RFR: 8371637: allocateNativeInternal sometimes return incorrectly aligned memory [v2]

Harald Eilertsen haraldei at openjdk.org
Fri Nov 14 09:47:19 UTC 2025 

On Thu, 13 Nov 2025 21:18:58 GMT, Kim Barrett <kbarrett at openjdk.org> wrote:

>> Harald Eilertsen has updated the pull request incrementally with two additional commits since the last revision:
>> 
>>  - Second try to fix alignment for native segments
>>    
>>    Introducing a helper function as suggested by JornVernee to decide on
>>    the proper alignment based on the segment size.
>>    
>>    This work was sponsored by: The FreeBSD Foundation
>>    
>>    Co-authored-by: JornVernee
>>  - Test that native segments don't overlap
>>    
>>    This work was sponsored by: The FreeBSD Foundation
>
>> However, this assumption does not hold for all allocators. Specifically
>> jemallc, used by libc on FreeBSD will align small allocations on 8 or 4 byte
>> boundaries, respectively.
> 
> For what it's worth, I think the described behavior is non-conforming to the C
> standards before C23. Before C23, the description of the allocation functions
> all say
> 
> "The pointer returned if the allocation succeeds is suitably aligned so that
> it may be assigned to a pointer to any type of object with a fundamental
> alignment requirement and then used to access such an object or an array of
> such objects in the space allocated ... "
> 
> (That's from C11 7.22.3/1. C99 and C17 have the same wording. I can't find my
> copy of C89 right now, but expect it's pretty much the same.)
> 
> DR75 reiterated that the malloc result must be suitably aligned for _any_
> (emphasis in the DR) type.
> https://www.open-std.org/jtc1/sc22/wg14/www/docs/dr_075.html
> 
> A consequence of the pre-C23 behavior is that
> 
> max_align_t* p = malloc(1);
> 
> is always valid. C23 permits that to be UB. (You aren't allowed to create
> misaligned pointers.)
> 
> C23 added the phrase "and size less than or equal to the size requested" after
> "fundamental alignment requirement". I think that's sufficient to permit the
> described behavior. But we're not using C23 (yet), we're using C11.
> 
> I would not be surprised if HotSpot also has code that assumes the result from
> malloc and friends is always aligned to at least max_align_t's alignment.

@kimbarrett 
> For what it's worth, I think the described behavior is non-conforming to the C standards before C23

That may be, but it's nevertheless the behaviour of the allocator used by libc on FreeBSD. It's also something that will only affect very small allocations (8 bytes or less on a 64bit system.)

-------------

PR Comment: https://git.openjdk.org/jdk/pull/28235#issuecomment-3531853568

More information about the core-libs-dev mailing list