8361433: [Big Endian] assert(verify_guards()) failed: Expected valid memory guards after 8357601 #26140
Conversation
…memory guards after 8357601
|
👋 Welcome back mdoerr! A progress list of the required criteria for merging this PR into |
|
❗ This change is not yet ready to be integrated. |
|
@TheRealMDoerr The following label will be automatically applied to this pull request:
When this pull request is ready to be reviewed, an "RFR" email will be sent to the corresponding mailing list. If you would like to change these labels, use the /label pull request command. |
Webrevs
|
| @@ -119,7 +119,7 @@ class GuardedMemory : StackObj { // Wrapper on stack | |||
| // We may not be able to dereference directly so use | |||
| // SafeFetch. It doesn't matter if the value read happens | |||
| // to be 0xFF as that is not what we expect anyway. | |||
| u_char val = (u_char) SafeFetch32((int*)c, 0xFF); | |||
| u_char val = (u_char) (SafeFetch32((int*)c, 0xFF) BIG_ENDIAN_ONLY(>> 24)); | |||
There was a problem hiding this comment.
Your fix is fine. Pre-existing: I wonder about the SafeFetch. A byte pointer traverses byte-wise over the memory. We use it to load a 32-bit value via SafeFetch32. 3/4 of those loads will be unaligned and also redundant. (I am surprised the unaligned access works on all platforms).
The guards themselves can be located at unaligned addresses I think, so we cannot just use int loads. Therefore I would have just used the old code without safefetch but preceded it with a safefetch check:
u_char* c = (u_char*) _guard;
+ if (!os::is_readable_pointer(align_up(c, BytesPerInt))) {
+ return false;
+ }
u_char* end = c + GUARD_SIZE;
while (c < end) {
if (*c != badResourceValue) {
return false;
}
c++;
}
I think that would be pragmatic since the guard is only 16 byte and the chance of a guard straddling a page boundary is very small. But if one wanted to be more careful, one could use os::is_readable_range() instead.
@dholmes-ora does this make sense?
There was a problem hiding this comment.
Thanks, Thomas! I've changed to use os::is_readable_range(). Note that alignment is already handled inside of that function. Please take a look!
There was a problem hiding this comment.
@TheRealMDoerr , @tstuefe let me do a backout of JDK-8357601 in the morning. I need that fix to be complete and safe so it can be backported in a simple manner. Thanks.
I will look into @tstuefe suggested alternative.
|
The original change has been backed out. Sorry for the inconvenience, and thanks for the suggested fix. |
|
Will be handled by JDK-8361447. |
Big Endian fix for JDK-8357601.
Note: The first commit is only a Big Endian fix. The code looks still wrong for platforms which don't support unaligned accesses. Also see
UseUnalignedAccesses.The second commit changes to check
os::is_readable_range().Progress
Issue
Reviewing
Using
gitCheckout this PR locally:
$ git fetch https://git.openjdk.org/jdk.git pull/26140/head:pull/26140$ git checkout pull/26140Update a local copy of the PR:
$ git checkout pull/26140$ git pull https://git.openjdk.org/jdk.git pull/26140/headUsing Skara CLI tools
Checkout this PR locally:
$ git pr checkout 26140View PR using the GUI difftool:
$ git pr show -t 26140Using diff file
Download this PR as a diff file:
https://git.openjdk.org/jdk/pull/26140.diff
Using Webrev
Link to Webrev Comment