[jdk8u-dev] RFR: 8362208: [8u] Buffer overflow in g1GCPhaseTimes.cpp::LineBuffer::_buffer

SendaoYan syan at openjdk.org
Tue Jul 15 06:51:57 UTC 2025 

Hi all,

When running hotspot/test/gc/g1/TestG1TraceEagerReclaimHumongousObjects.java on a CPU with more than 200 physical threads, the jvm will crashes. The reason is that the testcase turn on the gc log, which prints the statistics of each gc thread. If the machine has more cores, more gc threads will be turned on (143 gc threads on a machine with 224 physical threads). In the G1GCParPhasePrinter::print_time_values function (hotspot/src/share/vm/gc_implementation/g1/g1GCPhaseTimes.cpp), the relevant statistics of all gc threads are concatenated into one line, and the string concatenation content is saved in the array defined by g1GCPhaseTimes.cpp::LineBuffer::_buffer. Therefore, on machines with a large number of physical threads, it is easy for the GC log output line length to exceed the predefined buffer size. When the buffer size is exceeded, an error occurs when calling the os::vsnprintf function.
In JDK9, JDK-8150068 refactors the relevant GC log output, so buffer overflow will no longer occur. However, JDK-8150068 is a new feature, and JDK-8150068 cannot be directly backported to jdk8u. In addition, the amount of JDK-8150068 code is large, and the risk of backporting to jdk8u is also very high. Therefore, this PR changes the buffer length to 1024*3 to ensure that there will be no problems with GC log output in some scenarios, and leave a certain margin.

In addition, this PR adds a guarantee statement to ensure that an error is reported before calling os::vsnprintf when the buffer overflows, which is conducive to the rapid location of the problem

Change has been verified locally, risk is low.

Additional testing:

- [ ] jtreg tests include tier1/2/3 etc.. on linux-x64 with release build

-------------

Commit messages:
 - 8362208: [8u] Buffer overflow in g1GCPhaseTimes.cpp::LineBuffer::_buffer

Changes: https://git.openjdk.org/jdk8u-dev/pull/668/files
  Webrev: https://webrevs.openjdk.org/?repo=jdk8u-dev&pr=668&range=00
  Issue: https://bugs.openjdk.org/browse/JDK-8362208
  Stats: 3 lines in 1 file changed: 1 ins; 0 del; 2 mod
  Patch: https://git.openjdk.org/jdk8u-dev/pull/668.diff
  Fetch: git fetch https://git.openjdk.org/jdk8u-dev.git pull/668/head:pull/668

PR: https://git.openjdk.org/jdk8u-dev/pull/668

More information about the jdk8u-dev mailing list