RFR: 8369393: NMT: poison the canaries of malloc header under ASAN build [v16]
Johan Sjölen
jsjolen at openjdk.org
Wed Nov 5 09:29:00 UTC 2025
On Sat, 18 Oct 2025 17:26:26 GMT, Afshin Zafari <azafari at openjdk.org> wrote:
>> NMT can detect malloc'd memory corruption using canary tests at header and footer of every memory region. This can only be done at free time of the memory where NNT checks the canaries and report error if they are not as expected.
>> In this PR, the canary parts also are poisoned using ASAN API to get notified whenever a read/write op is done. on the canary parts. `_size` member of the malloc header is also poisoned, since it is used for finding the footer address.
>
> Afshin Zafari has updated the pull request incrementally with one additional commit since the last revision:
>
> fixed problem after merge
Changes requested by jsjolen (Reviewer).
src/hotspot/share/nmt/mallocHeader.hpp line 91:
> 89: */
> 90:
> 91:
Remove
src/hotspot/share/nmt/mallocHeader.hpp line 155:
> 153:
> 154: uint8_t* footer_address() const { return ((address)this) + sizeof(MallocHeader) + size(); }
> 155:
Why is this moved to the public interface? If it's for the tests, then use a fixture class and a `friend class` declaration in `MallocHeader`.
src/hotspot/share/nmt/mallocHeader.hpp line 189:
> 187: AsanPoisoningHelper aph(&_canary);
> 188: return _canary;
> 189: }
Why is this moved to the public interface?
-------------
PR Review: https://git.openjdk.org/jdk/pull/27685#pullrequestreview-3420743753
PR Review Comment: https://git.openjdk.org/jdk/pull/27685#discussion_r2493630596
PR Review Comment: https://git.openjdk.org/jdk/pull/27685#discussion_r2493643401
PR Review Comment: https://git.openjdk.org/jdk/pull/27685#discussion_r2493641091
More information about the hotspot-runtime-dev
mailing list