As discussed in the review of JDK-8318127, align_up has an (implicit) post-condition that value-to-align <= result. The change that was made was to assert that said post-condition can be achieved by checking the arguments. It didn't do a post-operation check because some cases where that can't be achieved might invoke UB in the operation.
The problem that was encountered was that the MetaspaceShared base calculation (see compute_shared_base) uses align_up in a manner that can overflow, and then attempts to check for that overflow. But an overflow will trip the assertion that was added to align_up. The base calculation needs to be revised to not do that.
https://github.com/openjdk/jdk/blob/15378a785356bdf574e557633d36591f5cfc1610/src/hotspot/share/cds/metaspaceShared.cpp#L215-L242
The problem that was encountered was that the MetaspaceShared base calculation (see compute_shared_base) uses align_up in a manner that can overflow, and then attempts to check for that overflow. But an overflow will trip the assertion that was added to align_up. The base calculation needs to be revised to not do that.
https://github.com/openjdk/jdk/blob/15378a785356bdf574e557633d36591f5cfc1610/src/hotspot/share/cds/metaspaceShared.cpp#L215-L242
- blocks
-
JDK-8346916 [REDO] align_up has potential overflow
-
- Open
-
- links to
-
Commit(master)
openjdk/jdk/1916a777
-
Review(master)
openjdk/jdk/23168