RFR: JDK-8295889: NMT preinit code does not handle allocation errors [v2]

[David Holmes]

On Wed, 26 Oct 2022 05:45:33 GMT, Thomas Stuefe <stuefe at openjdk.org> wrote:

>> The NMT preinit allocator (used for os::malloc and friends before the VM is initialized) does not handle malloc errors, nor does it handle overflows due to large sizes (it uses malloc headers too). Both cases need to be handled.
>> 
>> However, we can keep matters very simple. No need to propagate errors up to the caller; we can just fatal out on errors here since, in this phase, there is no alternative for failed allocations.
>
> Thomas Stuefe has updated the pull request incrementally with one additional commit since the last revision:
> 
>   assert overflows (debug+release)

Overflow is really only a concern if the incoming value could be user-supplied/influenced. For pure VM code an assert would suffice to guard against accident (mainly via whitebox or other test code that might try to hit edge cases).

src/hotspot/share/services/nmtPreInit.cpp line 55:

> 53: NMTPreInitAllocation* NMTPreInitAllocation::do_alloc(size_t payload_size) {
> 54:   const size_t outer_size = sizeof(NMTPreInitAllocation) + payload_size;
> 55:   guarantee(outer_size > payload_size, "Overflow");

I was suggesting an assertion as this is a VM programming error we should catch during testing in't it?

-------------

PR: https://git.openjdk.org/jdk/pull/10855