This is an archive of the discontinued LLVM Phabricator instance.

This needs a stub GetRSS for Fuchsia, at least.
Since there's no way to get a useful value for this on Fuchsia as yet, it would be preferable to conditionalize the machinery so it isn't doing no-op work.

The feature right now is only supported on LINUX. isRssLimitExceeded() is protected by #if and inlined in any non-linux system and a generic GetRSS symbol is exported in any non-Linux systems (so even with LD_BIND_NOW the symbol exists/resolves). GetRSS() never gets called since it is only called by isRssLimitExceeded() and by a flow conditioned in the isRssLimitExceeded result.

With optimizations on, even the references to the functions and the entire conditional block get removed.

Harbormaster completed remote builds in B168471: Diff 435038.Jun 7 2022, 8:31 PM

Can you reupload the patch with full context?

compiler-rt/lib/scudo/standalone/linux.cpp
185	The opening brace should be on the previous line.
190	The opening brace should be on the previous line.
195	The opening brace should be on the previous line.
compiler-rt/lib/scudo/standalone/report.cpp
40	The opening brace should be on the previous line.

Fixed the few style errors pointed out (thank you!) and submitting a full context patch.

Harbormaster completed remote builds in B168596: Diff 435201.Jun 8 2022, 10:15 AM

Fixed compiler warnings due to implicit type conversions, got more pedantic on using the right types (even for compatible ones).

bsdaemon added a comment.Jun 23 2022, 4:45 AM

This comment was removed by bsdaemon.

Harbormaster completed remote builds in B171566: Diff 439333.Jun 23 2022, 5:03 AM

Added LLVM code-style fixes

Harbormaster completed remote builds in B172207: Diff 440238.Jun 27 2022, 8:33 AM

mcgrathr added inline comments.Jul 6 2022, 11:21 AM

compiler-rt/lib/scudo/standalone/atomic_helpers.h
127 ↗	(On Diff #440238)	This should use the call above with true instead of false for the bool argument.
compiler-rt/lib/scudo/standalone/combined.h
351	excess space between parens
737	It's better not to use ALWAYS_INLINE and leave it to the compiler to decide (which it will). Provide the stub GetRSS function even when you expect calls to it to be optimized away.
741	Use false, not 0.
1019	Put spaces around the =.

vitalybuka requested changes to this revision.Jul 7 2022, 10:25 AM

vitalybuka added inline comments.

compiler-rt/lib/scudo/standalone/atomic_helpers.h
127 ↗	(On Diff #440238)	please move this into a separate patch and extend compiler-rt/lib/scudo/standalone/tests/atomic_test.cpp for context, you can organize patches into "stack" using "edit related revision" in the Phabricator menu.
compiler-rt/lib/scudo/standalone/combined.h
351	just clangformat entire patch
355	static_cast
compiler-rt/lib/scudo/standalone/flags.inc
49	limits need own tests as well
compiler-rt/lib/scudo/standalone/linux.cpp
198	How about moving GetRSS() (with a test) implementation into a separate patch?

This revision now requires changes to proceed.Jul 7 2022, 10:25 AM

1c3t3a mentioned this in D138406: scudo-standalone: Add atomic_compare_exchange_weak.Nov 21 2022, 1:27 AM

Bastian Kersting started splitting the patch and making the suggested changes. The first in the series is here: https://reviews.llvm.org/D138406 - I appreciate if folks here help reviewing/merging.

1c3t3a added a parent revision: D138406: scudo-standalone: Add atomic_compare_exchange_weak.Dec 1 2022, 4:46 AM

1c3t3a mentioned this in D139430: scudo-standalone: Add GetRSS method on Linux.Dec 6 2022, 6:59 AM

Can you please rebase this one?

compiler-rt/lib/scudo/standalone/combined.h
708	can you measure a meaningful difference or real apps between weak vs strong here?

vitalybuka mentioned this in rGcc02d61b459f: scudo-standalone: Add GetRSS method on Linux.Dec 8 2022, 1:38 PM

1c3t3a added a subscriber: 1c3t3a.Dec 19 2022, 3:28 AM

Herald added a subscriber: Chia-hungDuan. · View Herald TranscriptDec 19 2022, 3:28 AM

1c3t3a added a commit: rG0514d3f4063f: [NFC][scudo] Fix warnings in tests after D139430.Dec 19 2022, 3:29 AM

Rebase on commit chain and latest main.

Harbormaster completed remote builds in B203891: Diff 483931.Dec 19 2022, 5:57 AM

Add requested changes and tests for Hard and Soft RSS limits

Harbormaster completed remote builds in B204106: Diff 484194.Dec 20 2022, 2:09 AM

1c3t3a added inline comments.Dec 20 2022, 2:10 AM

compiler-rt/lib/scudo/standalone/combined.h

708

I benchmarked this method and found not a big difference but a difference between weak and strong here. I benchmarked this on an ARM (aarch64) machine with the following findings:

2022-12-15T09:02:48-08:00
Running third_party/llvm/llvm-project/compiler-rt/scudo_benchmarks
Run on (64 X 3000 MHz CPU s)
CPU Caches:
  L1 Data 64 KiB (x64)
  L1 Instruction 64 KiB (x64)
  L2 Unified 1024 KiB (x64)
  L3 Unified 32768 KiB (x1)
Load Average: 4.02, 9.90, 14.71
-----------------------------------------------------------------
Benchmark                       Time             CPU   Iterations
-----------------------------------------------------------------
BM_IsRssExceeded             47.6 ns         47.5 ns     14772023
BM_IsRssExceededStrong       47.8 ns         47.7 ns     14673854

I get that this is not a big difference, but I would still argue that it is enough to use weak here. We could introduce a compilation parameter with the default weak.

vitalybuka added inline comments.Dec 20 2022, 10:31 PM

compiler-rt/lib/scudo/standalone/combined.h
167	zero initialized value will work the same
699	Probably nicer to put this method and related fields into another class, e.g class RssLimitChecker { atomic_u64 RssLastCheckedAtNS = {}; atomic_u8 RssLimitExceeded = {}; // Slow part in cpp file bool Check(); public: // Inline fast path. bool isExceeded() { u64 LastCheck = atomic_load_relaxed(&RssLastCheckedAtNS); const u64 CurrentCheck = getMonotonicTime(); if (UNLIKELY(CurrentCheck >= LastCheck + (250ULL * 1000000ULL))) Check(); return atomic_load_relaxed(&RssLimitExceeded); } }
705	instead of adding interval here, add it when you store it in compare_exchange then it should be named LastCheck -> NextCheck CurrentCheck could be named e.g. "Now".
708	Then please just switch to strong
723–730
compiler-rt/lib/scudo/standalone/tests/combined_test.cpp
778	This relies on the order of the test execution everything after this will see scudo::getFlags()->soft_rss_limit_mb = 1 for avoid this the test should backup and restore flags
794	this code does not use {} for one line loop bodies
801	restore flags

1c3t3a removed a parent revision: D138406: scudo-standalone: Add atomic_compare_exchange_weak.Dec 21 2022, 5:07 AM

Add requested changes

Harbormaster completed remote builds in B204371: Diff 484551.Dec 21 2022, 6:16 AM

This looks good to me with nits

compiler-rt/lib/scudo/standalone/combined.h
165	remove {}
351–352	redundant ()
compiler-rt/lib/scudo/standalone/common.h
223	atomic_compare_exchange_strong is in UNLIKELY branch already sink it into the Check() to avoid unnecessary inlining it
241	Remove redundant ULL as result fits into int32 Remove redundant ()
compiler-rt/lib/scudo/standalone/linux.cpp
230	remove {}
231	maybe nicer to RssLimitExceeded -> enum {Neither, Soft, Hard} and move reportRSSCheck() same place where you report soft limit

you don't need getOptionsForTesting if you can run init after updating flags

compiler-rt/lib/scudo/standalone/combined.h
165	get from RssChecker
356	please add and use RssChecker.getSoftRssLimit() RssChecker.getHardRssLimit() So we have not concerns if IsExceeded and this message use the same value.
compiler-rt/lib/scudo/standalone/linux.cpp
217	Return here if they are both zeroes and eliminate CheckRssLimit?

Add requested changes and reorganize tests

I also restructured the tests to get rid of getOptionsForTesting and the flags since this is now read at the creation of the RssChecker.

compiler-rt/lib/scudo/standalone/common.h
223	That would mean Check needs the `NextCheck` variable for context and that would become a parameter of Check right?
compiler-rt/lib/scudo/standalone/linux.cpp
217	Done. What do you mean by "eliminate CheckRssLimit"?

Harbormaster completed remote builds in B204582: Diff 484837.Dec 22 2022, 7:47 AM

Remove unused headers

Harbormaster completed remote builds in B204588: Diff 484844.Dec 22 2022, 8:12 AM

Fix init of limits

Harbormaster completed remote builds in B204600: Diff 484861.Dec 22 2022, 9:25 AM

vitalybuka edited the summary of this revision. (Show Details)Dec 22 2022, 11:39 AM

update

vitalybuka accepted this revision.Dec 22 2022, 7:32 PM

This revision is now accepted and ready to land.Dec 22 2022, 7:32 PM

rebase

This revision was landed with ongoing or failed builds.Dec 22 2022, 7:45 PM

Closed by commit rGba0ec6f15f55: Add Soft/Hard RSS Limits to Scudo Standalone (authored by 1c3t3a, committed by vitalybuka). · Explain Why

This revision was automatically updated to reflect the committed changes.

vitalybuka added a commit: rGba0ec6f15f55: Add Soft/Hard RSS Limits to Scudo Standalone.

Harbormaster completed remote builds in B204720: Diff 485025.Dec 22 2022, 8:13 PM

Revision Contents

Path

Size

compiler-rt/

lib/

scudo/

standalone/

23 lines

46 lines

2 lines

10 lines

2 lines

32 lines

1 line

6 lines

tests/

combined_test.cpp

133 lines

Diff 484837

compiler-rt/lib/scudo/standalone/combined.h

Show First 20 Lines • Show All 156 Lines • ▼ Show 20 Lines void init() {

if (getFlags()->dealloc_type_mismatch) if (getFlags()->dealloc_type_mismatch)

Primary.Options.set(OptionBit::DeallocTypeMismatch); Primary.Options.set(OptionBit::DeallocTypeMismatch);

if (getFlags()->delete_size_mismatch) if (getFlags()->delete_size_mismatch)

Primary.Options.set(OptionBit::DeleteSizeMismatch); Primary.Options.set(OptionBit::DeleteSizeMismatch);

if (allocatorSupportsMemoryTagging<Params>() && if (allocatorSupportsMemoryTagging<Params>() &&

systemSupportsMemoryTagging()) systemSupportsMemoryTagging())

Primary.Options.set(OptionBit::UseMemoryTagging); Primary.Options.set(OptionBit::UseMemoryTagging);

Primary.Options.set(OptionBit::UseOddEvenTags); Primary.Options.set(OptionBit::UseOddEvenTags);

if (RssChecker.getHardRssLimit() || RssChecker.getSoftRssLimit())

vitalybukaUnsubmitted

Not Done

remove {}

vitalybuka: remove {}

vitalybukaUnsubmitted

Not Done

get from RssChecker

vitalybuka: get from RssChecker

Primary.Options.set(OptionBit::CheckRssLimit);

vitalybukaUnsubmitted

Not Done

Primary.Options.set(OptionBit::CheckRssLimit);

- atomic_store_relaxed(&RssLastCheckedAtNS, getMonotonicTime());

}

QuarantineMaxChunkSize =

zero initialized value will work the same

vitalybuka: zero initialized value will work the same

QuarantineMaxChunkSize = QuarantineMaxChunkSize =

static_cast<u32>(getFlags()->quarantine_max_chunk_size); static_cast<u32>(getFlags()->quarantine_max_chunk_size);

Stats.init(); Stats.init();

const s32 ReleaseToOsIntervalMs = getFlags()->release_to_os_interval_ms; const s32 ReleaseToOsIntervalMs = getFlags()->release_to_os_interval_ms;

Primary.init(ReleaseToOsIntervalMs); Primary.init(ReleaseToOsIntervalMs);

Secondary.init(&Stats, ReleaseToOsIntervalMs); Secondary.init(&Stats, ReleaseToOsIntervalMs);

Quarantine.init( Quarantine.init(

▲ Show 20 Lines • Show All 167 Lines • ▼ Show 20 Lines #endif // GWP_ASAN_HOOKS

static_assert(MaxAllowedMallocSize < UINTPTR_MAX - MaxAlignment, ""); static_assert(MaxAllowedMallocSize < UINTPTR_MAX - MaxAlignment, "");

if (UNLIKELY(Size >= MaxAllowedMallocSize)) { if (UNLIKELY(Size >= MaxAllowedMallocSize)) {

if (Options.get(OptionBit::MayReturnNull)) if (Options.get(OptionBit::MayReturnNull))

return nullptr; return nullptr;

reportAllocationSizeTooBig(Size, NeededSize, MaxAllowedMallocSize); reportAllocationSizeTooBig(Size, NeededSize, MaxAllowedMallocSize);

} }

DCHECK_LE(Size, NeededSize); DCHECK_LE(Size, NeededSize);

if (Options.get(OptionBit::CheckRssLimit)) {

mcgrathrUnsubmitted

Not Done

excess space between parens

mcgrathr: excess space between parens

vitalybukaUnsubmitted

Not Done

just clangformat entire patch

vitalybuka: just clangformat entire patch

auto RssExceeded = RssChecker.GetRssLimitExceeded();

vitalybukaUnsubmitted

Not Done

DCHECK_LE(Size, NeededSize);

- if ((Options.get(OptionBit::CheckRssLimit)) &&

+ if (Options.get(OptionBit::CheckRssLimit) &&

UNLIKELY(RssChecker.IsExceeded())) {

if (Options.get(OptionBit::MayReturnNull))

redundant ()

vitalybuka: redundant ()

if (UNLIKELY(RssExceeded == RssLimitChecker::Soft)) {

if (Options.get(OptionBit::MayReturnNull))

vitalybukaUnsubmitted

Not Done

static_cast

vitalybuka: static_cast

return nullptr;

vitalybukaUnsubmitted

Not Done

please add and use RssChecker.getSoftRssLimit() RssChecker.getHardRssLimit()
So we have not concerns if IsExceeded and this message use the same value.

vitalybuka: please add and use RssChecker.getSoftRssLimit() RssChecker.getHardRssLimit() So we have not…

const u64 CurrentRssMb = GetRSS() >> 20;

u64 SoftRssLimitMb = RssChecker.getSoftRssLimit();

reportRSSCheck("Soft RSS limit exhausted (Limit x Current): ",

SoftRssLimitMb, CurrentRssMb);

} else if (UNLIKELY(RssExceeded == RssLimitChecker::Hard)) {

const u64 CurrentRssMb = GetRSS() >> 20;

u64 HardRssLimitMb = RssChecker.getHardRssLimit();

reportRSSCheck("Hard RSS limit exhausted (Limit x Current): ",

HardRssLimitMb, CurrentRssMb);

}

void *Block = nullptr; void *Block = nullptr;

uptr ClassId = 0; uptr ClassId = 0;

uptr SecondaryBlockEnd = 0; uptr SecondaryBlockEnd = 0;

if (LIKELY(PrimaryT::canAllocate(NeededSize))) { if (LIKELY(PrimaryT::canAllocate(NeededSize))) {

ClassId = SizeClassMap::getClassIdBySize(NeededSize); ClassId = SizeClassMap::getClassIdBySize(NeededSize);

DCHECK_NE(ClassId, 0U); DCHECK_NE(ClassId, 0U);

bool UnlockRequired; bool UnlockRequired;

auto *TSD = TSDRegistry.getTSDAndLock(&UnlockRequired); auto *TSD = TSDRegistry.getTSDAndLock(&UnlockRequired);

▲ Show 20 Lines • Show All 312 Lines • ▼ Show 20 Lines if (LIKELY(NewPtr)) {

quarantineOrDeallocateChunk(Options, OldTaggedPtr, &OldHeader, OldSize); quarantineOrDeallocateChunk(Options, OldTaggedPtr, &OldHeader, OldSize);

} }

return NewPtr; return NewPtr;

} }

// TODO(kostyak): disable() is currently best-effort. There are some small // TODO(kostyak): disable() is currently best-effort. There are some small

// windows of time when an allocation could still succeed after // windows of time when an allocation could still succeed after

// this function finishes. We will revisit that later. // this function finishes. We will revisit that later.

void disable() { void disable() {

vitalybukaUnsubmitted

Not Done

Probably nicer to put this method and related fields into another class, e.g

class RssLimitChecker {
 atomic_u64 RssLastCheckedAtNS = {};
 atomic_u8 RssLimitExceeded = {};

  // Slow part in cpp file
  bool Check();

public:
 // Inline fast path.
 bool isExceeded() {
    u64 LastCheck = atomic_load_relaxed(&RssLastCheckedAtNS);
    const u64 CurrentCheck = getMonotonicTime();
     if (UNLIKELY(CurrentCheck >= LastCheck + (250ULL * 1000000ULL)))
       Check();
     return atomic_load_relaxed(&RssLimitExceeded);

 }
 
}

vitalybuka: Probably nicer to put this method and related fields into another class, e.g ``` class…

initThreadMaybe(); initThreadMaybe();

#ifdef GWP_ASAN_HOOKS #ifdef GWP_ASAN_HOOKS

GuardedAlloc.disable(); GuardedAlloc.disable();

#endif #endif

TSDRegistry.disable(); TSDRegistry.disable();

Stats.disable(); Stats.disable();

vitalybukaUnsubmitted

Not Done

instead of adding interval here,
add it when you store it in compare_exchange
then it should be named LastCheck -> NextCheck

CurrentCheck could be named e.g. "Now".

vitalybuka: instead of adding interval here, add it when you store it in compare_exchange then it should…

Quarantine.disable(); Quarantine.disable();

Primary.disable(); Primary.disable();

Secondary.disable(); Secondary.disable();

vitalybukaUnsubmitted

Not Done

can you measure a meaningful difference or real apps between weak vs strong here?

vitalybuka: can you measure a meaningful difference or real apps between weak vs strong here?

1c3t3aUnsubmitted

Not Done

I benchmarked this method and found not a big difference but a difference between weak and strong here. I benchmarked this on an ARM (aarch64) machine with the following findings:

2022-12-15T09:02:48-08:00
Running third_party/llvm/llvm-project/compiler-rt/scudo_benchmarks
Run on (64 X 3000 MHz CPU s)
CPU Caches:
  L1 Data 64 KiB (x64)
  L1 Instruction 64 KiB (x64)
  L2 Unified 1024 KiB (x64)
  L3 Unified 32768 KiB (x1)
Load Average: 4.02, 9.90, 14.71
-----------------------------------------------------------------
Benchmark                       Time             CPU   Iterations
-----------------------------------------------------------------
BM_IsRssExceeded             47.6 ns         47.5 ns     14772023
BM_IsRssExceededStrong       47.8 ns         47.7 ns     14673854

I get that this is not a big difference, but I would still argue that it is enough to use weak here. We could introduce a compilation parameter with the default weak.

1c3t3a: I benchmarked this method and found not a big difference but a difference between `weak` and…

vitalybukaUnsubmitted

Not Done

Then please just switch to strong

vitalybuka: Then please just switch to strong

} }

void enable() { void enable() {

initThreadMaybe(); initThreadMaybe();

Secondary.enable(); Secondary.enable();

Primary.enable(); Primary.enable();

Quarantine.enable(); Quarantine.enable();

Stats.enable(); Stats.enable();

TSDRegistry.enable(); TSDRegistry.enable();

#ifdef GWP_ASAN_HOOKS #ifdef GWP_ASAN_HOOKS

GuardedAlloc.enable(); GuardedAlloc.enable();

#endif #endif

} }

// The function returns the amount of bytes required to store the statistics, // The function returns the amount of bytes required to store the statistics,

// which might be larger than the amount of bytes provided. Note that the // which might be larger than the amount of bytes provided. Note that the

// statistics buffer is not necessarily constant between calls to this // statistics buffer is not necessarily constant between calls to this

// function. This can be called with a null buffer or zero size for buffer // function. This can be called with a null buffer or zero size for buffer

// sizing purposes. // sizing purposes.

uptr getStats(char *Buffer, uptr Size) { uptr getStats(char *Buffer, uptr Size) {

ScopedString Str; ScopedString Str;

disable(); disable();

vitalybukaUnsubmitted

Not Done

if (SoftRssLimitMb) {

- if (atomic_load_relaxed(&RssLimitExceeded)) {

- if (CurrentRssMb <= SoftRssLimitMb)

- atomic_store_relaxed(&RssLimitExceeded, false);

- } else {

- if (CurrentRssMb > SoftRssLimitMb) {

- atomic_store_relaxed(&RssLimitExceeded, true);

- }

+ atomic_store_relaxed(&RssLimitExceeded, CurrentRssMb > SoftRssLimitMb);

}

return atomic_load_relaxed(&RssLimitExceeded);

vitalybuka:

const uptr Length = getStats(&Str) + 1; const uptr Length = getStats(&Str) + 1;

enable(); enable();

if (Length < Size) if (Length < Size)

Size = Length; Size = Length;

if (Buffer && Size) { if (Buffer && Size) {

memcpy(Buffer, Str.data(), Size); memcpy(Buffer, Str.data(), Size);

Buffer[Size - 1] = '\0'; Buffer[Size - 1] = '\0';

mcgrathrUnsubmitted

Not Done

It's better not to use ALWAYS_INLINE and leave it to the compiler to decide (which it will).
Provide the stub GetRSS function even when you expect calls to it to be optimized away.

mcgrathr: It's better not to use ALWAYS_INLINE and leave it to the compiler to decide (which it will).

} }

return Length; return Length;

} }

mcgrathrUnsubmitted

Not Done

Use false, not 0.

mcgrathr: Use false, not 0.

void printStats() { void printStats() {

ScopedString Str; ScopedString Str;

disable(); disable();

getStats(&Str); getStats(&Str);

enable(); enable();

Str.output(); Str.output();

} }

▲ Show 20 Lines • Show All 261 Lines • ▼ Show 20 Lines private:

u32 QuarantineMaxChunkSize = 0; u32 QuarantineMaxChunkSize = 0;

GlobalStats Stats; GlobalStats Stats;

PrimaryT Primary; PrimaryT Primary;

SecondaryT Secondary; SecondaryT Secondary;

QuarantineT Quarantine; QuarantineT Quarantine;

TSDRegistryT TSDRegistry; TSDRegistryT TSDRegistry;

pthread_once_t PostInitNonce = PTHREAD_ONCE_INIT; pthread_once_t PostInitNonce = PTHREAD_ONCE_INIT;

RssLimitChecker RssChecker;

mcgrathrUnsubmitted

Not Done

Put spaces around the =.

mcgrathr: Put spaces around the =.

#ifdef GWP_ASAN_HOOKS #ifdef GWP_ASAN_HOOKS

gwp_asan::GuardedPoolAllocator GuardedAlloc; gwp_asan::GuardedPoolAllocator GuardedAlloc;

uptr GuardedAllocSlotSize = 0; uptr GuardedAllocSlotSize = 0;

#endif // GWP_ASAN_HOOKS #endif // GWP_ASAN_HOOKS

StackDepot Depot; StackDepot Depot;

▲ Show 20 Lines • Show All 436 Lines • Show Last 20 Lines

compiler-rt/lib/scudo/standalone/common.h

	//===-- common.h ------------------------------------------------- C++ --===//			//===-- common.h ------------------------------------------------- C++ --===//
	//			//
	// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.			// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
	// See https://llvm.org/LICENSE.txt for license information.			// See https://llvm.org/LICENSE.txt for license information.
	// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception			// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
	//			//
	//===----------------------------------------------------------------------===//			//===----------------------------------------------------------------------===//

	#ifndef SCUDO_COMMON_H_			#ifndef SCUDO_COMMON_H_
	#define SCUDO_COMMON_H_			#define SCUDO_COMMON_H_

				#include "atomic_helpers.h"
				#include "flags.h"
	#include "internal_defs.h"			#include "internal_defs.h"

	#include "fuchsia.h"			#include "fuchsia.h"
	#include "linux.h"			#include "linux.h"
	#include "trusty.h"			#include "trusty.h"

	#include <stddef.h>			#include <stddef.h>
	#include <string.h>			#include <string.h>
	▲ Show 20 Lines • Show All 183 Lines • ▼ Show 20 Lines

	enum FillContentsMode {			enum FillContentsMode {
	NoFill = 0,			NoFill = 0,
	ZeroFill = 1,			ZeroFill = 1,
	PatternOrZeroFill = 2 // Pattern fill unless the memory is known to be			PatternOrZeroFill = 2 // Pattern fill unless the memory is known to be
	// zero-initialized already.			// zero-initialized already.
	};			};

				class RssLimitChecker {
				public:
				enum RssLimitExceeded {
				Neither,
				Soft,
				Hard,
				};

				#if SCUDO_LINUX
				// Opportunistic RSS limit check. This will update the RSS limit status, if
				// it can, every 250ms, otherwise it will just return the current one.
				vitalybukaUnsubmitted Not Done Reply Inline Actions atomic_compare_exchange_strong is in UNLIKELY branch already sink it into the Check() to avoid unnecessary inlining it vitalybuka: atomic_compare_exchange_strong is in UNLIKELY branch already sink it into the Check() to avoid…
				1c3t3aUnsubmitted Not Done Reply Inline Actions That would mean Check needs the `NextCheck` variable for context and that would become a parameter of Check right? 1c3t3a: That would mean Check needs the `NextCheck` variable for context and that would become a…
				RssLimitExceeded GetRssLimitExceeded() {
				u64 NextCheck = atomic_load_relaxed(&RssNextCheckAtNS);
				u64 Now = getMonotonicTime();

				if (UNLIKELY(Now >= NextCheck)) {
				Check(NextCheck);
				}

				return static_cast<RssLimitExceeded>(atomic_load_relaxed(&RssLimitStatus));
				}
				#else
				RssLimitExceeded IsExceeded() { return RssLimitExceeded::Neither; }
				#endif

				u64 getSoftRssLimit() { return SoftRssLimit; }
				u64 getHardRssLimit() { return HardRssLimitMb; }

				private:
				vitalybukaUnsubmitted Not Done Reply Inline Actions Remove redundant ULL as result fits into int32 Remove redundant () vitalybuka: Remove redundant ULL as result fits into int32 Remove redundant ()
				void Check(u64 NextCheck);

				u64 SoftRssLimit{static_cast<u64>(scudo::getFlags()->soft_rss_limit_mb)};

				u64 HardRssLimitMb{static_cast<u64>(scudo::getFlags()->hard_rss_limit_mb)};

				#if SCUDO_LINUX
				// The interval for the checks is 250ms.
				static constexpr u64 CheckInterval = 250 * 1000000;

				atomic_u64 RssNextCheckAtNS = {};
				atomic_u8 RssLimitStatus = {};
				#endif
				};

	} // namespace scudo			} // namespace scudo

	#endif // SCUDO_COMMON_H_			#endif // SCUDO_COMMON_H_

compiler-rt/lib/scudo/standalone/common.cpp

Show All 31 Lines	void NORETURN dieOnMapUnmapError(uptr SizeIfOOM) {
}		}
outputRaw(Error);		outputRaw(Error);
setAbortMessage(Error);		setAbortMessage(Error);
die();		die();
}		}

#if !SCUDO_LINUX		#if !SCUDO_LINUX
u64 GetRSS() { return 0; }		u64 GetRSS() { return 0; }

		void RssLimitChecker::Check() {}
#endif		#endif

} // namespace scudo		} // namespace scudo

compiler-rt/lib/scudo/standalone/flags.inc

	Show All 39 Lines
	SCUDO_FLAG(bool, may_return_null, true,			SCUDO_FLAG(bool, may_return_null, true,
	"Indicate whether the allocator should terminate instead of "			"Indicate whether the allocator should terminate instead of "
	"returning NULL in otherwise non-fatal error scenarios, eg: OOM, "			"returning NULL in otherwise non-fatal error scenarios, eg: OOM, "
	"invalid allocation alignments, etc.")			"invalid allocation alignments, etc.")

	SCUDO_FLAG(int, release_to_os_interval_ms, SCUDO_ANDROID ? INT32_MIN : 5000,			SCUDO_FLAG(int, release_to_os_interval_ms, SCUDO_ANDROID ? INT32_MIN : 5000,
	"Interval (in milliseconds) at which to attempt release of unused "			"Interval (in milliseconds) at which to attempt release of unused "
	"memory to the OS. Negative values disable the feature.")			"memory to the OS. Negative values disable the feature.")

				SCUDO_FLAG(int, hard_rss_limit_mb, 0,
				vitalybukaUnsubmitted Not Done Reply Inline Actions limits need own tests as well vitalybuka: limits need own tests as well
				"LINUX-ONLY: Hard RSS Limit in Mb"
				"If non-zero, once the limit is achieved, abort the process")

				SCUDO_FLAG(int, soft_rss_limit_mb, 0,
				"LINUX_ONLY: Soft RSS Limit in Mb"
				"If non-zero, once the limit is reached, all subsequent calls will "
				"fail or return NULL"
				"until the RSS goes below the soft limit")

compiler-rt/lib/scudo/standalone/internal_defs.h

Show First 20 Lines • Show All 97 Lines • ▼ Show 20 Lines	do { \
if (UNLIKELY(!(Expr))) { \		if (UNLIKELY(!(Expr))) { \
outputRaw(Msg); \		outputRaw(Msg); \
die(); \		die(); \
} \		} \
} while (false)		} while (false)

#define RAW_CHECK(Expr) RAW_CHECK_MSG(Expr, #Expr)		#define RAW_CHECK(Expr) RAW_CHECK_MSG(Expr, #Expr)

		void NORETURN reportRSSCheck(const char *Message, u64 RssLimit, u64 RssCurrent);

void NORETURN reportCheckFailed(const char *File, int Line,		void NORETURN reportCheckFailed(const char *File, int Line,
const char *Condition, u64 Value1, u64 Value2);		const char *Condition, u64 Value1, u64 Value2);
#define CHECK_IMPL(C1, Op, C2) \		#define CHECK_IMPL(C1, Op, C2) \
do { \		do { \
if (UNLIKELY(!(C1 Op C2))) { \		if (UNLIKELY(!(C1 Op C2))) { \
scudo::reportCheckFailed(__FILE__, __LINE__, #C1 " " #Op " " #C2, \		scudo::reportCheckFailed(__FILE__, __LINE__, #C1 " " #Op " " #C2, \
(scudo::u64)C1, (scudo::u64)C2); \		(scudo::u64)C1, (scudo::u64)C2); \
scudo::die(); \		scudo::die(); \
▲ Show 20 Lines • Show All 53 Lines • Show Last 20 Lines

compiler-rt/lib/scudo/standalone/linux.cpp

//===-- linux.cpp ------------------------------------------------ C++ --===//		//===-- linux.cpp ------------------------------------------------ C++ --===//
//		//
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.		// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information.		// See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception		// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
//		//
//===----------------------------------------------------------------------===//		//===----------------------------------------------------------------------===//

		#include "atomic_helpers.h"
		#include "flags.h"
#include "platform.h"		#include "platform.h"

#if SCUDO_LINUX		#if SCUDO_LINUX

#include "common.h"		#include "common.h"
#include "linux.h"		#include "linux.h"
#include "mutex.h"		#include "mutex.h"
#include "string_utils.h"		#include "string_utils.h"
▲ Show 20 Lines • Show All 158 Lines • ▼ Show 20 Lines	#endif // defined(SYS_getrandom)
ReadBytes = read(FileDesc, Buffer, Length);		ReadBytes = read(FileDesc, Buffer, Length);
close(FileDesc);		close(FileDesc);
return (ReadBytes == static_cast<ssize_t>(Length));		return (ReadBytes == static_cast<ssize_t>(Length));
}		}

// Allocation free syslog-like API.		// Allocation free syslog-like API.
extern "C" WEAK int async_safe_write_log(int pri, const char *tag,		extern "C" WEAK int async_safe_write_log(int pri, const char *tag,
const char *msg);		const char *msg);

		phosekUnsubmitted Not Done Reply Inline Actions The opening brace should be on the previous line. phosek: The opening brace should be on the previous line.
static u64 GetRSSFromBuffer(const char *Buf) {		static u64 GetRSSFromBuffer(const char *Buf) {
// The format of the file is:		// The format of the file is:
// 1084 89 69 11 0 79 0		// 1084 89 69 11 0 79 0
// We need the second number which is RSS in pages.		// We need the second number which is RSS in pages.
const char *Pos = Buf;		const char *Pos = Buf;
		phosekUnsubmitted Not Done Reply Inline Actions The opening brace should be on the previous line. phosek: The opening brace should be on the previous line.
// Skip the first number.		// Skip the first number.
while (Pos >= '0' && Pos <= '9')		while (Pos >= '0' && Pos <= '9')
Pos++;		Pos++;
// Skip whitespaces.		// Skip whitespaces.
while (!(Pos >= '0' && Pos <= '9') && *Pos != 0)		while (!(Pos >= '0' && Pos <= '9') && *Pos != 0)
		phosekUnsubmitted Not Done Reply Inline Actions The opening brace should be on the previous line. phosek: The opening brace should be on the previous line.
Pos++;		Pos++;
// Read the number.		// Read the number.
u64 Rss = 0;		u64 Rss = 0;
		vitalybukaUnsubmitted Not Done Reply Inline Actions How about moving GetRSS() (with a test) implementation into a separate patch? vitalybuka: How about moving GetRSS() (with a test) implementation into a separate patch?
for (; Pos >= '0' && Pos <= '9'; Pos++)		for (; Pos >= '0' && Pos <= '9'; Pos++)
Rss = Rss * 10 + static_cast<u64>(*Pos) - '0';		Rss = Rss * 10 + static_cast<u64>(*Pos) - '0';
return Rss * getPageSizeCached();		return Rss * getPageSizeCached();
}		}

u64 GetRSS() {		u64 GetRSS() {
auto Fd = open("/proc/self/statm", O_RDONLY);		auto Fd = open("/proc/self/statm", O_RDONLY);
char Buf[64];		char Buf[64];
s64 Len = read(Fd, Buf, sizeof(Buf) - 1);		s64 Len = read(Fd, Buf, sizeof(Buf) - 1);
close(Fd);		close(Fd);
if (Len <= 0)		if (Len <= 0)
return 0;		return 0;
Buf[Len] = 0;		Buf[Len] = 0;

return GetRSSFromBuffer(Buf);		return GetRSSFromBuffer(Buf);
}		}

		void RssLimitChecker::Check(u64 NextCheck) {
		// Early return in case another thread already did the calculation.
		vitalybukaUnsubmitted Not Done Reply Inline Actions Return here if they are both zeroes and eliminate CheckRssLimit? vitalybuka: Return here if they are both zeroes and eliminate CheckRssLimit?
		1c3t3aUnsubmitted Not Done Reply Inline Actions Done. What do you mean by "eliminate CheckRssLimit"? 1c3t3a: Done. What do you mean by "eliminate CheckRssLimit"?
		if (!atomic_compare_exchange_strong(&RssNextCheckAtNS, &NextCheck,
		getMonotonicTime() + CheckInterval,
		memory_order_relaxed)) {
		return;
		}

		u64 HardRssLimitMb = getHardRssLimit();
		u64 SoftRssLimitMb = getSoftRssLimit();

		if (!HardRssLimitMb && !SoftRssLimitMb)
		return;

		// TODO: We currently use sanitizer_common's GetRSS which reads the
		vitalybukaUnsubmitted Not Done Reply Inline Actions remove {} vitalybuka: remove {}
		// RSS from /proc/self/statm by default. We might want to
		vitalybukaUnsubmitted Not Done Reply Inline Actions maybe nicer to RssLimitExceeded -> enum {Neither, Soft, Hard} and move reportRSSCheck() same place where you report soft limit vitalybuka: maybe nicer to RssLimitExceeded -> enum {Neither, Soft, Hard} and move reportRSSCheck() same…
		// call getrusage directly, even if it's less accurate.
		const u64 CurrentRssMb = GetRSS() >> 20;

		if (HardRssLimitMb && UNLIKELY(HardRssLimitMb < CurrentRssMb))
		atomic_store_relaxed(&RssLimitStatus,
		static_cast<u8>(RssLimitExceeded::Hard));
		else if (SoftRssLimitMb && UNLIKELY(SoftRssLimitMb < CurrentRssMb))
		atomic_store_relaxed(&RssLimitStatus,
		static_cast<u8>(RssLimitExceeded::Soft));
		else
		atomic_store_relaxed(&RssLimitStatus,
		static_cast<u8>(RssLimitExceeded::Neither));
		}

void outputRaw(const char *Buffer) {		void outputRaw(const char *Buffer) {
if (&async_safe_write_log) {		if (&async_safe_write_log) {
constexpr s32 AndroidLogInfo = 4;		constexpr s32 AndroidLogInfo = 4;
constexpr uptr MaxLength = 1024U;		constexpr uptr MaxLength = 1024U;
char LocalBuffer[MaxLength];		char LocalBuffer[MaxLength];
while (strlen(Buffer) > MaxLength) {		while (strlen(Buffer) > MaxLength) {
uptr P;		uptr P;
for (P = MaxLength - 1; P > 0; P--) {		for (P = MaxLength - 1; P > 0; P--) {
Show All 28 Lines

compiler-rt/lib/scudo/standalone/options.h

Show All 19 Lines	enum class OptionBit {
FillContents0of2,		FillContents0of2,
FillContents1of2,		FillContents1of2,
DeallocTypeMismatch,		DeallocTypeMismatch,
DeleteSizeMismatch,		DeleteSizeMismatch,
TrackAllocationStacks,		TrackAllocationStacks,
UseOddEvenTags,		UseOddEvenTags,
UseMemoryTagging,		UseMemoryTagging,
AddLargeAllocationSlack,		AddLargeAllocationSlack,
		CheckRssLimit,
};		};

struct Options {		struct Options {
u32 Val;		u32 Val;

bool get(OptionBit Opt) const { return Val & (1U << static_cast<u32>(Opt)); }		bool get(OptionBit Opt) const { return Val & (1U << static_cast<u32>(Opt)); }

FillContentsMode getFillContentsMode() const {		FillContentsMode getFillContentsMode() const {
Show All 39 Lines

compiler-rt/lib/scudo/standalone/report.cpp

Show All 30 Lines	public:
}		}

private:		private:
ScopedString Message;		ScopedString Message;
};		};

inline void NORETURN trap() { __builtin_trap(); }		inline void NORETURN trap() { __builtin_trap(); }

		void NORETURN reportRSSCheck(const char *Message, u64 RssLimit,
		u64 RssCurrent) {
		phosekUnsubmitted Not Done Reply Inline Actions The opening brace should be on the previous line. phosek: The opening brace should be on the previous line.
		ScopedErrorReport Report;
		Report.append("%s %d x %d\n", Message, RssLimit, RssCurrent);
		}

// This could potentially be called recursively if a CHECK fails in the reports.		// This could potentially be called recursively if a CHECK fails in the reports.
void NORETURN reportCheckFailed(const char *File, int Line,		void NORETURN reportCheckFailed(const char *File, int Line,
const char *Condition, u64 Value1, u64 Value2) {		const char *Condition, u64 Value1, u64 Value2) {
static atomic_u32 NumberOfCalls;		static atomic_u32 NumberOfCalls;
if (atomic_fetch_add(&NumberOfCalls, 1, memory_order_relaxed) > 2) {		if (atomic_fetch_add(&NumberOfCalls, 1, memory_order_relaxed) > 2) {
// TODO(kostyak): maybe sleep here?		// TODO(kostyak): maybe sleep here?
trap();		trap();
}		}
▲ Show 20 Lines • Show All 146 Lines • Show Last 20 Lines

compiler-rt/lib/scudo/standalone/tests/combined_test.cpp

//===-- combined_test.cpp ---------------------------------------- C++ --===//		//===-- combined_test.cpp ---------------------------------------- C++ --===//
//		//
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.		// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information.		// See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception		// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
//		//
//===----------------------------------------------------------------------===//		//===----------------------------------------------------------------------===//

		#include "common.h"
		#include "flags.h"
#include "memtag.h"		#include "memtag.h"
		#include "options.h"
#include "tests/scudo_unit_test.h"		#include "tests/scudo_unit_test.h"

#include "allocator_config.h"		#include "allocator_config.h"
#include "chunk.h"		#include "chunk.h"
#include "combined.h"		#include "combined.h"

#include <condition_variable>		#include <condition_variable>
		#include <cstdint>
#include <memory>		#include <memory>
#include <mutex>		#include <mutex>
#include <set>		#include <set>
#include <stdlib.h>		#include <stdlib.h>
#include <thread>		#include <thread>
#include <vector>		#include <vector>

static constexpr scudo::Chunk::Origin Origin = scudo::Chunk::Origin::Malloc;		static constexpr scudo::Chunk::Origin Origin = scudo::Chunk::Origin::Malloc;
▲ Show 20 Lines • Show All 56 Lines • ▼ Show 20 Lines	void *operator new(size_t size) {
void *p = nullptr;		void *p = nullptr;
EXPECT_EQ(0, posix_memalign(&p, alignof(TestAllocator), size));		EXPECT_EQ(0, posix_memalign(&p, alignof(TestAllocator), size));
return p;		return p;
}		}

void operator delete(void *ptr) { free(ptr); }		void operator delete(void *ptr) { free(ptr); }
};		};

template <class TypeParam> struct ScudoCombinedTest : public Test {		template <class TypeParam> struct ScudoCombinedBaseTest : public Test {
ScudoCombinedTest() {		ScudoCombinedBaseTest() {
UseQuarantine = std::is_same<TypeParam, scudo::AndroidConfig>::value;		UseQuarantine = std::is_same<TypeParam, scudo::AndroidConfig>::value;
Allocator = std::make_unique<AllocatorT>();
}
~ScudoCombinedTest() {
Allocator->releaseToOS();
UseQuarantine = true;
}		}

void RunTest();		void RunTest();

		~ScudoCombinedBaseTest() { UseQuarantine = true; }
		};

		template <class TypeParam>
		struct ScudoCombinedTest : public ScudoCombinedBaseTest<TypeParam> {
		ScudoCombinedTest() { Allocator = std::make_unique<AllocatorT>(); }
		~ScudoCombinedTest() { Allocator->releaseToOS(); }

		void RunTest();

void BasicTest(scudo::uptr SizeLog);		void BasicTest(scudo::uptr SizeLog);

using AllocatorT = TestAllocator<TypeParam>;		using AllocatorT = TestAllocator<TypeParam>;
std::unique_ptr<AllocatorT> Allocator;		std::unique_ptr<AllocatorT> Allocator;
};		};

template <typename T> using ScudoCombinedDeathTest = ScudoCombinedTest<T>;		template <typename T> using ScudoCombinedDeathTest = ScudoCombinedTest<T>;

#if SCUDO_FUCHSIA		#if SCUDO_FUCHSIA
#define SCUDO_TYPED_TEST_ALL_TYPES(FIXTURE, NAME) \		#define SCUDO_TYPED_TEST_ALL_TYPES(FIXTURE, NAME) \
SCUDO_TYPED_TEST_TYPE(FIXTURE, NAME, AndroidSvelteConfig) \		SCUDO_TYPED_TEST_TYPE(FIXTURE, NAME, AndroidSvelteConfig) \
SCUDO_TYPED_TEST_TYPE(FIXTURE, NAME, FuchsiaConfig)		SCUDO_TYPED_TEST_TYPE(FIXTURE, NAME, FuchsiaConfig)
#else		#else
#define SCUDO_TYPED_TEST_ALL_TYPES(FIXTURE, NAME) \		#define SCUDO_TYPED_TEST_ALL_TYPES(FIXTURE, NAME) \
SCUDO_TYPED_TEST_TYPE(FIXTURE, NAME, AndroidSvelteConfig) \		SCUDO_TYPED_TEST_TYPE(FIXTURE, NAME, AndroidSvelteConfig) \
SCUDO_TYPED_TEST_TYPE(FIXTURE, NAME, DefaultConfig) \		SCUDO_TYPED_TEST_TYPE(FIXTURE, NAME, DefaultConfig) \
SCUDO_TYPED_TEST_TYPE(FIXTURE, NAME, AndroidConfig)		SCUDO_TYPED_TEST_TYPE(FIXTURE, NAME, AndroidConfig)
#endif		#endif

		#if SCUDO_FUCHSIA
		#define SCUDO_TYPED_TEST_ALL_TYPES_WITH_CONFIG(FIXTURE, NAME, TEST_CONFIG) \
		SCUDO_TYPED_TEST_TYPE_WITH_CONFIG(FIXTURE, NAME, AndroidSvelteConfig, \
		TEST_CONFIG) \
		SCUDO_TYPED_TEST_TYPE_WITH_CONFIG(FIXTURE, NAME, FuchsiaConfig, TEST_CONFIG)
		#else
		#define SCUDO_TYPED_TEST_ALL_TYPES_WITH_CONFIG(FIXTURE, NAME, TEST_CONFIG) \
		SCUDO_TYPED_TEST_TYPE_WITH_CONFIG(FIXTURE, NAME, AndroidSvelteConfig, \
		TEST_CONFIG) \
		SCUDO_TYPED_TEST_TYPE_WITH_CONFIG(FIXTURE, NAME, DefaultConfig, TEST_CONFIG) \
		SCUDO_TYPED_TEST_TYPE_WITH_CONFIG(FIXTURE, NAME, AndroidConfig, TEST_CONFIG)
		#endif

#define SCUDO_TYPED_TEST_TYPE(FIXTURE, NAME, TYPE) \		#define SCUDO_TYPED_TEST_TYPE(FIXTURE, NAME, TYPE) \
using FIXTURE##NAME##_##TYPE = FIXTURE##NAME<scudo::TYPE>; \		using FIXTURE##NAME##_##TYPE = FIXTURE##NAME<scudo::TYPE>; \
TEST_F(FIXTURE##NAME##_##TYPE, NAME) { FIXTURE##NAME<scudo::TYPE>::Run(); }		TEST_F(FIXTURE##NAME##_##TYPE, NAME) { FIXTURE##NAME<scudo::TYPE>::Run(); }

		#define SCUDO_TYPED_TEST_TYPE_WITH_CONFIG(FIXTURE, NAME, TYPE, TEST_CONFIG) \
		using FIXTURE##NAME##_##TYPE = FIXTURE##NAME<scudo::TYPE, TEST_CONFIG>; \
		TEST_F(FIXTURE##NAME##_##TYPE, NAME) { \
		FIXTURE##NAME<scudo::TYPE, TEST_CONFIG>::Run(); \
		}

		#define SCUDO_TYPED_TEST_WITH_CONFIG(FIXTURE, NAME, TEST_CONFIG) \
		template <class TypeParam, class TestConfig> \
		struct FIXTURE##NAME : public FIXTURE<TypeParam, TestConfig> { \
		void Run(); \
		}; \
		SCUDO_TYPED_TEST_ALL_TYPES_WITH_CONFIG(FIXTURE, NAME, TEST_CONFIG) \
		template <class TypeParam, class TestConfig> \
		void FIXTURE##NAME<TypeParam, TestConfig>::Run()

#define SCUDO_TYPED_TEST(FIXTURE, NAME) \		#define SCUDO_TYPED_TEST(FIXTURE, NAME) \
template <class TypeParam> \		template <class TypeParam> \
struct FIXTURE##NAME : public FIXTURE<TypeParam> { \		struct FIXTURE##NAME : public FIXTURE<TypeParam> { \
void Run(); \		void Run(); \
}; \		}; \
SCUDO_TYPED_TEST_ALL_TYPES(FIXTURE, NAME) \		SCUDO_TYPED_TEST_ALL_TYPES(FIXTURE, NAME) \
template <class TypeParam> void FIXTURE##NAME<TypeParam>::Run()		template <class TypeParam> void FIXTURE##NAME<TypeParam>::Run()

▲ Show 20 Lines • Show All 594 Lines • ▼ Show 20 Lines	TEST(ScudoCombinedTest, BasicTrustyConfig) {
auto *TSD = Allocator->getTSDRegistry()->getTSDAndLock(&UnlockRequired);		auto *TSD = Allocator->getTSDRegistry()->getTSDAndLock(&UnlockRequired);
TSD->Cache.drain();		TSD->Cache.drain();

Allocator->releaseToOS();		Allocator->releaseToOS();
}		}

#endif		#endif
#endif		#endif

		#if SCUDO_LINUX

		template <class TypeParam, class TestConfig>
		struct ScudoCombinedRssTest : public ScudoCombinedBaseTest<TypeParam> {
		ScudoCombinedRssTest() {
		OldHardRssLimit = scudo::getFlags()->hard_rss_limit_mb;
		OldSoftRssLimit = scudo::getFlags()->soft_rss_limit_mb;
		vitalybukaUnsubmitted Not Done Reply Inline Actions This relies on the order of the test execution everything after this will see scudo::getFlags()->soft_rss_limit_mb = 1 for avoid this the test should backup and restore flags vitalybuka: This relies on the order of the test execution everything after this will see scudo::getFlags()…
		OldMayReturnNull = scudo::getFlags()->may_return_null;

		scudo::getFlags()->hard_rss_limit_mb = TestConfig::HardRssLimit;
		scudo::getFlags()->soft_rss_limit_mb = TestConfig::SoftRssLimit;
		scudo::getFlags()->may_return_null = TestConfig::MayReturnNull;

		Allocator = std::make_unique<AllocatorT>();
		}
		~ScudoCombinedRssTest() {
		Allocator->releaseToOS();

		scudo::getFlags()->hard_rss_limit_mb = OldHardRssLimit;
		scudo::getFlags()->soft_rss_limit_mb = OldSoftRssLimit;
		scudo::getFlags()->may_return_null = OldMayReturnNull;
		}

		vitalybukaUnsubmitted Not Done Reply Inline Actions this code does not use {} for one line loop bodies vitalybuka: this code does not use {} for one line loop bodies
		void RunTest();

		void BasicTest(scudo::uptr SizeLog);

		int64_t OldHardRssLimit;
		int64_t OldSoftRssLimit;
		bool OldMayReturnNull;
		vitalybukaUnsubmitted Not Done Reply Inline Actions restore flags vitalybuka: restore flags

		using AllocatorT = TestAllocator<TypeParam>;
		std::unique_ptr<AllocatorT> Allocator;
		};

		struct SoftRssConfig {
		static const int64_t HardRssLimit = 0;
		static const int64_t SoftRssLimit = 1;
		static const bool MayReturnNull = true;
		};

		SCUDO_TYPED_TEST_WITH_CONFIG(ScudoCombinedRssTest, SoftRssLimit,
		SoftRssConfig) {
		size_t Megabyte = 1024 * 1024;
		size_t ChunkSize = 16;
		size_t Error = 256;

		auto *Allocator = this->Allocator.get();

		std::vector<void *> Ptrs;
		for (size_t index = 0; index < Megabyte + Error; index += ChunkSize) {
		void *Ptr = Allocator->allocate(ChunkSize, Origin);
		Ptrs.push_back(Ptr);
		}

		EXPECT_EQ(Allocator->allocate(ChunkSize, Origin), nullptr);

		for (void *Ptr : Ptrs)
		Allocator->deallocate(Ptr, Origin);
		}

		struct HardRssConfig {
		static const int64_t HardRssLimit = 1;
		static const int64_t SoftRssLimit = 0;
		static const bool MayReturnNull = false;
		};

		SCUDO_TYPED_TEST_WITH_CONFIG(ScudoCombinedRssTest, HardRssLimit,
		HardRssConfig) {
		size_t Megabyte = 1024 * 1024;

		auto *Allocator = this->Allocator.get();

		EXPECT_DEATH(
		{
		disableDebuggerdMaybe();
		Allocator->allocate(Megabyte, Origin);
		},
		"");
		}
		#endif

This is an archive of the discontinued LLVM Phabricator instance.

Add Soft/Hard RSS Limits to Scudo StandaloneClosedPublic

Details

Diff Detail

Event Timeline

Revision Contents

Diff 484837

compiler-rt/lib/scudo/standalone/combined.h

compiler-rt/lib/scudo/standalone/common.h

compiler-rt/lib/scudo/standalone/common.cpp

compiler-rt/lib/scudo/standalone/flags.inc

compiler-rt/lib/scudo/standalone/internal_defs.h

compiler-rt/lib/scudo/standalone/linux.cpp

compiler-rt/lib/scudo/standalone/options.h

compiler-rt/lib/scudo/standalone/report.cpp

compiler-rt/lib/scudo/standalone/tests/combined_test.cpp

Add Soft/Hard RSS Limits to Scudo Standalone
ClosedPublic