RFR: 8342504: Remove NMT header and footer canaries

[Johan Sjölen]

On Mon, 18 Nov 2024 11:56:51 GMT, Afshin Zafari <azafari at openjdk.org> wrote:

>> Today NMT has two canaries: A header and a footer canary. These enable mainly two things:
>> 
>> 1. For NMT to aid in describing a pointer
>> 2. A basic form of out-of-bounds protection
>> 
>> With the introduction of UBSan and Asan into OpenJDK we have gained stronger tools for this sort of analysis, without requiring NMT to be activated. Therefore, I believe that point 2 is no longer something that NMT needs to support. For point number one, we will unfortunately be losing this ability.
>> 
>> I want to delete these canaries to open up a few free bytes. These can allow us to have "practically unlimited" (4 bytes) of memory tags.
>> 
>> tier1-tier2 tests succeeded.
>> 
>> I am awaiting discussion on the Hotspot-dev mailing list, but keeping this PR open for review.
>
> test/hotspot/gtest/nmt/test_nmt_buffer_overflow_detection.cpp line 67:
> 
>> 65: // realloc is the trickiest of the bunch. Test that realloc works and correctly takes over
>> 66: // NMT header and footer to the resized block. We just test that nothing crashes - if the
>> 67: // header/footer get corrupted, NMT heap corruption checker will trigger alert on os::free()).
> 
> After removing canary, can NMT still check memory corruption?

No, not anymore. The canaries are how we perform memory corruption checks. As mentioned in the PR description, I believe that since we have introduced UBSan and ASan it is no longer necessary for NMT to be able to detect memory corruption.

-------------

PR Review Comment: https://git.openjdk.org/jdk/pull/21560#discussion_r1846499201