This is an archive of the discontinued LLVM Phabricator instance.

Differential D101514

[scudo] Use require_constant_initialization
ClosedPublic

Authored by vitalybuka on Apr 29 2021, 1:51 AM.

Details

Reviewers
cryptoad
hctim
Commits
rGd56ef8523c71: [scudo] Use require_constant_initialization
rG7ad4dee3e733: [scudo] Use require_constant_initialization
Summary

Attribute guaranties safe static initialization of globals.

Diff Detail

Event Timeline

vitalybuka created this revision.Apr 29 2021, 1:51 AM
Herald added a subscriber: jfb. · View Herald TranscriptApr 29 2021, 1:51 AM
vitalybuka requested review of this revision.Apr 29 2021, 1:51 AM
Herald added a project: Restricted Project. · View Herald TranscriptApr 29 2021, 1:51 AM
Herald added a subscriber: Restricted Project. · View Herald Transcript
vitalybuka updated this revision to Diff 341439.Apr 29 2021, 1:55 AM

remove ;

vitalybuka mentioned this in D95884: [Scudo] Use GWP-ASan's aligned allocations and fixup postalloc hooks..Apr 29 2021, 1:59 AM
Harbormaster completed remote builds in B101583: Diff 341439.Apr 29 2021, 2:33 AM
Harbormaster completed remote builds in B101582: Diff 341438.
cryptoad added a comment.Apr 29 2021, 7:53 AM

Is this related to the GWP-ASan initialization issues?
I am unclear if we need to rework the init() vs initLinkInitialized() functions as well?

compiler-rt/lib/scudo/standalone/mutex.h
53

{} for Fuchsia as well?

cryptoad added inline comments.Apr 29 2021, 8:16 AM
compiler-rt/lib/scudo/standalone/primary64.h
287–288

This will probably have to be initialized as well for Fuchsia since it's not empty.

302–303

Same here.

vitalybuka marked 3 inline comments as done.Apr 29 2021, 9:52 AM
In D101514#2725659, @cryptoad wrote:

Is this related to the GWP-ASan initialization issues?

Yes. I tried to figure out rules for static initialization and looks like there is no way to be sure for such complex class without attribute or constinit of c++20.

I am unclear if we need to rework the init() vs initLinkInitialized() functions as well?

It's probably unrelated to this patch.

This revision was not accepted when it landed; it landed in state Needs Review.Apr 29 2021, 9:52 AM
This revision was landed with ongoing or failed builds.
Closed by commit rG7ad4dee3e733: [scudo] Use require_constant_initialization (authored by vitalybuka). · Explain Why
This revision was automatically updated to reflect the committed changes.
vitalybuka added a commit: rG7ad4dee3e733: [scudo] Use require_constant_initialization.
vitalybuka reopened this revision.Apr 29 2021, 9:55 AM

Landed by mistake, reverting.

vitalybuka added a reverting change: rGea7618684c51: Revert "[scudo] Use require_constant_initialization".Apr 29 2021, 9:56 AM
vitalybuka updated this revision to Diff 341558.EditedApr 29 2021, 9:57 AM

addressed @cryptoad comments

vitalybuka added a comment.Apr 29 2021, 9:59 AM

I probably missed something for android or Fuchsia, but diagnostics messages make it pretty clear what needs to be initialized and it should be easy to fix during integrations.

Harbormaster completed remote builds in B101666: Diff 341558.Apr 29 2021, 10:45 AM
hctim added inline comments.Apr 29 2021, 3:40 PM
compiler-rt/lib/scudo/standalone/internal_defs.h
54

Judging by https://gcc.gnu.org/bugzilla/show_bug.cgi?id=86974, looks like this isn't supported on gcc (and I see us bumping to c++2a for constinit) :(. Ah well, I guess we only get the diagnostic on clang.

Looking into it further, looks like gcc/clang-O0 don't elide the GWP-ASan dynamic initializer because the parent Scudo allocator is default-initialized, and the GWP-ASan initializer is value-initialized with nonzero values. This patch effectively makes the Scudo allocator's implicit construct constexpr by initializing all its members, and triggers static constant initialization of the Scudo and GWP-ASan allocators.

It looks like https://reviews.llvm.org/D87478 removed the blocker (from https://reviews.llvm.org/D69265#inline-624315) to making Scudo's allocator constexpr, so now this is possible :).

I wrote a comment for posterity that would be good to include here, as it hopefully helps with debugging:

// This check is only available on Clang. This is essentialy an alias of C++20's
// 'constinit' specifier which will take care of this when (if?) we can ask all
// libc's that use Scudo to compile us with C++20. Dynamic initialization is
// bad; Scudo is designed to be lazy-initializated on the first call to
// malloc/free (and friends), and this generally happens in the loader somewhere
// in libdl's init. After the loader is done, control is transferred to libc's
// initialization, and the dynamic initializers are run. If there's a dynamic
// initializer for Scudo, then it will clobber the already-initialized Scudo,
// and re-initialize all its members back to default values, causing various
// explosions. Unfortunately, marking scudo::Allocator<>'s constructor as
// 'constexpr' isn't sufficient to prevent dynamic initialization, as default
// initialization is fine under 'constexpr' (but not 'constinit'). Clang at -O0,
// and gcc at all opt levels will emit a dynamic initializer for any
// constant-initialized variables if there is a mix of default-initialized and
// constant-initialized variables.
//
// If you're looking at this because your build failed, you probably introduced
// a new member to scudo::Allocator<> (possibly transiently) that didn't have an
// initializer. The fix is easy - just add one.

While constexpr != constinit, it might be helpful to explicitly define the default constructor for scudo::Allocator<> as constexpr (constexpr Allocator() {}) as well.

vitalybuka added inline comments.Apr 29 2021, 4:56 PM
compiler-rt/lib/scudo/standalone/internal_defs.h
54

Judging by https://gcc.gnu.org/bugzilla/show_bug.cgi?id=86974, looks like this isn't supported on gcc (and I see us bumping to c++2a for constinit) :(. Ah well, I guess we only get the diagnostic on clang.

I guess that's fine. At least on clang if I remove attribute it still makes it const initialized.

Looking into it further, looks like gcc/clang-O0 don't elide the GWP-ASan dynamic initializer because the parent Scudo allocator is default-initialized, and the GWP-ASan initializer is value-initialized with nonzero values. This patch effectively makes the Scudo allocator's implicit construct constexpr by initializing all its members, and triggers static constant initialization of the Scudo and GWP-ASan allocators.

constexpr is not enough https://godbolt.org/z/s51zfv9sE

vitalybuka added inline comments.Apr 29 2021, 4:59 PM
compiler-rt/lib/scudo/standalone/internal_defs.h
54

As part of this patch I had all touched classes as constexpr, but as it's not relevant I reverted them.

hctim added inline comments.Apr 29 2021, 5:07 PM
compiler-rt/lib/scudo/standalone/internal_defs.h
54

I guess that's fine. At least on clang if I remove attribute it still makes it const initialized.

Sorry for any confusion, I mean to say the attribute is good as a defensive layer of compile-time checking and we should definitely keep it, even if it's just for clang.

constexpr is not enough https://godbolt.org/z/s51zfv9sE

Yep, from the comment:

// Unfortunately, marking scudo::Allocator<>'s constructor as
// 'constexpr' isn't sufficient to prevent dynamic initialization, as default
// initialization is fine under 'constexpr' (but not 'constinit')

Although I should have written "it makes the implicit constructor constexpr (this doesn't necessarily fix the problem), and also having no more non-default-initialized members elides the dynamic initializer".

constexpr on the c'tor just gives us a little bit of compile-time diagnostics on gcc (which the attribute is significantly better but clang-only).

vitalybuka added inline comments.Apr 29 2021, 5:08 PM
compiler-rt/lib/scudo/standalone/internal_defs.h
54

according standard "The constexpr specifier declares that it is *possible* to evaluate the value of the function or variable at compile time.", but with -O0 compiler does not bother.

Even O1
O1: https://godbolt.org/z/ov6ecoEqn
O2: https://godbolt.org/z/je4fff4bh

vitalybuka updated this revision to Diff 341717.Apr 29 2021, 5:16 PM

Add comment explaining SCUDO_REQUIRE_CONSTANT_INITIALIZATION

vitalybuka marked an inline comment as done.Apr 29 2021, 5:16 PM
vitalybuka added inline comments.
compiler-rt/lib/scudo/standalone/internal_defs.h
54

Now I see, you are proposing comment :)
I'll add it.

Harbormaster completed remote builds in B101789: Diff 341717.Apr 29 2021, 8:21 PM
vitalybuka marked an inline comment as done.Apr 30 2021, 1:55 PM

ping

hctim accepted this revision.Apr 30 2021, 1:56 PM

LGTM! Thank you!

This revision is now accepted and ready to land.Apr 30 2021, 1:56 PM
This revision was landed with ongoing or failed builds.May 1 2021, 1:47 AM
Closed by commit rGd56ef8523c71: [scudo] Use require_constant_initialization (authored by vitalybuka). · Explain Why
This revision was automatically updated to reflect the committed changes.
vitalybuka added a commit: rGd56ef8523c71: [scudo] Use require_constant_initialization.
hctim mentioned this in D101874: [scudo] Align objects with alignas.May 5 2021, 10:56 AM
vitalybuka mentioned this in D101951: [scudo] Add initialization for TSDRegistrySharedT.May 5 2021, 3:54 PM

Revision Contents

PathSize
compiler-rt/
lib/
scudo/
standalone/
6 lines
28 lines
6 lines
4 lines
4 lines
3 lines
10 lines
24 lines
8 lines
30 lines
6 lines
6 lines
4 lines
6 lines
1 line
2 lines

Diff 342131

compiler-rt/lib/scudo/standalone/combined.h

Show First 20 LinesShow All 938 Lines▼ Show 20 Linesprivate:
// 0 corresponds to the address of the user memory. This means that only // 0 corresponds to the address of the user memory. This means that only
// negative indexes may be used. The smallest index that may be used is -2, // negative indexes may be used. The smallest index that may be used is -2,
// which corresponds to 8 bytes before the user memory, because the chunk // which corresponds to 8 bytes before the user memory, because the chunk
// header size is 8 bytes and in allocators that support memory tagging the // header size is 8 bytes and in allocators that support memory tagging the
// minimum alignment is at least the tag granule size (16 on aarch64). // minimum alignment is at least the tag granule size (16 on aarch64).
static const sptr MemTagAllocationTraceIndex = -2; static const sptr MemTagAllocationTraceIndex = -2;
static const sptr MemTagAllocationTidIndex = -1; static const sptr MemTagAllocationTidIndex = -1;
u32 Cookie; u32 Cookie = 0;
u32 QuarantineMaxChunkSize; u32 QuarantineMaxChunkSize = 0;
GlobalStats Stats; GlobalStats Stats;
PrimaryT Primary; PrimaryT Primary;
SecondaryT Secondary; SecondaryT Secondary;
QuarantineT Quarantine; QuarantineT Quarantine;
TSDRegistryT TSDRegistry; TSDRegistryT TSDRegistry;
#ifdef GWP_ASAN_HOOKS #ifdef GWP_ASAN_HOOKS
Show All 15 Lines struct AllocationRingBuffer {
atomic_uptr Pos; atomic_uptr Pos;
#ifdef SCUDO_FUZZ #ifdef SCUDO_FUZZ
static const uptr NumEntries = 2; static const uptr NumEntries = 2;
#else #else
static const uptr NumEntries = 32768; static const uptr NumEntries = 32768;
#endif #endif
Entry Entries[NumEntries]; Entry Entries[NumEntries];
}; };
AllocationRingBuffer RingBuffer; AllocationRingBuffer RingBuffer = {};
// The following might get optimized out by the compiler. // The following might get optimized out by the compiler.
NOINLINE void performSanityChecks() { NOINLINE void performSanityChecks() {
// Verify that the header offset field can hold the maximum offset. In the // Verify that the header offset field can hold the maximum offset. In the
// case of the Secondary allocator, it takes care of alignment and the // case of the Secondary allocator, it takes care of alignment and the
// offset will always be small. In the case of the Primary, the worst case // offset will always be small. In the case of the Primary, the worst case
// scenario happens in the last size class, when the backend allocation // scenario happens in the last size class, when the backend allocation
// would already be aligned on the requested alignment, which would happen // would already be aligned on the requested alignment, which would happen
▲ Show 20 LinesShow All 380 LinesShow Last 20 Lines

compiler-rt/lib/scudo/standalone/internal_defs.h

Show First 20 LinesShow All 42 Lines▼ Show 20 Lines
#define PREFETCH(X) __asm__("prefetchnta (%0)" : : "r"(X)) #define PREFETCH(X) __asm__("prefetchnta (%0)" : : "r"(X))
#else #else
#define PREFETCH(X) __builtin_prefetch(X) #define PREFETCH(X) __builtin_prefetch(X)
#endif #endif
#define UNUSED __attribute__((unused)) #define UNUSED __attribute__((unused))
#define USED __attribute__((used)) #define USED __attribute__((used))
#define NOEXCEPT noexcept #define NOEXCEPT noexcept
// This check is only available on Clang. This is essentially an alias of
// C++20's 'constinit' specifier which will take care of this when (if?) we can
// ask all libc's that use Scudo to compile us with C++20. Dynamic
// initialization is bad; Scudo is designed to be lazy-initializated on the
hctimUnsubmitted
Not Done
ReplyInline Actions

Judging by https://gcc.gnu.org/bugzilla/show_bug.cgi?id=86974, looks like this isn't supported on gcc (and I see us bumping to c++2a for constinit) :(. Ah well, I guess we only get the diagnostic on clang.

Looking into it further, looks like gcc/clang-O0 don't elide the GWP-ASan dynamic initializer because the parent Scudo allocator is default-initialized, and the GWP-ASan initializer is value-initialized with nonzero values. This patch effectively makes the Scudo allocator's implicit construct constexpr by initializing all its members, and triggers static constant initialization of the Scudo and GWP-ASan allocators.

It looks like https://reviews.llvm.org/D87478 removed the blocker (from https://reviews.llvm.org/D69265#inline-624315) to making Scudo's allocator constexpr, so now this is possible :).

I wrote a comment for posterity that would be good to include here, as it hopefully helps with debugging:

// This check is only available on Clang. This is essentialy an alias of C++20's
// 'constinit' specifier which will take care of this when (if?) we can ask all
// libc's that use Scudo to compile us with C++20. Dynamic initialization is
// bad; Scudo is designed to be lazy-initializated on the first call to
// malloc/free (and friends), and this generally happens in the loader somewhere
// in libdl's init. After the loader is done, control is transferred to libc's
// initialization, and the dynamic initializers are run. If there's a dynamic
// initializer for Scudo, then it will clobber the already-initialized Scudo,
// and re-initialize all its members back to default values, causing various
// explosions. Unfortunately, marking scudo::Allocator<>'s constructor as
// 'constexpr' isn't sufficient to prevent dynamic initialization, as default
// initialization is fine under 'constexpr' (but not 'constinit'). Clang at -O0,
// and gcc at all opt levels will emit a dynamic initializer for any
// constant-initialized variables if there is a mix of default-initialized and
// constant-initialized variables.
//
// If you're looking at this because your build failed, you probably introduced
// a new member to scudo::Allocator<> (possibly transiently) that didn't have an
// initializer. The fix is easy - just add one.

While constexpr != constinit, it might be helpful to explicitly define the default constructor for scudo::Allocator<> as constexpr (constexpr Allocator() {}) as well.

hctim: Judging by https://gcc.gnu.org/bugzilla/show_bug.cgi?id=86974, looks like this isn't supported…
vitalybukaAuthorUnsubmitted
Done
ReplyInline Actions

Judging by https://gcc.gnu.org/bugzilla/show_bug.cgi?id=86974, looks like this isn't supported on gcc (and I see us bumping to c++2a for constinit) :(. Ah well, I guess we only get the diagnostic on clang.

I guess that's fine. At least on clang if I remove attribute it still makes it const initialized.

Looking into it further, looks like gcc/clang-O0 don't elide the GWP-ASan dynamic initializer because the parent Scudo allocator is default-initialized, and the GWP-ASan initializer is value-initialized with nonzero values. This patch effectively makes the Scudo allocator's implicit construct constexpr by initializing all its members, and triggers static constant initialization of the Scudo and GWP-ASan allocators.

constexpr is not enough https://godbolt.org/z/s51zfv9sE

vitalybuka: >> Judging by https://gcc.gnu.org/bugzilla/show_bug.cgi?id=86974, looks like this isn't…
vitalybukaAuthorUnsubmitted
Done
ReplyInline Actions

As part of this patch I had all touched classes as constexpr, but as it's not relevant I reverted them.

vitalybuka: As part of this patch I had all touched classes as constexpr, but as it's not relevant I…
vitalybukaAuthorUnsubmitted
Done
ReplyInline Actions

according standard "The constexpr specifier declares that it is *possible* to evaluate the value of the function or variable at compile time.", but with -O0 compiler does not bother.

Even O1
O1: https://godbolt.org/z/ov6ecoEqn
O2: https://godbolt.org/z/je4fff4bh

vitalybuka: according standard "The constexpr specifier declares that it is *possible* to evaluate the…
hctimUnsubmitted
Done
ReplyInline Actions

I guess that's fine. At least on clang if I remove attribute it still makes it const initialized.

Sorry for any confusion, I mean to say the attribute is good as a defensive layer of compile-time checking and we should definitely keep it, even if it's just for clang.

constexpr is not enough https://godbolt.org/z/s51zfv9sE

Yep, from the comment:

// Unfortunately, marking scudo::Allocator<>'s constructor as
// 'constexpr' isn't sufficient to prevent dynamic initialization, as default
// initialization is fine under 'constexpr' (but not 'constinit')

Although I should have written "it makes the implicit constructor constexpr (this doesn't necessarily fix the problem), and also having no more non-default-initialized members elides the dynamic initializer".

constexpr on the c'tor just gives us a little bit of compile-time diagnostics on gcc (which the attribute is significantly better but clang-only).

hctim: > I guess that's fine. At least on clang if I remove attribute it still makes it const…
vitalybukaAuthorUnsubmitted
Done
ReplyInline Actions

Now I see, you are proposing comment :)
I'll add it.

vitalybuka: Now I see, you are proposing comment :) I'll add it.
// first call to malloc/free (and friends), and this generally happens in the
// loader somewhere in libdl's init. After the loader is done, control is
// transferred to libc's initialization, and the dynamic initializers are run.
// If there's a dynamic initializer for Scudo, then it will clobber the
// already-initialized Scudo, and re-initialize all its members back to default
// values, causing various explosions. Unfortunately, marking
// scudo::Allocator<>'s constructor as 'constexpr' isn't sufficient to prevent
// dynamic initialization, as default initialization is fine under 'constexpr'
// (but not 'constinit'). Clang at -O0, and gcc at all opt levels will emit a
// dynamic initializer for any constant-initialized variables if there is a mix
// of default-initialized and constant-initialized variables.
//
// If you're looking at this because your build failed, you probably introduced
// a new member to scudo::Allocator<> (possibly transiently) that didn't have an
// initializer. The fix is easy - just add one.
#if defined(__has_attribute)
#if __has_attribute(require_constant_initialization)
#define SCUDO_REQUIRE_CONSTANT_INITIALIZATION \
__attribute__((__require_constant_initialization__))
#else
#define SCUDO_REQUIRE_CONSTANT_INITIALIZATION
#endif
#endif
namespace scudo { namespace scudo {
typedef unsigned long uptr; typedef unsigned long uptr;
typedef unsigned char u8; typedef unsigned char u8;
typedef unsigned short u16; typedef unsigned short u16;
typedef unsigned int u32; typedef unsigned int u32;
typedef unsigned long long u64; typedef unsigned long long u64;
typedef signed long sptr; typedef signed long sptr;
▲ Show 20 LinesShow All 83 LinesShow Last 20 Lines

compiler-rt/lib/scudo/standalone/list.h

Show First 20 LinesShow All 51 Lines▼ Show 20 Linestemplate <class T> struct IntrusiveList {
Iterator end() { return Iterator(nullptr); } Iterator end() { return Iterator(nullptr); }
ConstIterator begin() const { return ConstIterator(First); } ConstIterator begin() const { return ConstIterator(First); }
ConstIterator end() const { return ConstIterator(nullptr); } ConstIterator end() const { return ConstIterator(nullptr); }
void checkConsistency() const; void checkConsistency() const;
protected: protected:
uptr Size; uptr Size = 0;
T *First; T *First = nullptr;
T *Last; T *Last = nullptr;
}; };
template <class T> void IntrusiveList<T>::checkConsistency() const { template <class T> void IntrusiveList<T>::checkConsistency() const {
if (Size == 0) { if (Size == 0) {
CHECK_EQ(First, nullptr); CHECK_EQ(First, nullptr);
CHECK_EQ(Last, nullptr); CHECK_EQ(Last, nullptr);
} else { } else {
uptr Count = 0; uptr Count = 0;
▲ Show 20 LinesShow All 158 LinesShow Last 20 Lines

compiler-rt/lib/scudo/standalone/local_cache.h

Show First 20 LinesShow All 132 Lines▼ Show 20 Linesprivate:
static const uptr NumClasses = SizeClassMap::NumClasses; static const uptr NumClasses = SizeClassMap::NumClasses;
static const uptr BatchClassId = SizeClassMap::BatchClassId; static const uptr BatchClassId = SizeClassMap::BatchClassId;
struct PerClass { struct PerClass {
u32 Count; u32 Count;
u32 MaxCount; u32 MaxCount;
uptr ClassSize; uptr ClassSize;
CompactPtrT Chunks[2 * TransferBatch::MaxNumCached]; CompactPtrT Chunks[2 * TransferBatch::MaxNumCached];
}; };
PerClass PerClassArray[NumClasses]; PerClass PerClassArray[NumClasses] = {};
LocalStats Stats; LocalStats Stats;
SizeClassAllocator *Allocator; SizeClassAllocator *Allocator = nullptr;
ALWAYS_INLINE void initCacheMaybe(PerClass *C) { ALWAYS_INLINE void initCacheMaybe(PerClass *C) {
if (LIKELY(C->MaxCount)) if (LIKELY(C->MaxCount))
return; return;
initCache(); initCache();
DCHECK_NE(C->MaxCount, 0U); DCHECK_NE(C->MaxCount, 0U);
} }
▲ Show 20 LinesShow All 44 LinesShow Last 20 Lines

compiler-rt/lib/scudo/standalone/mutex.h

Show First 20 LinesShow All 42 Lines▼ Show 20 Lines#endif
} }
void unlock(); void unlock();
private: private:
static constexpr u8 NumberOfTries = 8U; static constexpr u8 NumberOfTries = 8U;
static constexpr u8 NumberOfYields = 8U; static constexpr u8 NumberOfYields = 8U;
#if SCUDO_LINUX #if SCUDO_LINUX
atomic_u32 M; atomic_u32 M = {};
#elif SCUDO_FUCHSIA #elif SCUDO_FUCHSIA
sync_mutex_t M; sync_mutex_t M = {};
cryptoadUnsubmitted
Done
ReplyInline Actions

{} for Fuchsia as well?

cryptoad: = {} for Fuchsia as well?
#endif #endif
void lockSlow(); void lockSlow();
}; };
class ScopedLock { class ScopedLock {
public: public:
explicit ScopedLock(HybridMutex &M) : Mutex(M) { Mutex.lock(); } explicit ScopedLock(HybridMutex &M) : Mutex(M) { Mutex.lock(); }
Show All 12 Lines

compiler-rt/lib/scudo/standalone/options.h

Show All 38 Lines
}; };
template <typename Config> bool useMemoryTagging(Options Options) { template <typename Config> bool useMemoryTagging(Options Options) {
return allocatorSupportsMemoryTagging<Config>() && return allocatorSupportsMemoryTagging<Config>() &&
Options.get(OptionBit::UseMemoryTagging); Options.get(OptionBit::UseMemoryTagging);
} }
struct AtomicOptions { struct AtomicOptions {
atomic_u32 Val; atomic_u32 Val = {};
public:
Options load() const { return Options{atomic_load_relaxed(&Val)}; } Options load() const { return Options{atomic_load_relaxed(&Val)}; }
void clear(OptionBit Opt) { void clear(OptionBit Opt) {
atomic_fetch_and(&Val, ~(1U << static_cast<u32>(Opt)), atomic_fetch_and(&Val, ~(1U << static_cast<u32>(Opt)),
memory_order_relaxed); memory_order_relaxed);
} }
void set(OptionBit Opt) { void set(OptionBit Opt) {
Show All 18 Lines

compiler-rt/lib/scudo/standalone/primary32.h

Show First 20 LinesShow All 483 Lines▼ Show 20 Lines if (Recorder.getReleasedRangesCount() > 0) {
Sci->ReleaseInfo.LastReleasedBytes = Recorder.getReleasedBytes(); Sci->ReleaseInfo.LastReleasedBytes = Recorder.getReleasedBytes();
TotalReleasedBytes += Sci->ReleaseInfo.LastReleasedBytes; TotalReleasedBytes += Sci->ReleaseInfo.LastReleasedBytes;
} }
Sci->ReleaseInfo.LastReleaseAtNs = getMonotonicTime(); Sci->ReleaseInfo.LastReleaseAtNs = getMonotonicTime();
return TotalReleasedBytes; return TotalReleasedBytes;
} }
SizeClassInfo SizeClassInfoArray[NumClasses]; SizeClassInfo SizeClassInfoArray[NumClasses] = {};
// Track the regions in use, 0 is unused, otherwise store ClassId + 1. // Track the regions in use, 0 is unused, otherwise store ClassId + 1.
ByteMap PossibleRegions; ByteMap PossibleRegions = {};
atomic_s32 ReleaseToOsIntervalMs; atomic_s32 ReleaseToOsIntervalMs = {};
// Unless several threads request regions simultaneously from different size // Unless several threads request regions simultaneously from different size
// classes, the stash rarely contains more than 1 entry. // classes, the stash rarely contains more than 1 entry.
static constexpr uptr MaxStashedRegions = 4; static constexpr uptr MaxStashedRegions = 4;
HybridMutex RegionsStashMutex; HybridMutex RegionsStashMutex;
uptr NumberOfStashedRegions; uptr NumberOfStashedRegions = 0;
uptr RegionsStash[MaxStashedRegions]; uptr RegionsStash[MaxStashedRegions] = {};
}; };
} // namespace scudo } // namespace scudo
#endif // SCUDO_PRIMARY32_H_ #endif // SCUDO_PRIMARY32_H_

compiler-rt/lib/scudo/standalone/primary64.h

Show First 20 LinesShow All 278 Lines▼ Show 20 Lines struct ReleaseToOsInfo {
uptr PushedBlocksAtLastRelease; uptr PushedBlocksAtLastRelease;
uptr RangesReleased; uptr RangesReleased;
uptr LastReleasedBytes; uptr LastReleasedBytes;
u64 LastReleaseAtNs; u64 LastReleaseAtNs;
}; };
struct UnpaddedRegionInfo { struct UnpaddedRegionInfo {
HybridMutex Mutex; HybridMutex Mutex;
SinglyLinkedList<TransferBatch> FreeList; SinglyLinkedList<TransferBatch> FreeList;
uptr RegionBeg; uptr RegionBeg = 0;
cryptoadUnsubmitted
Done
ReplyInline Actions

This will probably have to be initialized as well for Fuchsia since it's not empty.

cryptoad: This will probably have to be initialized as well for Fuchsia since it's not empty.
RegionStats Stats; RegionStats Stats = {};
u32 RandState; u32 RandState = 0;
uptr MappedUser; // Bytes mapped for user memory. uptr MappedUser = 0; // Bytes mapped for user memory.
uptr AllocatedUser; // Bytes allocated for user memory. uptr AllocatedUser = 0; // Bytes allocated for user memory.
MapPlatformData Data; MapPlatformData Data = {};
ReleaseToOsInfo ReleaseInfo; ReleaseToOsInfo ReleaseInfo = {};
bool Exhausted; bool Exhausted = false;
}; };
struct RegionInfo : UnpaddedRegionInfo { struct RegionInfo : UnpaddedRegionInfo {
char Padding[SCUDO_CACHE_LINE_SIZE - char Padding[SCUDO_CACHE_LINE_SIZE -
(sizeof(UnpaddedRegionInfo) % SCUDO_CACHE_LINE_SIZE)]; (sizeof(UnpaddedRegionInfo) % SCUDO_CACHE_LINE_SIZE)] = {};
}; };
static_assert(sizeof(RegionInfo) % SCUDO_CACHE_LINE_SIZE == 0, ""); static_assert(sizeof(RegionInfo) % SCUDO_CACHE_LINE_SIZE == 0, "");
uptr PrimaryBase; uptr PrimaryBase = 0;
cryptoadUnsubmitted
Done
ReplyInline Actions

Same here.

cryptoad: Same here.
MapPlatformData Data; MapPlatformData Data = {};
atomic_s32 ReleaseToOsIntervalMs; atomic_s32 ReleaseToOsIntervalMs = {};
alignas(SCUDO_CACHE_LINE_SIZE) RegionInfo RegionInfoArray[NumClasses]; alignas(SCUDO_CACHE_LINE_SIZE) RegionInfo RegionInfoArray[NumClasses];
RegionInfo *getRegionInfo(uptr ClassId) { RegionInfo *getRegionInfo(uptr ClassId) {
DCHECK_LT(ClassId, NumClasses); DCHECK_LT(ClassId, NumClasses);
return &RegionInfoArray[ClassId]; return &RegionInfoArray[ClassId];
} }
uptr getRegionBaseByClassId(uptr ClassId) const { uptr getRegionBaseByClassId(uptr ClassId) const {
▲ Show 20 LinesShow All 170 LinesShow Last 20 Lines

compiler-rt/lib/scudo/standalone/quarantine.h

Show First 20 LinesShow All 155 Lines▼ Show 20 Lines Str->append(
"Stats: Quarantine: batches: %zu; bytes: %zu (user: %zu); chunks: %zu " "Stats: Quarantine: batches: %zu; bytes: %zu (user: %zu); chunks: %zu "
"(capacity: %zu); %zu%% chunks used; %zu%% memory overhead\n", "(capacity: %zu); %zu%% chunks used; %zu%% memory overhead\n",
BatchCount, TotalBytes, TotalQuarantinedBytes, TotalQuarantineChunks, BatchCount, TotalBytes, TotalQuarantinedBytes, TotalQuarantineChunks,
QuarantineChunksCapacity, ChunksUsagePercent, MemoryOverheadPercent); QuarantineChunksCapacity, ChunksUsagePercent, MemoryOverheadPercent);
} }
private: private:
SinglyLinkedList<QuarantineBatch> List; SinglyLinkedList<QuarantineBatch> List;
atomic_uptr Size; atomic_uptr Size = {};
void addToSize(uptr add) { atomic_store_relaxed(&Size, getSize() + add); } void addToSize(uptr add) { atomic_store_relaxed(&Size, getSize() + add); }
void subFromSize(uptr sub) { atomic_store_relaxed(&Size, getSize() - sub); } void subFromSize(uptr sub) { atomic_store_relaxed(&Size, getSize() - sub); }
}; };
// The callback interface is: // The callback interface is:
// void Callback::recycle(Node *Ptr); // void Callback::recycle(Node *Ptr);
// void *Callback::allocate(uptr Size); // void *Callback::allocate(uptr Size);
▲ Show 20 LinesShow All 68 Lines▼ Show 20 Lines void enable() {
RecycleMutex.unlock(); RecycleMutex.unlock();
} }
private: private:
// Read-only data. // Read-only data.
alignas(SCUDO_CACHE_LINE_SIZE) HybridMutex CacheMutex; alignas(SCUDO_CACHE_LINE_SIZE) HybridMutex CacheMutex;
CacheT Cache; CacheT Cache;
alignas(SCUDO_CACHE_LINE_SIZE) HybridMutex RecycleMutex; alignas(SCUDO_CACHE_LINE_SIZE) HybridMutex RecycleMutex;
atomic_uptr MinSize; atomic_uptr MinSize = {};
atomic_uptr MaxSize; atomic_uptr MaxSize = {};
alignas(SCUDO_CACHE_LINE_SIZE) atomic_uptr MaxCacheSize; alignas(SCUDO_CACHE_LINE_SIZE) atomic_uptr MaxCacheSize = {};
void NOINLINE recycle(uptr MinSize, Callback Cb) { void NOINLINE recycle(uptr MinSize, Callback Cb) {
CacheT Tmp; CacheT Tmp;
Tmp.init(); Tmp.init();
{ {
ScopedLock L(CacheMutex); ScopedLock L(CacheMutex);
// Go over the batches and merge partially filled ones to // Go over the batches and merge partially filled ones to
// save some memory, otherwise batches themselves (since the memory used // save some memory, otherwise batches themselves (since the memory used
▲ Show 20 LinesShow All 46 LinesShow Last 20 Lines

compiler-rt/lib/scudo/standalone/secondary.h

Show First 20 LinesShow All 371 Lines▼ Show 20 Lines void releaseOlderThan(u64 Time) {
OldestTime = 0; OldestTime = 0;
for (uptr I = 0; I < Config::SecondaryCacheQuarantineSize; I++) for (uptr I = 0; I < Config::SecondaryCacheQuarantineSize; I++)
releaseIfOlderThan(Quarantine[I], Time); releaseIfOlderThan(Quarantine[I], Time);
for (uptr I = 0; I < Config::SecondaryCacheEntriesArraySize; I++) for (uptr I = 0; I < Config::SecondaryCacheEntriesArraySize; I++)
releaseIfOlderThan(Entries[I], Time); releaseIfOlderThan(Entries[I], Time);
} }
HybridMutex Mutex; HybridMutex Mutex;
u32 EntriesCount; u32 EntriesCount = 0;
u32 QuarantinePos; u32 QuarantinePos = 0;
atomic_u32 MaxEntriesCount; atomic_u32 MaxEntriesCount = {};
atomic_uptr MaxEntrySize; atomic_uptr MaxEntrySize = {};
u64 OldestTime; u64 OldestTime = 0;
u32 IsFullEvents; u32 IsFullEvents = 0;
atomic_s32 ReleaseToOsIntervalMs; atomic_s32 ReleaseToOsIntervalMs = {};
CachedBlock Entries[Config::SecondaryCacheEntriesArraySize]; CachedBlock Entries[Config::SecondaryCacheEntriesArraySize] = {};
CachedBlock Quarantine[Config::SecondaryCacheQuarantineSize]; CachedBlock Quarantine[Config::SecondaryCacheQuarantineSize] = {};
}; };
template <typename Config> class MapAllocator { template <typename Config> class MapAllocator {
public: public:
void initLinkerInitialized(GlobalStats *S, s32 ReleaseToOsInterval = -1) { void initLinkerInitialized(GlobalStats *S, s32 ReleaseToOsInterval = -1) {
Cache.initLinkerInitialized(ReleaseToOsInterval); Cache.initLinkerInitialized(ReleaseToOsInterval);
Stats.initLinkerInitialized(); Stats.initLinkerInitialized();
if (LIKELY(S)) if (LIKELY(S))
▲ Show 20 LinesShow All 48 Lines▼ Show 20 Linespublic:
void disableMemoryTagging() { Cache.disableMemoryTagging(); } void disableMemoryTagging() { Cache.disableMemoryTagging(); }
private: private:
typename Config::SecondaryCache Cache; typename Config::SecondaryCache Cache;
HybridMutex Mutex; HybridMutex Mutex;
DoublyLinkedList<LargeBlock::Header> InUseBlocks; DoublyLinkedList<LargeBlock::Header> InUseBlocks;
uptr AllocatedBytes; uptr AllocatedBytes = 0;
uptr FreedBytes; uptr FreedBytes = 0;
uptr LargestSize; uptr LargestSize = 0;
u32 NumberOfAllocs; u32 NumberOfAllocs = 0;
u32 NumberOfFrees; u32 NumberOfFrees = 0;
LocalStats Stats; LocalStats Stats;
}; };
// As with the Primary, the size passed to this function includes any desired // As with the Primary, the size passed to this function includes any desired
// alignment, so that the frontend can align the user allocation. The hint // alignment, so that the frontend can align the user allocation. The hint
// parameter allows us to unmap spurious memory when dealing with larger // parameter allows us to unmap spurious memory when dealing with larger
// (greater than a page) alignments on 32-bit platforms. // (greater than a page) alignments on 32-bit platforms.
// Due to the sparsity of address space available on those platforms, requesting // Due to the sparsity of address space available on those platforms, requesting
▲ Show 20 LinesShow All 140 LinesShow Last 20 Lines

compiler-rt/lib/scudo/standalone/stack_depot.h

Show All 34 Lines u32 get() {
X *= M; X *= M;
X ^= X >> 15; X ^= X >> 15;
return X; return X;
} }
}; };
class StackDepot { class StackDepot {
HybridMutex RingEndMu; HybridMutex RingEndMu;
u32 RingEnd; u32 RingEnd = 0;
// This data structure stores a stack trace for each allocation and // This data structure stores a stack trace for each allocation and
// deallocation when stack trace recording is enabled, that may be looked up // deallocation when stack trace recording is enabled, that may be looked up
// using a hash of the stack trace. The lower bits of the hash are an index // using a hash of the stack trace. The lower bits of the hash are an index
// into the Tab array, which stores an index into the Ring array where the // into the Tab array, which stores an index into the Ring array where the
// stack traces are stored. As the name implies, Ring is a ring buffer, so a // stack traces are stored. As the name implies, Ring is a ring buffer, so a
// stack trace may wrap around to the start of the array. // stack trace may wrap around to the start of the array.
// //
Show All 13 Lines
#ifdef SCUDO_FUZZ #ifdef SCUDO_FUZZ
// Use smaller table sizes for fuzzing in order to reduce input size. // Use smaller table sizes for fuzzing in order to reduce input size.
static const uptr TabBits = 4; static const uptr TabBits = 4;
#else #else
static const uptr TabBits = 16; static const uptr TabBits = 16;
#endif #endif
static const uptr TabSize = 1 << TabBits; static const uptr TabSize = 1 << TabBits;
static const uptr TabMask = TabSize - 1; static const uptr TabMask = TabSize - 1;
atomic_u32 Tab[TabSize]; atomic_u32 Tab[TabSize] = {};
#ifdef SCUDO_FUZZ #ifdef SCUDO_FUZZ
static const uptr RingBits = 4; static const uptr RingBits = 4;
#else #else
static const uptr RingBits = 19; static const uptr RingBits = 19;
#endif #endif
static const uptr RingSize = 1 << RingBits; static const uptr RingSize = 1 << RingBits;
static const uptr RingMask = RingSize - 1; static const uptr RingMask = RingSize - 1;
atomic_u64 Ring[RingSize]; atomic_u64 Ring[RingSize] = {};
public: public:
// Insert hash of the stack trace [Begin, End) into the stack depot, and // Insert hash of the stack trace [Begin, End) into the stack depot, and
// return the hash. // return the hash.
u32 insert(uptr *Begin, uptr *End) { u32 insert(uptr *Begin, uptr *End) {
MurMur2HashBuilder B; MurMur2HashBuilder B;
for (uptr *I = Begin; I != End; ++I) for (uptr *I = Begin; I != End; ++I)
B.add(u32(*I) >> 2); B.add(u32(*I) >> 2);
▲ Show 20 LinesShow All 54 LinesShow Last 20 Lines

compiler-rt/lib/scudo/standalone/stats.h

Show All 40 Lines void sub(StatType I, uptr V) {
V = atomic_load_relaxed(&StatsArray[I]) - V; V = atomic_load_relaxed(&StatsArray[I]) - V;
atomic_store_relaxed(&StatsArray[I], V); atomic_store_relaxed(&StatsArray[I], V);
} }
void set(StatType I, uptr V) { atomic_store_relaxed(&StatsArray[I], V); } void set(StatType I, uptr V) { atomic_store_relaxed(&StatsArray[I], V); }
uptr get(StatType I) const { return atomic_load_relaxed(&StatsArray[I]); } uptr get(StatType I) const { return atomic_load_relaxed(&StatsArray[I]); }
LocalStats *Next; LocalStats *Next = nullptr;
LocalStats *Prev; LocalStats *Prev = nullptr;
private: private:
atomic_uptr StatsArray[StatCount]; atomic_uptr StatsArray[StatCount] = {};
}; };
// Global stats, used for aggregation and querying. // Global stats, used for aggregation and querying.
class GlobalStats : public LocalStats { class GlobalStats : public LocalStats {
public: public:
void initLinkerInitialized() {} void initLinkerInitialized() {}
void init() { void init() {
LocalStats::init(); LocalStats::init();
▲ Show 20 LinesShow All 41 LinesShow Last 20 Lines

compiler-rt/lib/scudo/standalone/tsd.h

Show All 20 Lines
#define PTHREAD_DESTRUCTOR_ITERATIONS 4 #define PTHREAD_DESTRUCTOR_ITERATIONS 4
#endif #endif
namespace scudo { namespace scudo {
template <class Allocator> struct alignas(SCUDO_CACHE_LINE_SIZE) TSD { template <class Allocator> struct alignas(SCUDO_CACHE_LINE_SIZE) TSD {
typename Allocator::CacheT Cache; typename Allocator::CacheT Cache;
typename Allocator::QuarantineCacheT QuarantineCache; typename Allocator::QuarantineCacheT QuarantineCache;
u8 DestructorIterations; u8 DestructorIterations = 0;
void initLinkerInitialized(Allocator *Instance) { void initLinkerInitialized(Allocator *Instance) {
Instance->initCache(&Cache); Instance->initCache(&Cache);
DestructorIterations = PTHREAD_DESTRUCTOR_ITERATIONS; DestructorIterations = PTHREAD_DESTRUCTOR_ITERATIONS;
} }
void init(Allocator *Instance) { void init(Allocator *Instance) {
memset(this, 0, sizeof(*this)); memset(this, 0, sizeof(*this));
initLinkerInitialized(Instance); initLinkerInitialized(Instance);
Show All 16 Lines inline void lock() {
atomic_store_relaxed(&Precedence, 0); atomic_store_relaxed(&Precedence, 0);
Mutex.lock(); Mutex.lock();
} }
inline void unlock() { Mutex.unlock(); } inline void unlock() { Mutex.unlock(); }
inline uptr getPrecedence() { return atomic_load_relaxed(&Precedence); } inline uptr getPrecedence() { return atomic_load_relaxed(&Precedence); }
private: private:
HybridMutex Mutex; HybridMutex Mutex;
atomic_uptr Precedence; atomic_uptr Precedence = {};
}; };
} // namespace scudo } // namespace scudo
#endif // SCUDO_TSD_H_ #endif // SCUDO_TSD_H_

compiler-rt/lib/scudo/standalone/tsd_exclusive.h

Show First 20 LinesShow All 102 Lines▼ Show 20 Lines if (UNLIKELY(MinimalInit))
return; return;
CHECK_EQ( CHECK_EQ(
pthread_setspecific(PThreadKey, reinterpret_cast<void *>(Instance)), 0); pthread_setspecific(PThreadKey, reinterpret_cast<void *>(Instance)), 0);
ThreadTSD.initLinkerInitialized(Instance); ThreadTSD.initLinkerInitialized(Instance);
State.InitState = ThreadState::Initialized; State.InitState = ThreadState::Initialized;
Instance->callPostInitCallback(); Instance->callPostInitCallback();
} }
pthread_key_t PThreadKey; pthread_key_t PThreadKey = {};
bool Initialized; bool Initialized = false;
atomic_u8 Disabled; atomic_u8 Disabled = {};
TSD<Allocator> FallbackTSD; TSD<Allocator> FallbackTSD;
HybridMutex Mutex; HybridMutex Mutex;
static thread_local ThreadState State; static thread_local ThreadState State;
static thread_local TSD<Allocator> ThreadTSD; static thread_local TSD<Allocator> ThreadTSD;
friend void teardownThread<Allocator>(void *Ptr); friend void teardownThread<Allocator>(void *Ptr);
}; };
Show All 27 Lines

compiler-rt/lib/scudo/standalone/wrappers_c.cpp

Show All 20 Lines
#define SCUDO_PREFIX(name) name #define SCUDO_PREFIX(name) name
#define SCUDO_ALLOCATOR Allocator #define SCUDO_ALLOCATOR Allocator
extern "C" void SCUDO_PREFIX(malloc_postinit)(); extern "C" void SCUDO_PREFIX(malloc_postinit)();
// Export the static allocator so that the C++ wrappers can access it. // Export the static allocator so that the C++ wrappers can access it.
// Technically we could have a completely separated heap for C & C++ but in // Technically we could have a completely separated heap for C & C++ but in
// reality the amount of cross pollination between the two is staggering. // reality the amount of cross pollination between the two is staggering.
SCUDO_REQUIRE_CONSTANT_INITIALIZATION
scudo::Allocator<scudo::Config, SCUDO_PREFIX(malloc_postinit)> SCUDO_ALLOCATOR; scudo::Allocator<scudo::Config, SCUDO_PREFIX(malloc_postinit)> SCUDO_ALLOCATOR;
#include "wrappers_c.inc" #include "wrappers_c.inc"
#undef SCUDO_ALLOCATOR #undef SCUDO_ALLOCATOR
#undef SCUDO_PREFIX #undef SCUDO_PREFIX
extern "C" INTERFACE void __scudo_print_stats(void) { Allocator.printStats(); } extern "C" INTERFACE void __scudo_print_stats(void) { Allocator.printStats(); }
#endif // !SCUDO_ANDROID || !_BIONIC #endif // !SCUDO_ANDROID || !_BIONIC

compiler-rt/lib/scudo/standalone/wrappers_c_bionic.cpp

Show All 17 Lines
#include <stdint.h> #include <stdint.h>
#include <stdio.h> #include <stdio.h>
// Regular MallocDispatch definitions. // Regular MallocDispatch definitions.
#define SCUDO_PREFIX(name) CONCATENATE(scudo_, name) #define SCUDO_PREFIX(name) CONCATENATE(scudo_, name)
#define SCUDO_ALLOCATOR Allocator #define SCUDO_ALLOCATOR Allocator
extern "C" void SCUDO_PREFIX(malloc_postinit)(); extern "C" void SCUDO_PREFIX(malloc_postinit)();
SCUDO_REQUIRE_CONSTANT_INITIALIZATION
static scudo::Allocator<scudo::AndroidConfig, SCUDO_PREFIX(malloc_postinit)> static scudo::Allocator<scudo::AndroidConfig, SCUDO_PREFIX(malloc_postinit)>
SCUDO_ALLOCATOR; SCUDO_ALLOCATOR;
#include "wrappers_c.inc" #include "wrappers_c.inc"
#undef SCUDO_ALLOCATOR #undef SCUDO_ALLOCATOR
#undef SCUDO_PREFIX #undef SCUDO_PREFIX
// Svelte MallocDispatch definitions. // Svelte MallocDispatch definitions.
#define SCUDO_PREFIX(name) CONCATENATE(scudo_svelte_, name) #define SCUDO_PREFIX(name) CONCATENATE(scudo_svelte_, name)
#define SCUDO_ALLOCATOR SvelteAllocator #define SCUDO_ALLOCATOR SvelteAllocator
extern "C" void SCUDO_PREFIX(malloc_postinit)(); extern "C" void SCUDO_PREFIX(malloc_postinit)();
SCUDO_REQUIRE_CONSTANT_INITIALIZATION
static scudo::Allocator<scudo::AndroidSvelteConfig, static scudo::Allocator<scudo::AndroidSvelteConfig,
SCUDO_PREFIX(malloc_postinit)> SCUDO_PREFIX(malloc_postinit)>
SCUDO_ALLOCATOR; SCUDO_ALLOCATOR;
#include "wrappers_c.inc" #include "wrappers_c.inc"
#undef SCUDO_ALLOCATOR #undef SCUDO_ALLOCATOR
#undef SCUDO_PREFIX #undef SCUDO_PREFIX
Show All 40 Lines