Missing String bounds checks #3792
Description
Strings in JRuby are currently limited to signed int length. String#* expressly checks for this:
> ./bin/jruby -v -e 'p "blah" * 1_000_000_000'
jruby 9.1.0.0-SNAPSHOT (2.3.0) 2016-04-11 f79afda Java HotSpot(TM) 64-Bit Server VM 25.77-b03 on 1.8.0_77-b03 +jit [linux-x86_64]
ArgumentError: argument too big
* at org/jruby/RubyString.java:1161
<top> at -e:1
However, this bound check isn't carried through to other construction operations. E.g., String#+ ends up wrapping around and a negative length array is created:
> bin/jruby -J-Xmx8g -v -e 'x = "f" * (2**31 - 3); p (x + x).size'
jruby 9.1.0.0-SNAPSHOT (2.3.0) 2016-04-11 f79afda Java HotSpot(TM) 64-Bit Server VM 25.77-b03 on 1.8.0_77-b03 +jit [linux-x86_64]
Unhandled Java exception: java.lang.NegativeArraySizeException
java.lang.NegativeArraySizeException: null
<init> at org/jruby/util/ByteList.java:91
addByteLists at org/jruby/util/StringSupport.java:1630
op_plus19 at org/jruby/RubyString.java:1149
cacheAndCall at org/jruby/runtime/callsite/CachingCallSite.java:313
call at org/jruby/runtime/callsite/CachingCallSite.java:163
<top> at -e:1
invokeWithArguments at java/lang/invoke/MethodHandle.java:627
load at org/jruby/ir/Compiler.java:111
runScript at org/jruby/Ruby.java:825
runScript at org/jruby/Ruby.java:817
runNormally at org/jruby/Ruby.java:755
runFromMain at org/jruby/Ruby.java:576
doRunFromMain at org/jruby/Main.java:425
internalRun at org/jruby/Main.java:310
run at org/jruby/Main.java:239
main at org/jruby/Main.java:201