RFR: JDK-8298908: Instrument Metaspace for ASan [v2]
Justin King
jcking at openjdk.org
Wed Dec 28 05:00:48 UTC 2022
On Sat, 17 Dec 2022 06:48:13 GMT, Justin King <jcking at openjdk.org> wrote:
>> This change instruments Metaspace for ASan. Metaspace allocates memory using `mmap`/`munmap` which ASan is not aware of. Fortunately ASan supports applications [manually poisoning/unpoisoning memory](https://github.com/google/sanitizers/wiki/AddressSanitizerManualPoisoning). ASan is able to detect poisoned memory, similar to `use-after-free`, and will raise an error similarly called `use-after-poison`. This provides and extra layer of defense and confidence.
>>
>> The header `sanitizers/address.h` defines macros for poisoning/unpoisoning memory regions. These macros can be used regardless of build mode. When ASan is not available, they are implemented using a NOOP approach which still compiles the arguments but does so such that they will be stripped out by the compiler due to being unreachable. This helps with maintenance.
>>
>> This also has the added benefit of making [LSan](https://bugs.openjdk.org/browse/JDK-8298445) more accurate and deterministic, as LSan will not look for pointers to malloc memory in poisoned memory regions.
>>
>> IMO the benefit of doing this greatly outweighs the cost.
>
> Justin King has updated the pull request incrementally with one additional commit since the last revision:
>
> Exclude more zapping when ASan is in use
>
> Signed-off-by: Justin King <jcking at google.com>
@dholmes-ora PTAL after the holidays
This seems like good as place as any to discuss the balance between no code changes and to many. IMO the benefit here outweighs the costs, and the changes are minimal.
-------------
PR: https://git.openjdk.org/jdk/pull/11702
More information about the hotspot-runtime-dev
mailing list