RFR: JDK-8295865: Several issues with os::realloc [v3]

Fri Nov 11 20:46:31 UTC 2022

On Fri, 4 Nov 2022 07:30:47 GMT, Thomas Stuefe <stuefe at openjdk.org> wrote:

>> There are several issues with os::realloc():
>> 
>> 1) If realloc(3) fails, the original block will be left untouched. That is fine, and the caller may expect this and continue to use the old block, including handing it to os::free() later. But NMT has marked the original block as dead already, and subsequent os::free() or os::realloc() will trigger a false fatal block integrity error. Therefore, if realloc(3) fails, we need to revive the NMT header and re-account the original block before returning.
>> 
>> 2) If handed in very large sizes, the size may overflow if the NMT header is added. The result would be that the VM reallocates to a much smaller buffer which would cause subsequent memory corruption if the caller were to use the buffer (same as JDK-8286519, but for realloc).
>> 
>> 3) If os::realloc() enlarges a buffer, the newly added memory should be zapped with uinitBlockPad as we do for os::malloc(). Of course we only can do this if NMT is enabled, otherwise we won't know the original block size.
>> 
>> ------------------------------
>> 
>> The patch fixes all three issues and adds hopefully thorough enough regression gtests for them. Remember that these gtests will run, as part of the jtreg gtest runners, in all NMT modes.
>> 
>> The largest diff hunk is inside os::realloc(). Note that I separated the two cases NMT=summary/detail and NMT=off, since it makes the coding easier to understand and we also run less code in the standard case of NMT==off.
>
> Thomas Stuefe has updated the pull request with a new target base due to a merge or a rebase. The incremental webrev excludes the unrelated changes brought in by the merge/rebase. The pull request contains five additional commits since the last revision:
> 
>  - Merge branch 'master' into JDK-8295865-Several-issues-os-realloc
>  - Revert "if realloc(3) fails, revive the old header and re-account its size with NMT"
>    
>    This reverts commit 45fe9130e233c3061ace11bc74acc7e2801d12a1.
>  - add clarifying comment about ASSERT/EXPECT helpers
>  - if realloc(3) fails, revive the old header and re-account its size with NMT
>  - Fix various issues with realloc

Hi Thomas, thank you for your changes.

I've read through the code and explored some of NMT and I think that this is a good enhancement, so I will approve it. I believe that there is an elegant solution to the revival of NMT header+footers, but it can wait for a future RFE.

-------------

Marked as reviewed by jsjolen (Committer).

PR: https://git.openjdk.org/jdk/pull/10857