|
1 /* |
|
2 * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved. |
|
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
|
4 * |
|
5 * This code is free software; you can redistribute it and/or modify it |
|
6 * under the terms of the GNU General Public License version 2 only, as |
|
7 * published by the Free Software Foundation. |
|
8 * |
|
9 * This code is distributed in the hope that it will be useful, but WITHOUT |
|
10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
|
11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
|
12 * version 2 for more details (a copy is included in the LICENSE file that |
|
13 * accompanied this code). |
|
14 * |
|
15 * You should have received a copy of the GNU General Public License version |
|
16 * 2 along with this work; if not, write to the Free Software Foundation, |
|
17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
|
18 * |
|
19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA |
|
20 * or visit www.oracle.com if you need additional information or have any |
|
21 * questions. |
|
22 * |
|
23 */ |
|
24 |
|
25 #ifndef SHARE_VM_MEMORY_GUARDED_MEMORY_HPP |
|
26 #define SHARE_VM_MEMORY_GUARDED_MEMORY_HPP |
|
27 |
|
28 #include "memory/allocation.hpp" |
|
29 #include "utilities/globalDefinitions.hpp" |
|
30 |
|
31 /** |
|
32 * Guarded memory for detecting buffer overrun. |
|
33 * |
|
34 * Allows allocations to be wrapped with padded bytes of a known byte pattern, |
|
35 * that is a "guard". Guard patterns may be verified to detect buffer overruns. |
|
36 * |
|
37 * Primarily used by "debug malloc" and "checked JNI". |
|
38 * |
|
39 * Memory layout: |
|
40 * |
|
41 * |Offset | Content | Description | |
|
42 * |------------------------------------------------------------ |
|
43 * |base_addr | 0xABABABABABABABAB | Head guard | |
|
44 * |+16 | <size_t:user_size> | User data size | |
|
45 * |+sizeof(uintptr_t) | <tag> | Tag word | |
|
46 * |+sizeof(void*) | 0xF1 <user_data> ( | User data | |
|
47 * |+user_size | 0xABABABABABABABAB | Tail guard | |
|
48 * ------------------------------------------------------------- |
|
49 * |
|
50 * Where: |
|
51 * - guard padding uses "badResourceValue" (0xAB) |
|
52 * - tag word is general purpose |
|
53 * - user data |
|
54 * -- initially padded with "uninitBlockPad" (0xF1), |
|
55 * -- to "freeBlockPad" (0xBA), when freed |
|
56 * |
|
57 * Usage: |
|
58 * |
|
59 * * Allocations: one may wrap allocations with guard memory: |
|
60 * <code> |
|
61 * Thing* alloc_thing() { |
|
62 * void* mem = user_alloc_fn(GuardedMemory::get_total_size(sizeof(thing))); |
|
63 * GuardedMemory guarded(mem, sizeof(thing)); |
|
64 * return (Thing*) guarded.get_user_ptr(); |
|
65 * } |
|
66 * </code> |
|
67 * * Verify: memory guards are still in tact |
|
68 * <code> |
|
69 * bool verify_thing(Thing* thing) { |
|
70 * GuardedMemory guarded((void*)thing); |
|
71 * return guarded.verify_guards(); |
|
72 * } |
|
73 * </code> |
|
74 * * Free: one may mark bytes as freed (further debugging support) |
|
75 * <code> |
|
76 * void free_thing(Thing* thing) { |
|
77 * GuardedMemory guarded((void*)thing); |
|
78 * assert(guarded.verify_guards(), "Corrupt thing"); |
|
79 * user_free_fn(guards.release_for_freeing(); |
|
80 * } |
|
81 * </code> |
|
82 */ |
|
83 class GuardedMemory : StackObj { // Wrapper on stack |
|
84 |
|
85 // Private inner classes for memory layout... |
|
86 |
|
87 protected: |
|
88 |
|
89 /** |
|
90 * Guard class for header and trailer known pattern to test for overwrites. |
|
91 */ |
|
92 class Guard { // Class for raw memory (no vtbl allowed) |
|
93 friend class GuardedMemory; |
|
94 protected: |
|
95 enum { |
|
96 GUARD_SIZE = 16 |
|
97 }; |
|
98 |
|
99 u_char _guard[GUARD_SIZE]; |
|
100 |
|
101 public: |
|
102 |
|
103 void build() { |
|
104 u_char* c = _guard; // Possibly unaligned if tail guard |
|
105 u_char* end = c + GUARD_SIZE; |
|
106 while (c < end) { |
|
107 *c = badResourceValue; |
|
108 c++; |
|
109 } |
|
110 } |
|
111 |
|
112 bool verify() const { |
|
113 u_char* c = (u_char*) _guard; |
|
114 u_char* end = c + GUARD_SIZE; |
|
115 while (c < end) { |
|
116 if (*c != badResourceValue) { |
|
117 return false; |
|
118 } |
|
119 c++; |
|
120 } |
|
121 return true; |
|
122 } |
|
123 |
|
124 }; // GuardedMemory::Guard |
|
125 |
|
126 /** |
|
127 * Header guard and size |
|
128 */ |
|
129 class GuardHeader : Guard { |
|
130 friend class GuardedMemory; |
|
131 protected: |
|
132 // Take care in modifying fields here, will effect alignment |
|
133 // e.g. x86 ABI 16 byte stack alignment |
|
134 union { |
|
135 uintptr_t __unused_full_word1; |
|
136 size_t _user_size; |
|
137 }; |
|
138 void* _tag; |
|
139 public: |
|
140 void set_user_size(const size_t usz) { _user_size = usz; } |
|
141 size_t get_user_size() const { return _user_size; } |
|
142 |
|
143 void set_tag(const void* tag) { _tag = (void*) tag; } |
|
144 void* get_tag() const { return _tag; } |
|
145 |
|
146 }; // GuardedMemory::GuardHeader |
|
147 |
|
148 // Guarded Memory... |
|
149 |
|
150 protected: |
|
151 u_char* _base_addr; |
|
152 |
|
153 public: |
|
154 |
|
155 /** |
|
156 * Create new guarded memory. |
|
157 * |
|
158 * Wraps, starting at the given "base_ptr" with guards. Use "get_user_ptr()" |
|
159 * to return a pointer suitable for user data. |
|
160 * |
|
161 * @param base_ptr allocation wishing to be wrapped, must be at least "GuardedMemory::get_total_size()" bytes. |
|
162 * @param user_size the size of the user data to be wrapped. |
|
163 * @param tag optional general purpose tag. |
|
164 */ |
|
165 GuardedMemory(void* base_ptr, const size_t user_size, const void* tag = NULL) { |
|
166 wrap_with_guards(base_ptr, user_size, tag); |
|
167 } |
|
168 |
|
169 /** |
|
170 * Wrap existing guarded memory. |
|
171 * |
|
172 * To use this constructor, one must have created guarded memory with |
|
173 * "GuardedMemory(void*, size_t, void*)" (or indirectly via helper, e.g. "wrap_copy()"). |
|
174 * |
|
175 * @param user_p existing wrapped memory. |
|
176 */ |
|
177 GuardedMemory(void* userp) { |
|
178 u_char* user_ptr = (u_char*) userp; |
|
179 assert((uintptr_t)user_ptr > (sizeof(GuardHeader) + 0x1000), "Invalid pointer"); |
|
180 _base_addr = (user_ptr - sizeof(GuardHeader)); |
|
181 } |
|
182 |
|
183 /** |
|
184 * Create new guarded memory. |
|
185 * |
|
186 * Wraps, starting at the given "base_ptr" with guards. Allows reuse of stack allocated helper. |
|
187 * |
|
188 * @param base_ptr allocation wishing to be wrapped, must be at least "GuardedMemory::get_total_size()" bytes. |
|
189 * @param user_size the size of the user data to be wrapped. |
|
190 * @param tag optional general purpose tag. |
|
191 * |
|
192 * @return user data pointer (inner pointer to supplied "base_ptr"). |
|
193 */ |
|
194 void* wrap_with_guards(void* base_ptr, size_t user_size, const void* tag = NULL) { |
|
195 assert(base_ptr != NULL, "Attempt to wrap NULL with memory guard"); |
|
196 _base_addr = (u_char*)base_ptr; |
|
197 get_head_guard()->build(); |
|
198 get_head_guard()->set_user_size(user_size); |
|
199 get_tail_guard()->build(); |
|
200 set_tag(tag); |
|
201 set_user_bytes(uninitBlockPad); |
|
202 assert(verify_guards(), "Expected valid memory guards"); |
|
203 return get_user_ptr(); |
|
204 } |
|
205 |
|
206 /** |
|
207 * Verify head and tail guards. |
|
208 * |
|
209 * @return true if guards are intact, false would indicate a buffer overrun. |
|
210 */ |
|
211 bool verify_guards() const { |
|
212 if (_base_addr != NULL) { |
|
213 return (get_head_guard()->verify() && get_tail_guard()->verify()); |
|
214 } |
|
215 return false; |
|
216 } |
|
217 |
|
218 /** |
|
219 * Set the general purpose tag. |
|
220 * |
|
221 * @param tag general purpose tag. |
|
222 */ |
|
223 void set_tag(const void* tag) { get_head_guard()->set_tag(tag); } |
|
224 |
|
225 /** |
|
226 * Return the general purpose tag. |
|
227 * |
|
228 * @return the general purpose tag, defaults to NULL. |
|
229 */ |
|
230 void* get_tag() const { return get_head_guard()->get_tag(); } |
|
231 |
|
232 /** |
|
233 * Return the size of the user data. |
|
234 * |
|
235 * @return the size of the user data. |
|
236 */ |
|
237 size_t get_user_size() const { |
|
238 assert(_base_addr, "Not wrapping any memory"); |
|
239 return get_head_guard()->get_user_size(); |
|
240 } |
|
241 |
|
242 /** |
|
243 * Return the user data pointer. |
|
244 * |
|
245 * @return the user data pointer. |
|
246 */ |
|
247 u_char* get_user_ptr() const { |
|
248 assert(_base_addr, "Not wrapping any memory"); |
|
249 return _base_addr + sizeof(GuardHeader); |
|
250 } |
|
251 |
|
252 /** |
|
253 * Release the wrapped pointer for resource freeing. |
|
254 * |
|
255 * Pads the user data with "freeBlockPad", and dis-associates the helper. |
|
256 * |
|
257 * @return the original base pointer used to wrap the data. |
|
258 */ |
|
259 void* release_for_freeing() { |
|
260 set_user_bytes(freeBlockPad); |
|
261 return release(); |
|
262 } |
|
263 |
|
264 /** |
|
265 * Dis-associate the help from the original base address. |
|
266 * |
|
267 * @return the original base pointer used to wrap the data. |
|
268 */ |
|
269 void* release() { |
|
270 void* p = (void*) _base_addr; |
|
271 _base_addr = NULL; |
|
272 return p; |
|
273 } |
|
274 |
|
275 virtual void print_on(outputStream* st) const; |
|
276 |
|
277 protected: |
|
278 GuardHeader* get_head_guard() const { return (GuardHeader*) _base_addr; } |
|
279 Guard* get_tail_guard() const { return (Guard*) (get_user_ptr() + get_user_size()); }; |
|
280 void set_user_bytes(u_char ch) { |
|
281 memset(get_user_ptr(), ch, get_user_size()); |
|
282 } |
|
283 |
|
284 public: |
|
285 /** |
|
286 * Return the total size required for wrapping the given user size. |
|
287 * |
|
288 * @return the total size required for wrapping the given user size. |
|
289 */ |
|
290 static size_t get_total_size(size_t user_size) { |
|
291 size_t total_size = sizeof(GuardHeader) + user_size + sizeof(Guard); |
|
292 assert(total_size > user_size, "Unexpected wrap-around"); |
|
293 return total_size; |
|
294 } |
|
295 |
|
296 // Helper functions... |
|
297 |
|
298 /** |
|
299 * Wrap a copy of size "len" of "ptr". |
|
300 * |
|
301 * @param ptr the memory to be copied |
|
302 * @param len the length of the copy |
|
303 * @param tag optional general purpose tag (see GuardedMemory::get_tag()) |
|
304 * |
|
305 * @return guarded wrapped memory pointer to the user area, or NULL if OOM. |
|
306 */ |
|
307 static void* wrap_copy(const void* p, const size_t len, const void* tag = NULL); |
|
308 |
|
309 /** |
|
310 * Free wrapped copy. |
|
311 * |
|
312 * Frees memory copied with "wrap_copy()". |
|
313 * |
|
314 * @param p memory returned by "wrap_copy()". |
|
315 * |
|
316 * @return true if guards were verified as intact. false indicates a buffer overrun. |
|
317 */ |
|
318 static bool free_copy(void* p); |
|
319 |
|
320 // Testing... |
|
321 #ifndef PRODUCT |
|
322 static void test_guarded_memory(void); |
|
323 #endif |
|
324 }; // GuardedMemory |
|
325 |
|
326 #endif // SHARE_VM_MEMORY_GUARDED_MEMORY_HPP |