This is an archive of the discontinued LLVM Phabricator instance.

compiler-rt/lib/scudo/standalone/combined.h
1175–1176	it might be better if you move this into the else down below. Since the first if sets this unconditionally, I think it would be easier to follow to have it set in both the if and else.
1178	I don't think this initializing is necessary since BlockBegin is set in both the if and else statement below.
1210–1216	The Quarantine code path looks like it's kind of odd. I think it would make this code a lot more readable if the qurantine case was moved to the location of the BypassQuarantine bool init. It would look like this: if (!BypassQuarantine) { NewHeader.State = Chunk::State::Quarantined; bool UnlockRequired; auto TSD = TSDRegistry.getTSDAndLock(&UnlockRequired); Quarantine.put(&TSD->getQuarantineCache(), QuarantineCallback(this, TSD->getCache()), Ptr, Size); if (UnlockRequired) TSD->unlock(); return; } I think you might need to call unTagBlock if memory tagging is enabled in the quarantine path. Right now this new change does some extra work when in the quarantine path, but if you split it out then that won't happen. And adding the unTagBlock call might also do some extra work though so I'm not sure what's the best way to handle this. It might be better to do that in a follow-on though. I'll leave that up to you, or since it's my suggestion, I can also do this.

This revision now requires changes to proceed.Sep 20 2023, 5:45 PM

Address review comments

compiler-rt/lib/scudo/standalone/combined.h
1210–1216	I agree with the code motion of quarantine block. As we discussed, we may also want to config quarantine by compilation flag. Thus I'm planning to do the code motion with the config change in a later CL. I've fixed the part that we did more work in quarantine path. Now it should be the same logic as before.

Harbormaster completed remote builds in B257541: Diff 557252.Sep 22 2023, 12:26 PM

LGTM.

This revision is now accepted and ready to land.Sep 26 2023, 6:20 PM

Revision Contents

Path

Size

compiler-rt/

lib/

scudo/

standalone/

combined.h

74 lines

Diff 557252

compiler-rt/lib/scudo/standalone/combined.h

Show First 20 Lines • Show All 451 Lines • ▼ Show 20 Lines	#endif // GWP_ASAN_HOOKS
}		}

const uptr Size = getSize(Ptr, &Header);		const uptr Size = getSize(Ptr, &Header);
if (DeleteSize && Options.get(OptionBit::DeleteSizeMismatch)) {		if (DeleteSize && Options.get(OptionBit::DeleteSizeMismatch)) {
if (UNLIKELY(DeleteSize != Size))		if (UNLIKELY(DeleteSize != Size))
reportDeleteSizeMismatch(Ptr, DeleteSize, Size);		reportDeleteSizeMismatch(Ptr, DeleteSize, Size);
}		}

quarantineOrDeallocateChunk(Options, TaggedPtr, &Header, Size);		quarantineOrDeallocateChunk(Options, TaggedPtr, Ptr, &Header, Size);
}		}

void reallocate(void OldPtr, uptr NewSize, uptr Alignment = MinAlignment) {		void reallocate(void OldPtr, uptr NewSize, uptr Alignment = MinAlignment) {
initThreadMaybe();		initThreadMaybe();

const Options Options = Primary.Options.load();		const Options Options = Primary.Options.load();
if (UNLIKELY(NewSize >= MaxAllowedMallocSize)) {		if (UNLIKELY(NewSize >= MaxAllowedMallocSize)) {
if (Options.get(OptionBit::MayReturnNull))		if (Options.get(OptionBit::MayReturnNull))
▲ Show 20 Lines • Show All 83 Lines • ▼ Show 20 Lines	#endif // GWP_ASAN_HOOKS

// Otherwise we allocate a new one, and deallocate the old one. Some		// Otherwise we allocate a new one, and deallocate the old one. Some
// allocators will allocate an even larger chunk (by a fixed factor) to		// allocators will allocate an even larger chunk (by a fixed factor) to
// allow for potential further in-place realloc. The gains of such a trick		// allow for potential further in-place realloc. The gains of such a trick
// are currently unclear.		// are currently unclear.
void *NewPtr = allocate(NewSize, Chunk::Origin::Malloc, Alignment);		void *NewPtr = allocate(NewSize, Chunk::Origin::Malloc, Alignment);
if (LIKELY(NewPtr)) {		if (LIKELY(NewPtr)) {
memcpy(NewPtr, OldTaggedPtr, Min(NewSize, OldSize));		memcpy(NewPtr, OldTaggedPtr, Min(NewSize, OldSize));
quarantineOrDeallocateChunk(Options, OldTaggedPtr, &OldHeader, OldSize);		quarantineOrDeallocateChunk(Options, OldTaggedPtr, OldPtr, &OldHeader,
		OldSize);
}		}
return NewPtr;		return NewPtr;
}		}

// TODO(kostyak): disable() is currently best-effort. There are some small		// TODO(kostyak): disable() is currently best-effort. There are some small
// windows of time when an allocation could still succeed after		// windows of time when an allocation could still succeed after
// this function finishes. We will revisit that later.		// this function finishes. We will revisit that later.
void disable() NO_THREAD_SAFETY_ANALYSIS {		void disable() NO_THREAD_SAFETY_ANALYSIS {
▲ Show 20 Lines • Show All 583 Lines • ▼ Show 20 Lines	initChunkWithMemoryTagging(const uptr ClassId, const Chunk::Origin Origin,
Header.OriginOrWasZeroed = Origin & Chunk::OriginMask;		Header.OriginOrWasZeroed = Origin & Chunk::OriginMask;
Header.SizeOrUnusedBytes = SizeOrUnusedBytes & Chunk::SizeOrUnusedBytesMask;		Header.SizeOrUnusedBytes = SizeOrUnusedBytes & Chunk::SizeOrUnusedBytesMask;
Chunk::storeHeader(Cookie, Ptr, &Header);		Chunk::storeHeader(Cookie, Ptr, &Header);

return TaggedPtr;		return TaggedPtr;
}		}

void quarantineOrDeallocateChunk(const Options &Options, void *TaggedPtr,		void quarantineOrDeallocateChunk(const Options &Options, void *TaggedPtr,
		void *HeaderTaggedPtr,
Chunk::UnpackedHeader *Header,		Chunk::UnpackedHeader *Header,
uptr Size) NO_THREAD_SAFETY_ANALYSIS {		uptr Size) NO_THREAD_SAFETY_ANALYSIS {
void *Ptr = getHeaderTaggedPointer(TaggedPtr);		void *Ptr = HeaderTaggedPtr;
Chunk::UnpackedHeader NewHeader = *Header;		Chunk::UnpackedHeader NewHeader = *Header;
// If the quarantine is disabled, the actual size of a chunk is 0 or larger		// If the quarantine is disabled, the actual size of a chunk is 0 or larger
// than the maximum allowed, we return a chunk directly to the backend.		// than the maximum allowed, we return a chunk directly to the backend.
// This purposefully underflows for Size == 0.		// This purposefully underflows for Size == 0.
const bool BypassQuarantine = !Quarantine.getCacheSize() \|\|		const bool BypassQuarantine = !Quarantine.getCacheSize() \|\|
((Size - 1) >= QuarantineMaxChunkSize) \|\|		((Size - 1) >= QuarantineMaxChunkSize) \|\|
!NewHeader.ClassId;		!NewHeader.ClassId;
if (BypassQuarantine)		if (BypassQuarantine)
NewHeader.State = Chunk::State::Available;		NewHeader.State = Chunk::State::Available;
else		else
NewHeader.State = Chunk::State::Quarantined;		NewHeader.State = Chunk::State::Quarantined;
NewHeader.OriginOrWasZeroed = useMemoryTagging<Config>(Options) &&
NewHeader.ClassId &&
!TSDRegistry.getDisableMemInit();
Chunk::compareExchangeHeader(Cookie, Ptr, &NewHeader, Header);		Chunk::compareExchangeHeader(Cookie, Ptr, &NewHeader, Header);
		cferrisUnsubmitted Done Reply Inline Actions it might be better if you move this into the else down below. Since the first if sets this unconditionally, I think it would be easier to follow to have it set in both the if and else. cferris: it might be better if you move this into the else down below. Since the first if sets this…

		void *BlockBegin;
		cferrisUnsubmitted Done Reply Inline Actions I don't think this initializing is necessary since BlockBegin is set in both the if and else statement below. cferris: I don't think this initializing is necessary since BlockBegin is set in both the if and else…
if (UNLIKELY(useMemoryTagging<Config>(Options))) {		if (UNLIKELY(useMemoryTagging<Config>(Options))) {
u8 PrevTag = extractTag(reinterpret_cast<uptr>(TaggedPtr));		NewHeader.OriginOrWasZeroed =
storeDeallocationStackMaybe(Options, Ptr, PrevTag, Size);		NewHeader.ClassId && !TSDRegistry.getDisableMemInit();
if (NewHeader.ClassId) {		BlockBegin = unTagBlock(Options, TaggedPtr, HeaderTaggedPtr, &NewHeader,
if (!TSDRegistry.getDisableMemInit()) {		Size, BypassQuarantine);
uptr TaggedBegin, TaggedEnd;		} else {
const uptr OddEvenMask = computeOddEvenMaskForPointerMaybe(		NewHeader.OriginOrWasZeroed = 0U;
Options, reinterpret_cast<uptr>(getBlockBegin(Ptr, &NewHeader)),		if (BypassQuarantine && allocatorSupportsMemoryTagging<Config>())
NewHeader.ClassId);		Ptr = untagPointer(Ptr);
// Exclude the previous tag so that immediate use after free is		BlockBegin = getBlockBegin(Ptr, &NewHeader);
// detected 100% of the time.
setRandomTag(Ptr, Size, OddEvenMask \| (1UL << PrevTag), &TaggedBegin,
&TaggedEnd);
}
}
}		}

if (BypassQuarantine) {		if (BypassQuarantine) {
if (allocatorSupportsMemoryTagging<Config>())
Ptr = untagPointer(Ptr);
void *BlockBegin = getBlockBegin(Ptr, &NewHeader);
const uptr ClassId = NewHeader.ClassId;		const uptr ClassId = NewHeader.ClassId;
if (LIKELY(ClassId)) {		if (LIKELY(ClassId)) {
bool UnlockRequired;		bool UnlockRequired;
auto *TSD = TSDRegistry.getTSDAndLock(&UnlockRequired);		auto *TSD = TSDRegistry.getTSDAndLock(&UnlockRequired);
const bool CacheDrained =		const bool CacheDrained =
TSD->getCache().deallocate(ClassId, BlockBegin);		TSD->getCache().deallocate(ClassId, BlockBegin);
if (UnlockRequired)		if (UnlockRequired)
TSD->unlock();		TSD->unlock();
// When we have drained some blocks back to the Primary from TSD, that		// When we have drained some blocks back to the Primary from TSD, that
// implies that we may have the chance to release some pages as well.		// implies that we may have the chance to release some pages as well.
// Note that in order not to block other thread's accessing the TSD,		// Note that in order not to block other thread's accessing the TSD,
// release the TSD first then try the page release.		// release the TSD first then try the page release.
if (CacheDrained)		if (CacheDrained)
Primary.tryReleaseToOS(ClassId, ReleaseToOS::Normal);		Primary.tryReleaseToOS(ClassId, ReleaseToOS::Normal);
} else {		} else {
if (UNLIKELY(useMemoryTagging<Config>(Options)))
storeTags(reinterpret_cast<uptr>(BlockBegin),
reinterpret_cast<uptr>(Ptr));
Secondary.deallocate(Options, BlockBegin);		Secondary.deallocate(Options, BlockBegin);
}		}
} else {		} else {
bool UnlockRequired;		bool UnlockRequired;
auto *TSD = TSDRegistry.getTSDAndLock(&UnlockRequired);		auto *TSD = TSDRegistry.getTSDAndLock(&UnlockRequired);
Quarantine.put(&TSD->getQuarantineCache(),		Quarantine.put(&TSD->getQuarantineCache(),
QuarantineCallback(*this, TSD->getCache()), Ptr, Size);		QuarantineCallback(*this, TSD->getCache()), Ptr, Size);
if (UnlockRequired)		if (UnlockRequired)
TSD->unlock();		TSD->unlock();
}		}
		cferrisUnsubmitted Not Done Reply Inline Actions The Quarantine code path looks like it's kind of odd. I think it would make this code a lot more readable if the qurantine case was moved to the location of the BypassQuarantine bool init. It would look like this: if (!BypassQuarantine) { NewHeader.State = Chunk::State::Quarantined; bool UnlockRequired; auto TSD = TSDRegistry.getTSDAndLock(&UnlockRequired); Quarantine.put(&TSD->getQuarantineCache(), QuarantineCallback(this, TSD->getCache()), Ptr, Size); if (UnlockRequired) TSD->unlock(); return; } I think you might need to call unTagBlock if memory tagging is enabled in the quarantine path. Right now this new change does some extra work when in the quarantine path, but if you split it out then that won't happen. And adding the unTagBlock call might also do some extra work though so I'm not sure what's the best way to handle this. It might be better to do that in a follow-on though. I'll leave that up to you, or since it's my suggestion, I can also do this. cferris: The Quarantine code path looks like it's kind of odd. I think it would make this code a lot…
		Chia-hungDuanAuthorUnsubmitted Done Reply Inline Actions I agree with the code motion of quarantine block. As we discussed, we may also want to config quarantine by compilation flag. Thus I'm planning to do the code motion with the config change in a later CL. I've fixed the part that we did more work in quarantine path. Now it should be the same logic as before. Chia-hungDuan: I agree with the code motion of quarantine block. As we discussed, we may also want to config…
}		}

		NOINLINE void unTagBlock(const Options &Options, void TaggedPtr,
		void *HeaderTaggedPtr,
		Chunk::UnpackedHeader *Header, const uptr Size,
		bool BypassQuarantine) {
		DCHECK(useMemoryTagging<Config>(Options));
		void *Ptr = HeaderTaggedPtr;

		const u8 PrevTag = extractTag(reinterpret_cast<uptr>(TaggedPtr));
		storeDeallocationStackMaybe(Options, Ptr, PrevTag, Size);
		if (Header->ClassId) {
		if (!TSDRegistry.getDisableMemInit()) {
		uptr TaggedBegin, TaggedEnd;
		const uptr OddEvenMask = computeOddEvenMaskForPointerMaybe(
		Options, reinterpret_cast<uptr>(getBlockBegin(Ptr, Header)),
		Header->ClassId);
		// Exclude the previous tag so that immediate use after free is
		// detected 100% of the time.
		setRandomTag(Ptr, Size, OddEvenMask \| (1UL << PrevTag), &TaggedBegin,
		&TaggedEnd);
		}
		}

		Ptr = untagPointer(Ptr);
		void *BlockBegin = getBlockBegin(Ptr, Header);
		if (BypassQuarantine && !Header->ClassId) {
		storeTags(reinterpret_cast<uptr>(BlockBegin),
		reinterpret_cast<uptr>(Ptr));
		}

		return BlockBegin;
		}

bool getChunkFromBlock(uptr Block, uptr *Chunk,		bool getChunkFromBlock(uptr Block, uptr *Chunk,
Chunk::UnpackedHeader *Header) {		Chunk::UnpackedHeader *Header) {
*Chunk =		*Chunk =
Block + getChunkOffsetFromBlock(reinterpret_cast<const char *>(Block));		Block + getChunkOffsetFromBlock(reinterpret_cast<const char *>(Block));
return Chunk::isValid(Cookie, reinterpret_cast<void >(Chunk), Header);		return Chunk::isValid(Cookie, reinterpret_cast<void >(Chunk), Header);
}		}

static uptr getChunkOffsetFromBlock(const char *Block) {		static uptr getChunkOffsetFromBlock(const char *Block) {
▲ Show 20 Lines • Show All 340 Lines • Show Last 20 Lines

This is an archive of the discontinued LLVM Phabricator instance.

[scudo] Split the code paths in quarantineOrDeallocateChunk()AcceptedPublic

Details

Diff Detail

Event Timeline

Revision Contents

Diff 557252

compiler-rt/lib/scudo/standalone/combined.h

[scudo] Split the code paths in quarantineOrDeallocateChunk()
AcceptedPublic