This is an archive of the discontinued LLVM Phabricator instance.

Differential D103641

[scudo] Rework Vector/String
ClosedPublic

Authored by cryptoad on Jun 3 2021, 12:11 PM.

Details

Reviewers
vitalybuka
eugenis
hctim
cferris
pcc
Commits
rG868317b3fd76: [scudo] Rework Vector/String
Summary

Some platforms (eg: Trusty) are extremelly memory constrained, which
doesn't necessarily work well with some of Scudo's current assumptions.

Vector by default (and as such String and ScopedString) maps a
page, which is a bit of a waste. This CL changes Vector to use a
buffer local to the class first, then potentially map more memory if
needed (ScopedString currently are all stack based so it would be
stack data). We also want to allow a platform to prevent any dynamic
resizing, so I added a CanGrow templated parameter that for now is
always true but would be set to false on Trusty.

Diff Detail

Event Timeline

cryptoad created this revision.Jun 3 2021, 12:11 PM
Herald added a subscriber: JDevlieghere. · View Herald TranscriptJun 3 2021, 12:11 PM
cryptoad requested review of this revision.Jun 3 2021, 12:11 PM
Herald added a project: Restricted Project. · View Herald TranscriptJun 3 2021, 12:11 PM
Herald added a subscriber: Restricted Project. · View Herald Transcript
danieljm added a subscriber: danieljm.Jun 3 2021, 12:13 PM
cryptoad updated this revision to Diff 349642.Jun 3 2021, 12:13 PM

Correcting a couple of ScopedString constructors.

cryptoad updated this revision to Diff 349646.Jun 3 2021, 12:31 PM

Corrected, with a test now.

hctim added a comment.Jun 3 2021, 1:05 PM

CanGrow templated parameter that for now is
always true but would be set to false on Trusty.

Are we seeing OOMs on Trusty due to ScopedString? I had a quick look and it seemed like there's no non-ephemeral buffers (and really, this shouldn't be called very often at all), and it concerns me a little that push_back can silently fail on a ScopedErrorReport and truncate the text and it seems hard to test "all failure conditions log successfully".

compiler-rt/lib/scudo/standalone/string_utils.h
21–23

With InitialSize == 0, isn't this OOB?

Harbormaster completed remote builds in B107524: Diff 349646.Jun 3 2021, 1:43 PM
vitalybuka added a comment.Jun 3 2021, 1:51 PM

Local buffer is LGTM, but CantGrow looks like unrelated change and a good candidate for a separate patch.

compiler-rt/lib/scudo/standalone/string_utils.h
20–21

Interface will be cleaner without InitialSize, we removed it sanitizer_common some time ago.

maybe for a separate patch:
uptr length() const { return buffer_.size() - 1; } can retire Length

compiler-rt/lib/scudo/standalone/vector.h
20

As is seems all users of VectorNoCtor will need to re-think consequences of failed push_back.
Interface mimics std::vector, but it's unexpected that after N push_back() container may be smaller than N.

Maybe we can we rather set max grow size for Trusty and crash if it's reached. Which also a problem, but at least easy to detect.

another alternative is to assume that Trusty will can handle Grow in most cases and when it cant, we can handle that explicitly on caller side by checking container size before push_back

cryptoad added a comment.Jun 3 2021, 1:55 PM
In D103641#2797247, @hctim wrote:

CanGrow templated parameter that for now is
always true but would be set to false on Trusty.

Are we seeing OOMs on Trusty due to ScopedString? I had a quick look and it seemed like there's no non-ephemeral buffers (and really, this shouldn't be called very often at all), and it concerns me a little that push_back can silently fail on a ScopedErrorReport and truncate the text and it seems hard to test "all failure conditions log successfully".

Some Trusty apps have a heap of 1 page (yup), and all maps end up in the sbrk space. So in it's current shape, a ScopedString is taking way too much space in the heap.
push_back is only used in tests so far, formatString failing might be a little more problematic. I think there will be some truncation for larger strings, but more of the simple ones will go through, and that's probably the price to pay when you have such a small heap.

compiler-rt/lib/scudo/standalone/string_utils.h
21–23

Well we always have at least the local buffer worth of space, so it won't OOB, but I see how this isn't obvious.
I am going to add a check.

hctim added a comment.Jun 3 2021, 2:01 PM

Some Trusty apps have a heap of 1 page (yup),

Wow!

compiler-rt/lib/scudo/standalone/string_utils.h
21–23

Yeah, logical bug. But if I'm reading correctly, it should currently trip the DCHECK :).

cryptoad updated this revision to Diff 349680.Jun 3 2021, 2:07 PM
cryptoad marked 2 inline comments as done.

Based on feedback, remove for now the CanGrow aspect of the vector.

cryptoad updated this revision to Diff 349682.Jun 3 2021, 2:11 PM

Remove stray comment.

cryptoad updated this revision to Diff 349685.Jun 3 2021, 2:17 PM

Remove InitialSize as suggested.

cryptoad updated this revision to Diff 349688.Jun 3 2021, 2:19 PM

and I forgot to copy over the test file.

vitalybuka accepted this revision.Jun 3 2021, 2:26 PM
This revision is now accepted and ready to land.Jun 3 2021, 2:26 PM
hctim accepted this revision.Jun 3 2021, 2:31 PM

LGTM w/ nits.

compiler-rt/lib/scudo/standalone/tests/vector_test.cpp
27

why /s/int/uptr? I mean, okay to keep the change, but if so also change the type of the Vector

compiler-rt/lib/scudo/standalone/vector.h
94

Is stack size a problem?

If so, we could typedef this (template <typename T, int StackBufferBytes = 256> class VectorNoCtor) and in places where we know the upper bound, we can bound the stack buffer size as well.

cryptoad updated this revision to Diff 349696.Jun 3 2021, 2:46 PM

Change type in vector test.

cryptoad updated this revision to Diff 349703.Jun 3 2021, 3:02 PM

Switching 2 lines around.

cryptoad added inline comments.Jun 3 2021, 3:03 PM
compiler-rt/lib/scudo/standalone/vector.h
94

Apparently stack is 1 page as well. 256 should be fine, but I will revisit with CanGrow as well.

Harbormaster completed remote builds in B107564: Diff 349703.Jun 3 2021, 4:05 PM
This revision was landed with ongoing or failed builds.Jun 3 2021, 6:13 PM
Closed by commit rG868317b3fd76: [scudo] Rework Vector/String (authored by cryptoad). · Explain Why
This revision was automatically updated to reflect the committed changes.
cryptoad added a commit: rG868317b3fd76: [scudo] Rework Vector/String.
kda added a subscriber: kda.Jun 4 2021, 12:44 PM

This looks like it broke the sanitizer-x86_64-linux-qemu.
https://lab.llvm.org/buildbot/#/builders/169/builds/501

morehouse added a subscriber: morehouse.Jun 4 2021, 12:57 PM
cryptoad added a comment.Jun 4 2021, 1:21 PM
In D103641#2799782, @kda wrote:

This looks like it broke the sanitizer-x86_64-linux-qemu.
https://lab.llvm.org/buildbot/#/builders/169/builds/501

Found the issue, testing the fix.

cryptoad added a comment.Jun 4 2021, 1:42 PM
In D103641#2799871, @cryptoad wrote:
In D103641#2799782, @kda wrote:

This looks like it broke the sanitizer-x86_64-linux-qemu.
https://lab.llvm.org/buildbot/#/builders/169/builds/501

Found the issue, testing the fix.

Should be fixed with https://reviews.llvm.org/D103716

kda added a comment.Jun 4 2021, 1:48 PM

thank you!

Revision Contents

PathSize
compiler-rt/
lib/
scudo/
standalone/
4 lines
2 lines
2 lines
2 lines
7 lines
6 lines
tests/
8 lines
4 lines
8 lines
8 lines
14 lines
31 lines

Diff 349739

compiler-rt/lib/scudo/standalone/combined.h

Show First 20 LinesShow All 688 Lines▼ Show 20 Lines#endif
} }
// The function returns the amount of bytes required to store the statistics, // The function returns the amount of bytes required to store the statistics,
// which might be larger than the amount of bytes provided. Note that the // which might be larger than the amount of bytes provided. Note that the
// statistics buffer is not necessarily constant between calls to this // statistics buffer is not necessarily constant between calls to this
// function. This can be called with a null buffer or zero size for buffer // function. This can be called with a null buffer or zero size for buffer
// sizing purposes. // sizing purposes.
uptr getStats(char *Buffer, uptr Size) { uptr getStats(char *Buffer, uptr Size) {
ScopedString Str(1024); ScopedString Str;
disable(); disable();
const uptr Length = getStats(&Str) + 1; const uptr Length = getStats(&Str) + 1;
enable(); enable();
if (Length < Size) if (Length < Size)
Size = Length; Size = Length;
if (Buffer && Size) { if (Buffer && Size) {
memcpy(Buffer, Str.data(), Size); memcpy(Buffer, Str.data(), Size);
Buffer[Size - 1] = '\0'; Buffer[Size - 1] = '\0';
} }
return Length; return Length;
} }
void printStats() { void printStats() {
ScopedString Str(1024); ScopedString Str;
disable(); disable();
getStats(&Str); getStats(&Str);
enable(); enable();
Str.output(); Str.output();
} }
void releaseToOS() { void releaseToOS() {
initThreadMaybe(); initThreadMaybe();
▲ Show 20 LinesShow All 708 LinesShow Last 20 Lines

compiler-rt/lib/scudo/standalone/primary64.h

Show First 20 LinesShow All 335 Lines▼ Show 20 Lines NOINLINE TransferBatch *populateFreeList(CacheT *C, uptr ClassId,
if (TotalUserBytes > MappedUser) { if (TotalUserBytes > MappedUser) {
// Do the mmap for the user memory. // Do the mmap for the user memory.
const uptr MapSize = const uptr MapSize =
roundUpTo(TotalUserBytes - MappedUser, MapSizeIncrement); roundUpTo(TotalUserBytes - MappedUser, MapSizeIncrement);
const uptr RegionBase = RegionBeg - getRegionBaseByClassId(ClassId); const uptr RegionBase = RegionBeg - getRegionBaseByClassId(ClassId);
if (UNLIKELY(RegionBase + MappedUser + MapSize > RegionSize)) { if (UNLIKELY(RegionBase + MappedUser + MapSize > RegionSize)) {
if (!Region->Exhausted) { if (!Region->Exhausted) {
Region->Exhausted = true; Region->Exhausted = true;
ScopedString Str(1024); ScopedString Str;
getStats(&Str); getStats(&Str);
Str.append( Str.append(
"Scudo OOM: The process has exhausted %zuM for size class %zu.\n", "Scudo OOM: The process has exhausted %zuM for size class %zu.\n",
RegionSize >> 20, Size); RegionSize >> 20, Size);
Str.output(); Str.output();
} }
return nullptr; return nullptr;
} }
▲ Show 20 LinesShow All 133 LinesShow Last 20 Lines

compiler-rt/lib/scudo/standalone/report.cpp

Show All 11 Lines
#include "string_utils.h" #include "string_utils.h"
#include <stdarg.h> #include <stdarg.h>
namespace scudo { namespace scudo {
class ScopedErrorReport { class ScopedErrorReport {
public: public:
ScopedErrorReport() : Message(512) { Message.append("Scudo ERROR: "); } ScopedErrorReport() : Message() { Message.append("Scudo ERROR: "); }
void append(const char *Format, ...) { void append(const char *Format, ...) {
va_list Args; va_list Args;
va_start(Args, Format); va_start(Args, Format);
Message.append(Format, Args); Message.append(Format, Args);
va_end(Args); va_end(Args);
} }
NORETURN ~ScopedErrorReport() { NORETURN ~ScopedErrorReport() {
outputRaw(Message.data()); outputRaw(Message.data());
▲ Show 20 LinesShow All 164 LinesShow Last 20 Lines

compiler-rt/lib/scudo/standalone/size_class_map.h

Show First 20 LinesShow All 303 Lines▼ Show 20 Lines#else
static const uptr MaxBytesCachedLog = 10; static const uptr MaxBytesCachedLog = 10;
static const uptr SizeDelta = Chunk::getHeaderSize(); static const uptr SizeDelta = Chunk::getHeaderSize();
#endif #endif
}; };
typedef FixedSizeClassMap<SvelteSizeClassConfig> SvelteSizeClassMap; typedef FixedSizeClassMap<SvelteSizeClassConfig> SvelteSizeClassMap;
template <typename SCMap> inline void printMap() { template <typename SCMap> inline void printMap() {
ScopedString Buffer(1024); ScopedString Buffer;
uptr PrevS = 0; uptr PrevS = 0;
uptr TotalCached = 0; uptr TotalCached = 0;
for (uptr I = 0; I < SCMap::NumClasses; I++) { for (uptr I = 0; I < SCMap::NumClasses; I++) {
if (I == SCMap::BatchClassId) if (I == SCMap::BatchClassId)
continue; continue;
const uptr S = SCMap::getSizeByClassId(I); const uptr S = SCMap::getSizeByClassId(I);
const uptr D = S - PrevS; const uptr D = S - PrevS;
const uptr P = PrevS ? (D * 100 / PrevS) : 0; const uptr P = PrevS ? (D * 100 / PrevS) : 0;
Show All 40 Lines

compiler-rt/lib/scudo/standalone/string_utils.h

Show All 11 Lines
#include "internal_defs.h" #include "internal_defs.h"
#include "vector.h" #include "vector.h"
#include <stdarg.h> #include <stdarg.h>
namespace scudo { namespace scudo {
class ScopedString { class ScopedString {
public: public:
explicit ScopedString(uptr MaxLength) : String(MaxLength), Length(0) { explicit ScopedString() : String() {
vitalybukaUnsubmitted
Done
ReplyInline Actions

Interface will be cleaner without InitialSize, we removed it sanitizer_common some time ago.

maybe for a separate patch:
uptr length() const { return buffer_.size() - 1; } can retire Length

vitalybuka: Interface will be cleaner without InitialSize, we removed it sanitizer_common some time ago.
if (String.capacity() > 0)
String[0] = '\0'; String[0] = '\0';
hctimUnsubmitted
Done
ReplyInline Actions

With InitialSize == 0, isn't this OOB?

hctim: With `InitialSize == 0`, isn't this OOB?
cryptoadAuthorUnsubmitted
Done
ReplyInline Actions

Well we always have at least the local buffer worth of space, so it won't OOB, but I see how this isn't obvious.
I am going to add a check.

cryptoad: Well we always have at least the local buffer worth of space, so it won't OOB, but I see how…
hctimUnsubmitted
Not Done
ReplyInline Actions

Yeah, logical bug. But if I'm reading correctly, it should currently trip the DCHECK :).

hctim: Yeah, logical bug. But if I'm reading correctly, it should currently trip the DCHECK :).
} }
uptr length() { return Length; } uptr length() { return Length; }
const char *data() { return String.data(); } const char *data() { return String.data(); }
void clear() { void clear() {
String[0] = '\0'; String[0] = '\0';
Length = 0; Length = 0;
} }
void append(const char *Format, va_list Args); void append(const char *Format, va_list Args);
void append(const char *Format, ...); void append(const char *Format, ...);
void output() const { outputRaw(String.data()); } void output() const { outputRaw(String.data()); }
private: private:
Vector<char> String; Vector<char> String;
uptr Length; uptr Length = 0;
}; };
int formatString(char *Buffer, uptr BufferLength, const char *Format, ...); int formatString(char *Buffer, uptr BufferLength, const char *Format, ...);
void Printf(const char *Format, ...); void Printf(const char *Format, ...);
} // namespace scudo } // namespace scudo
#endif // SCUDO_STRING_UTILS_H_ #endif // SCUDO_STRING_UTILS_H_

compiler-rt/lib/scudo/standalone/string_utils.cpp

Show First 20 LinesShow All 213 Lines▼ Show 20 Linesint formatString(char *Buffer, uptr BufferLength, const char *Format, ...) {
va_list Args; va_list Args;
va_start(Args, Format); va_start(Args, Format);
int Res = formatString(Buffer, BufferLength, Format, Args); int Res = formatString(Buffer, BufferLength, Format, Args);
va_end(Args); va_end(Args);
return Res; return Res;
} }
void ScopedString::append(const char *Format, va_list Args) { void ScopedString::append(const char *Format, va_list Args) {
DCHECK_LT(Length, String.size()); RAW_CHECK(Length <= String.size());
va_list ArgsCopy; va_list ArgsCopy;
va_copy(ArgsCopy, Args); va_copy(ArgsCopy, Args);
// formatString doesn't currently support a null buffer or zero buffer length, // formatString doesn't currently support a null buffer or zero buffer length,
// so in order to get the resulting formatted string length, we use a one-char // so in order to get the resulting formatted string length, we use a one-char
// buffer. // buffer.
char C[1]; char C[1];
const uptr AdditionalLength = const uptr AdditionalLength =
static_cast<uptr>(formatString(C, sizeof(C), Format, Args)) + 1; static_cast<uptr>(formatString(C, sizeof(C), Format, Args)) + 1;
String.resize(Length + AdditionalLength); String.resize(Length + AdditionalLength);
formatString(String.data() + Length, AdditionalLength, Format, ArgsCopy); formatString(String.data() + Length, AdditionalLength, Format, ArgsCopy);
va_end(ArgsCopy); va_end(ArgsCopy);
Length = strlen(String.data()); Length = strlen(String.data());
CHECK_LT(Length, String.size()); RAW_CHECK(Length < String.size());
} }
FORMAT(2, 3) FORMAT(2, 3)
void ScopedString::append(const char *Format, ...) { void ScopedString::append(const char *Format, ...) {
va_list Args; va_list Args;
va_start(Args, Format); va_start(Args, Format);
append(Format, Args); append(Format, Args);
va_end(Args); va_end(Args);
} }
FORMAT(1, 2) FORMAT(1, 2)
void Printf(const char *Format, ...) { void Printf(const char *Format, ...) {
va_list Args; va_list Args;
va_start(Args, Format); va_start(Args, Format);
ScopedString Msg(1024); ScopedString Msg;
Msg.append(Format, Args); Msg.append(Format, Args);
outputRaw(Msg.data()); outputRaw(Msg.data());
va_end(Args); va_end(Args);
} }
} // namespace scudo } // namespace scudo

compiler-rt/lib/scudo/standalone/tests/primary_test.cpp

Show First 20 LinesShow All 126 Lines▼ Show 20 Lines for (scudo::uptr J = 0; J < NumberOfAllocations; J++) {
memset(P, 'B', Size); memset(P, 'B', Size);
Pointers[J] = P; Pointers[J] = P;
} }
for (scudo::uptr J = 0; J < NumberOfAllocations; J++) for (scudo::uptr J = 0; J < NumberOfAllocations; J++)
Cache.deallocate(ClassId, Pointers[J]); Cache.deallocate(ClassId, Pointers[J]);
} }
Cache.destroy(nullptr); Cache.destroy(nullptr);
Allocator->releaseToOS(); Allocator->releaseToOS();
scudo::ScopedString Str(1024); scudo::ScopedString Str;
Allocator->getStats(&Str); Allocator->getStats(&Str);
Str.output(); Str.output();
} }
struct SmallRegionsConfig { struct SmallRegionsConfig {
using SizeClassMap = scudo::DefaultSizeClassMap; using SizeClassMap = scudo::DefaultSizeClassMap;
static const scudo::uptr PrimaryRegionSizeLog = 20U; static const scudo::uptr PrimaryRegionSizeLog = 20U;
static const scudo::s32 PrimaryMinReleaseToOsIntervalMs = INT32_MIN; static const scudo::s32 PrimaryMinReleaseToOsIntervalMs = INT32_MIN;
Show All 29 Lines for (scudo::uptr I = 0; I < 10000U; I++) {
Batches.push_back(B); Batches.push_back(B);
} }
while (!Batches.empty()) { while (!Batches.empty()) {
Allocator.pushBatch(ClassId, Batches.back()); Allocator.pushBatch(ClassId, Batches.back());
Batches.pop_back(); Batches.pop_back();
} }
Cache.destroy(nullptr); Cache.destroy(nullptr);
Allocator.releaseToOS(); Allocator.releaseToOS();
scudo::ScopedString Str(1024); scudo::ScopedString Str;
Allocator.getStats(&Str); Allocator.getStats(&Str);
Str.output(); Str.output();
EXPECT_EQ(AllocationFailed, true); EXPECT_EQ(AllocationFailed, true);
Allocator.unmapTestOnly(); Allocator.unmapTestOnly();
} }
SCUDO_TYPED_TEST(ScudoPrimaryTest, PrimaryIterate) { SCUDO_TYPED_TEST(ScudoPrimaryTest, PrimaryIterate) {
using Primary = TestAllocator<TypeParam, scudo::DefaultSizeClassMap>; using Primary = TestAllocator<TypeParam, scudo::DefaultSizeClassMap>;
Show All 21 LinesSCUDO_TYPED_TEST(ScudoPrimaryTest, PrimaryIterate) {
EXPECT_EQ(Found, V.size()); EXPECT_EQ(Found, V.size());
while (!V.empty()) { while (!V.empty()) {
auto Pair = V.back(); auto Pair = V.back();
Cache.deallocate(Pair.first, Pair.second); Cache.deallocate(Pair.first, Pair.second);
V.pop_back(); V.pop_back();
} }
Cache.destroy(nullptr); Cache.destroy(nullptr);
Allocator->releaseToOS(); Allocator->releaseToOS();
scudo::ScopedString Str(1024); scudo::ScopedString Str;
Allocator->getStats(&Str); Allocator->getStats(&Str);
Str.output(); Str.output();
} }
SCUDO_TYPED_TEST(ScudoPrimaryTest, PrimaryThreaded) { SCUDO_TYPED_TEST(ScudoPrimaryTest, PrimaryThreaded) {
using Primary = TestAllocator<TypeParam, scudo::SvelteSizeClassMap>; using Primary = TestAllocator<TypeParam, scudo::SvelteSizeClassMap>;
std::unique_ptr<Primary> Allocator(new Primary); std::unique_ptr<Primary> Allocator(new Primary);
Allocator->init(/*ReleaseToOsInterval=*/-1); Allocator->init(/*ReleaseToOsInterval=*/-1);
Show All 30 LinesSCUDO_TYPED_TEST(ScudoPrimaryTest, PrimaryThreaded) {
{ {
std::unique_lock<std::mutex> Lock(Mutex); std::unique_lock<std::mutex> Lock(Mutex);
Ready = true; Ready = true;
Cv.notify_all(); Cv.notify_all();
} }
for (auto &T : Threads) for (auto &T : Threads)
T.join(); T.join();
Allocator->releaseToOS(); Allocator->releaseToOS();
scudo::ScopedString Str(1024); scudo::ScopedString Str;
Allocator->getStats(&Str); Allocator->getStats(&Str);
Str.output(); Str.output();
} }
// Through a simple allocation that spans two pages, verify that releaseToOS // Through a simple allocation that spans two pages, verify that releaseToOS
// actually releases some bytes (at least one page worth). This is a regression // actually releases some bytes (at least one page worth). This is a regression
// test for an error in how the release criteria were computed. // test for an error in how the release criteria were computed.
SCUDO_TYPED_TEST(ScudoPrimaryTest, ReleaseToOS) { SCUDO_TYPED_TEST(ScudoPrimaryTest, ReleaseToOS) {
Show All 14 Lines

compiler-rt/lib/scudo/standalone/tests/quarantine_test.cpp

Show First 20 LinesShow All 208 Lines▼ Show 20 Lines if (!DrainOccurred && Cache.getSize() < CacheSize)
DrainOccurred = true; DrainOccurred = true;
CacheSize = Cache.getSize(); CacheSize = Cache.getSize();
} }
EXPECT_TRUE(DrainOccurred); EXPECT_TRUE(DrainOccurred);
Quarantine.drainAndRecycle(&Cache, Cb); Quarantine.drainAndRecycle(&Cache, Cb);
EXPECT_EQ(Cache.getSize(), 0UL); EXPECT_EQ(Cache.getSize(), 0UL);
scudo::ScopedString Str(1024); scudo::ScopedString Str;
Quarantine.getStats(&Str); Quarantine.getStats(&Str);
Str.output(); Str.output();
} }
struct PopulateQuarantineThread { struct PopulateQuarantineThread {
pthread_t Thread; pthread_t Thread;
QuarantineT *Quarantine; QuarantineT *Quarantine;
CacheT Cache; CacheT Cache;
Show All 15 LinesTEST(ScudoQuarantineTest, ThreadedGlobalQuarantine) {
PopulateQuarantineThread T[NumberOfThreads]; PopulateQuarantineThread T[NumberOfThreads];
for (scudo::uptr I = 0; I < NumberOfThreads; I++) { for (scudo::uptr I = 0; I < NumberOfThreads; I++) {
T[I].Quarantine = &Quarantine; T[I].Quarantine = &Quarantine;
pthread_create(&T[I].Thread, 0, populateQuarantine, &T[I]); pthread_create(&T[I].Thread, 0, populateQuarantine, &T[I]);
} }
for (scudo::uptr I = 0; I < NumberOfThreads; I++) for (scudo::uptr I = 0; I < NumberOfThreads; I++)
pthread_join(T[I].Thread, 0); pthread_join(T[I].Thread, 0);
scudo::ScopedString Str(1024); scudo::ScopedString Str;
Quarantine.getStats(&Str); Quarantine.getStats(&Str);
Str.output(); Str.output();
for (scudo::uptr I = 0; I < NumberOfThreads; I++) for (scudo::uptr I = 0; I < NumberOfThreads; I++)
Quarantine.drainAndRecycle(&T[I].Cache, Cb); Quarantine.drainAndRecycle(&T[I].Cache, Cb);
} }

compiler-rt/lib/scudo/standalone/tests/secondary_test.cpp

Show First 20 LinesShow All 58 Lines▼ Show 20 Linestemplate <typename Config> static void testSecondaryBasic(void) {
std::vector<void *> V; std::vector<void *> V;
for (scudo::uptr I = 0; I < 32U; I++) for (scudo::uptr I = 0; I < 32U; I++)
V.push_back(L->allocate(scudo::Options{}, Size)); V.push_back(L->allocate(scudo::Options{}, Size));
std::shuffle(V.begin(), V.end(), std::mt19937(std::random_device()())); std::shuffle(V.begin(), V.end(), std::mt19937(std::random_device()()));
while (!V.empty()) { while (!V.empty()) {
L->deallocate(scudo::Options{}, V.back()); L->deallocate(scudo::Options{}, V.back());
V.pop_back(); V.pop_back();
} }
scudo::ScopedString Str(1024); scudo::ScopedString Str;
L->getStats(&Str); L->getStats(&Str);
Str.output(); Str.output();
L->unmapTestOnly(); L->unmapTestOnly();
} }
struct NoCacheConfig { struct NoCacheConfig {
typedef scudo::MapAllocatorNoCache SecondaryCache; typedef scudo::MapAllocatorNoCache SecondaryCache;
static const bool MaySupportMemoryTagging = false; static const bool MaySupportMemoryTagging = false;
▲ Show 20 LinesShow All 41 Lines▼ Show 20 Lines for (scudo::uptr AlignLog = FIRST_32_SECOND_64(3, 4); AlignLog <= 16;
EXPECT_NE(P, nullptr); EXPECT_NE(P, nullptr);
void *AlignedP = reinterpret_cast<void *>( void *AlignedP = reinterpret_cast<void *>(
scudo::roundUpTo(reinterpret_cast<scudo::uptr>(P), Align)); scudo::roundUpTo(reinterpret_cast<scudo::uptr>(P), Align));
memset(AlignedP, 0xff, UserSize); memset(AlignedP, 0xff, UserSize);
L->deallocate(scudo::Options{}, P); L->deallocate(scudo::Options{}, P);
} }
} }
} }
scudo::ScopedString Str(1024); scudo::ScopedString Str;
L->getStats(&Str); L->getStats(&Str);
Str.output(); Str.output();
L->unmapTestOnly(); L->unmapTestOnly();
} }
TEST(ScudoSecondaryTest, SecondaryIterate) { TEST(ScudoSecondaryTest, SecondaryIterate) {
std::unique_ptr<LargeAllocator> L(new LargeAllocator); std::unique_ptr<LargeAllocator> L(new LargeAllocator);
L->init(nullptr); L->init(nullptr);
std::vector<void *> V; std::vector<void *> V;
const scudo::uptr PageSize = scudo::getPageSizeCached(); const scudo::uptr PageSize = scudo::getPageSizeCached();
for (scudo::uptr I = 0; I < 32U; I++) for (scudo::uptr I = 0; I < 32U; I++)
V.push_back(L->allocate(scudo::Options{}, (std::rand() % 16) * PageSize)); V.push_back(L->allocate(scudo::Options{}, (std::rand() % 16) * PageSize));
auto Lambda = [V](scudo::uptr Block) { auto Lambda = [V](scudo::uptr Block) {
EXPECT_NE(std::find(V.begin(), V.end(), reinterpret_cast<void *>(Block)), EXPECT_NE(std::find(V.begin(), V.end(), reinterpret_cast<void *>(Block)),
V.end()); V.end());
}; };
L->disable(); L->disable();
L->iterateOverBlocks(Lambda); L->iterateOverBlocks(Lambda);
L->enable(); L->enable();
while (!V.empty()) { while (!V.empty()) {
L->deallocate(scudo::Options{}, V.back()); L->deallocate(scudo::Options{}, V.back());
V.pop_back(); V.pop_back();
} }
scudo::ScopedString Str(1024); scudo::ScopedString Str;
L->getStats(&Str); L->getStats(&Str);
Str.output(); Str.output();
L->unmapTestOnly(); L->unmapTestOnly();
} }
TEST(ScudoSecondaryTest, SecondaryOptions) { TEST(ScudoSecondaryTest, SecondaryOptions) {
std::unique_ptr<LargeAllocator> L(new LargeAllocator); std::unique_ptr<LargeAllocator> L(new LargeAllocator);
L->init(nullptr); L->init(nullptr);
▲ Show 20 LinesShow All 54 Lines▼ Show 20 Lines for (scudo::uptr I = 0; I < ARRAY_SIZE(Threads); I++)
Threads[I] = std::thread(performAllocations, L.get()); Threads[I] = std::thread(performAllocations, L.get());
{ {
std::unique_lock<std::mutex> Lock(Mutex); std::unique_lock<std::mutex> Lock(Mutex);
Ready = true; Ready = true;
Cv.notify_all(); Cv.notify_all();
} }
for (auto &T : Threads) for (auto &T : Threads)
T.join(); T.join();
scudo::ScopedString Str(1024); scudo::ScopedString Str;
L->getStats(&Str); L->getStats(&Str);
Str.output(); Str.output();
L->unmapTestOnly(); L->unmapTestOnly();
} }

compiler-rt/lib/scudo/standalone/tests/strings_test.cpp

//===-- strings_test.cpp ----------------------------------------*- C++ -*-===// //===-- strings_test.cpp ----------------------------------------*- C++ -*-===//
// //
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information. // See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
#include "tests/scudo_unit_test.h" #include "tests/scudo_unit_test.h"
#include "string_utils.h" #include "string_utils.h"
#include <limits.h> #include <limits.h>
TEST(ScudoStringsTest, Basic) { TEST(ScudoStringsTest, Basic) {
scudo::ScopedString Str(128); scudo::ScopedString Str;
Str.append("a%db%zdc%ue%zuf%xh%zxq%pe%sr", static_cast<int>(-1), Str.append("a%db%zdc%ue%zuf%xh%zxq%pe%sr", static_cast<int>(-1),
static_cast<scudo::uptr>(-2), static_cast<unsigned>(-4), static_cast<scudo::uptr>(-2), static_cast<unsigned>(-4),
static_cast<scudo::uptr>(5), static_cast<unsigned>(10), static_cast<scudo::uptr>(5), static_cast<unsigned>(10),
static_cast<scudo::uptr>(11), reinterpret_cast<void *>(0x123), static_cast<scudo::uptr>(11), reinterpret_cast<void *>(0x123),
"_string_"); "_string_");
EXPECT_EQ(Str.length(), strlen(Str.data())); EXPECT_EQ(Str.length(), strlen(Str.data()));
std::string expectedString = "a-1b-2c4294967292e5fahbq0x"; std::string expectedString = "a-1b-2c4294967292e5fahbq0x";
expectedString += std::string(SCUDO_POINTER_FORMAT_LENGTH - 3, '0'); expectedString += std::string(SCUDO_POINTER_FORMAT_LENGTH - 3, '0');
expectedString += "123e_string_r"; expectedString += "123e_string_r";
EXPECT_EQ(Str.length(), strlen(Str.data())); EXPECT_EQ(Str.length(), strlen(Str.data()));
EXPECT_STREQ(expectedString.c_str(), Str.data()); EXPECT_STREQ(expectedString.c_str(), Str.data());
} }
TEST(ScudoStringsTest, Precision) { TEST(ScudoStringsTest, Precision) {
scudo::ScopedString Str(128); scudo::ScopedString Str;
Str.append("%.*s", 3, "12345"); Str.append("%.*s", 3, "12345");
EXPECT_EQ(Str.length(), strlen(Str.data())); EXPECT_EQ(Str.length(), strlen(Str.data()));
EXPECT_STREQ("123", Str.data()); EXPECT_STREQ("123", Str.data());
Str.clear(); Str.clear();
Str.append("%.*s", 6, "12345"); Str.append("%.*s", 6, "12345");
EXPECT_EQ(Str.length(), strlen(Str.data())); EXPECT_EQ(Str.length(), strlen(Str.data()));
EXPECT_STREQ("12345", Str.data()); EXPECT_STREQ("12345", Str.data());
Str.clear(); Str.clear();
Str.append("%-6s", "12345"); Str.append("%-6s", "12345");
EXPECT_EQ(Str.length(), strlen(Str.data())); EXPECT_EQ(Str.length(), strlen(Str.data()));
EXPECT_STREQ("12345 ", Str.data()); EXPECT_STREQ("12345 ", Str.data());
} }
static void fillString(scudo::ScopedString &Str, scudo::uptr Size) { static void fillString(scudo::ScopedString &Str, scudo::uptr Size) {
for (scudo::uptr I = 0; I < Size; I++) for (scudo::uptr I = 0; I < Size; I++)
Str.append("A"); Str.append("A");
} }
TEST(ScudoStringTest, PotentialOverflows) { TEST(ScudoStringTest, PotentialOverflows) {
// Use a ScopedString that spans a page, and attempt to write past the end // Use a ScopedString that spans a page, and attempt to write past the end
// of it with variations of append. The expectation is for nothing to crash. // of it with variations of append. The expectation is for nothing to crash.
const scudo::uptr PageSize = scudo::getPageSizeCached(); const scudo::uptr PageSize = scudo::getPageSizeCached();
scudo::ScopedString Str(PageSize); scudo::ScopedString Str;
Str.clear(); Str.clear();
fillString(Str, 2 * PageSize); fillString(Str, 2 * PageSize);
Str.clear(); Str.clear();
fillString(Str, PageSize - 64); fillString(Str, PageSize - 64);
Str.append("%-128s", "12345"); Str.append("%-128s", "12345");
Str.clear(); Str.clear();
fillString(Str, PageSize - 16); fillString(Str, PageSize - 16);
Str.append("%024x", 12345); Str.append("%024x", 12345);
Str.clear(); Str.clear();
fillString(Str, PageSize - 16); fillString(Str, PageSize - 16);
Str.append("EEEEEEEEEEEEEEEEEEEEEEEE"); Str.append("EEEEEEEEEEEEEEEEEEEEEEEE");
} }
template <typename T> template <typename T>
static void testAgainstLibc(const char *Format, T Arg1, T Arg2) { static void testAgainstLibc(const char *Format, T Arg1, T Arg2) {
scudo::ScopedString Str(128); scudo::ScopedString Str;
Str.append(Format, Arg1, Arg2); Str.append(Format, Arg1, Arg2);
char Buffer[128]; char Buffer[128];
snprintf(Buffer, sizeof(Buffer), Format, Arg1, Arg2); snprintf(Buffer, sizeof(Buffer), Format, Arg1, Arg2);
EXPECT_EQ(Str.length(), strlen(Str.data())); EXPECT_EQ(Str.length(), strlen(Str.data()));
EXPECT_STREQ(Buffer, Str.data()); EXPECT_STREQ(Buffer, Str.data());
} }
TEST(ScudoStringsTest, MinMax) { TEST(ScudoStringsTest, MinMax) {
Show All 20 Lines

compiler-rt/lib/scudo/standalone/tests/vector_test.cpp

Show All 17 LinesTEST(ScudoVectorTest, Basic) {
EXPECT_EQ(V[0], 42); EXPECT_EQ(V[0], 42);
V.push_back(43); V.push_back(43);
EXPECT_EQ(V.size(), 2U); EXPECT_EQ(V.size(), 2U);
EXPECT_EQ(V[0], 42); EXPECT_EQ(V[0], 42);
EXPECT_EQ(V[1], 43); EXPECT_EQ(V[1], 43);
} }
TEST(ScudoVectorTest, Stride) { TEST(ScudoVectorTest, Stride) {
scudo::Vector<int> V; scudo::Vector<scudo::uptr> V;
for (int i = 0; i < 1000; i++) { for (scudo::uptr I = 0; I < 1000; I++) {
hctimUnsubmitted
Not Done
ReplyInline Actions

why /s/int/uptr? I mean, okay to keep the change, but if so also change the type of the Vector

hctim: why `/s/int/uptr`? I mean, okay to keep the change, but if so also change the type of the Vector
V.push_back(i); V.push_back(I);
EXPECT_EQ(V.size(), i + 1U); EXPECT_EQ(V.size(), I + 1U);
EXPECT_EQ(V[i], i); EXPECT_EQ(V[I], I);
} }
for (int i = 0; i < 1000; i++) for (scudo::uptr I = 0; I < 1000; I++)
EXPECT_EQ(V[i], i); EXPECT_EQ(V[I], I);
} }
TEST(ScudoVectorTest, ResizeReduction) { TEST(ScudoVectorTest, ResizeReduction) {
scudo::Vector<int> V; scudo::Vector<int> V;
V.push_back(0); V.push_back(0);
V.push_back(0); V.push_back(0);
EXPECT_EQ(V.size(), 2U); EXPECT_EQ(V.size(), 2U);
V.resize(1); V.resize(1);
EXPECT_EQ(V.size(), 1U); EXPECT_EQ(V.size(), 1U);
} }

compiler-rt/lib/scudo/standalone/vector.h

Show All 11 Lines
#include "common.h" #include "common.h"
#include <string.h> #include <string.h>
namespace scudo { namespace scudo {
// A low-level vector based on map. May incur a significant memory overhead for // A low-level vector based on map. May incur a significant memory overhead for
// small vectors. The current implementation supports only POD types. // small vectors. The current implementation supports only POD types.
template <typename T> class VectorNoCtor { template <typename T> class VectorNoCtor {
vitalybukaUnsubmitted
Not Done
ReplyInline Actions

As is seems all users of VectorNoCtor will need to re-think consequences of failed push_back.
Interface mimics std::vector, but it's unexpected that after N push_back() container may be smaller than N.

Maybe we can we rather set max grow size for Trusty and crash if it's reached. Which also a problem, but at least easy to detect.

another alternative is to assume that Trusty will can handle Grow in most cases and when it cant, we can handle that explicitly on caller side by checking container size before push_back

vitalybuka: As is seems all users of VectorNoCtor will need to re-think consequences of failed push_back.
public: public:
void init(uptr InitialCapacity) { void init(uptr InitialCapacity = 0) {
CapacityBytes = 0; Data = reinterpret_cast<T *>(&LocalData[0]);
Size = 0; CapacityBytes = sizeof(LocalData);
Data = nullptr;
reserve(InitialCapacity); reserve(InitialCapacity);
} }
void destroy() { void destroy() {
if (Data) if (Data != reinterpret_cast<T *>(&LocalData[0]))
unmap(Data, CapacityBytes); unmap(Data, CapacityBytes);
} }
T &operator[](uptr I) { T &operator[](uptr I) {
DCHECK_LT(I, Size); DCHECK_LT(I, Size);
return Data[I]; return Data[I];
} }
const T &operator[](uptr I) const { const T &operator[](uptr I) const {
DCHECK_LT(I, Size); DCHECK_LT(I, Size);
Show All 39 Linespublic:
T *begin() { return data(); } T *begin() { return data(); }
const T *end() const { return data() + size(); } const T *end() const { return data() + size(); }
T *end() { return data() + size(); } T *end() { return data() + size(); }
private: private:
void reallocate(uptr NewCapacity) { void reallocate(uptr NewCapacity) {
DCHECK_GT(NewCapacity, 0); DCHECK_GT(NewCapacity, 0);
DCHECK_LE(Size, NewCapacity); DCHECK_LE(Size, NewCapacity);
const uptr NewCapacityBytes = NewCapacity = roundUpTo(NewCapacity * sizeof(T), getPageSizeCached());
roundUpTo(NewCapacity * sizeof(T), getPageSizeCached());
T *NewData = T *NewData =
reinterpret_cast<T *>(map(nullptr, NewCapacityBytes, "scudo:vector")); reinterpret_cast<T *>(map(nullptr, NewCapacity, "scudo:vector"));
if (Data) {
memcpy(NewData, Data, Size * sizeof(T)); memcpy(NewData, Data, Size * sizeof(T));
unmap(Data, CapacityBytes); destroy();
}
Data = NewData; Data = NewData;
CapacityBytes = NewCapacityBytes; CapacityBytes = NewCapacity;
} }
T *Data; T *Data = nullptr;
uptr CapacityBytes; u8 LocalData[256] = {};
hctimUnsubmitted
Not Done
ReplyInline Actions

Is stack size a problem?

If so, we could typedef this (template <typename T, int StackBufferBytes = 256> class VectorNoCtor) and in places where we know the upper bound, we can bound the stack buffer size as well.

hctim: Is stack size a problem? If so, we could typedef this (`template <typename T, int…
cryptoadAuthorUnsubmitted
Done
ReplyInline Actions

Apparently stack is 1 page as well. 256 should be fine, but I will revisit with CanGrow as well.

cryptoad: Apparently stack is 1 page as well. 256 should be fine, but I will revisit with `CanGrow` as…
uptr Size; uptr CapacityBytes = 0;
uptr Size = 0;
}; };
template <typename T> class Vector : public VectorNoCtor<T> { template <typename T> class Vector : public VectorNoCtor<T> {
public: public:
Vector() { VectorNoCtor<T>::init(1); } Vector() { VectorNoCtor<T>::init(); }
explicit Vector(uptr Count) { explicit Vector(uptr Count) {
VectorNoCtor<T>::init(Count); VectorNoCtor<T>::init(Count);
this->resize(Count); this->resize(Count);
} }
~Vector() { VectorNoCtor<T>::destroy(); } ~Vector() { VectorNoCtor<T>::destroy(); }
// Disallow copies and moves. // Disallow copies and moves.
Vector(const Vector &) = delete; Vector(const Vector &) = delete;
Vector &operator=(const Vector &) = delete; Vector &operator=(const Vector &) = delete;
Vector(Vector &&) = delete; Vector(Vector &&) = delete;
Vector &operator=(Vector &&) = delete; Vector &operator=(Vector &&) = delete;
}; };
} // namespace scudo } // namespace scudo
#endif // SCUDO_VECTOR_H_ #endif // SCUDO_VECTOR_H_