulkScorer.score(BulkScorer.java:35)
> 	at org.apache.lucene.search.IndexSearcher.search(IndexSearcher.java:621)
> 	at org.apache.lucene.search.IndexSearcher.search(IndexSearcher.java:309)
> The code in question is trying to allocate an array with a negative size.  We believe the source of the error is in org.apache.lucene.search.FieldCacheImpl$BinaryDocValuesImpl$1.get where the following code occurs:
>           final int pointer = (int) docToOffset.get(docID);
>           if (pointer == 0) {
>             term.length = 0;
>           } else {
>             bytes.fill(term, pointer);
>           }
> The cast to int will break if the (long) result of docToOffset.get is too large, and is unnecessary in the first place since bytes.fill takes a long as its second parameter.
> Proposed fix:
>           final long pointer = docToOffset.get(docID);
>           if (pointer == 0) {
>             term.length = 0;
>           } else {
>             bytes.fill(term, pointer);
>           }



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@lucene.apache.org
For additional commands, e-mail: dev-help@lucene.apache.org