This is an archive of the discontinued LLVM Phabricator instance.

Paths

Table of Contentst

-
lib/scudo/
-
scudo/
-
CMakeLists.txt
-
scudo_allocator.h
7
scudo_allocator.cpp
-
scudo_allocator_secondary.h
1/2
scudo_thread.h
1
scudo_thread_android.cpp
-
scudo_thread_linux.cpp
-
scudo_utils.h
-
scudo_utils.cpp

Differential D31947

[scudo] Android support groundwork
AbandonedPublic

Authored by cryptoad on Apr 11 2017, 9:58 AM.

Download Raw Diff

Details

Reviewers

kcc
filcab
dvyukov
eugenis
alekseyshl

Summary

This makes the required changes to the Scudo code to be able to work on
Android, both for ARM and AArch64. Note that Android is not enabled yet in
the cmake configs, it will be the object of a later commit.

The following constraints had to be taken into account:

Android doesn't support thread_local, so things had to be changed to take this into account, using pthread_{set,get}specific as the alternative;
Android can't necessarily afford a cache per thread, due to memory limitations (there are incentives to low memort devices). The current Android allocator, jemalloc, uses a fixed set of arenas, which is the solution I adopted as well, assigning them to threads in a round-robin fashion.

As a result, the thread specific data was moved into a context structure, that
can either be thread_local or global (in this case, allocated during
initialization and lasting the lifetime of the program). This accounts for the
new files: scudo_thread.h, scudo_thread_linux.cpp, scudo_thread_android.cpp.
The number of contexts for Android is modifiable as a define. This also means
that we must be able to tell if a thread cache requires locking now, as for
Android it can be shared between multiple threads. Hence the addition of a
mutex per context, that is locked only when dealing with non thread_local
scenarios.

Another change is the ability to bypass the Quarantine if the cache size is
set to 0. Android watches closely its PSS, and 1MB of Quarantine ends up in
about 6MB of extra PSS for Android 32-bit. So the Quarantine might not be an
option. With no quarantine, the old execution flow ended up with the Scudo
header being checked twice, once before Put, once in Recyle, without any added
value to it.

Other changes involve a bit of reordering of lines here and there, and some
variable renaming to make things a bit more explicit.

For this review, I would also appreciate potential optimization feedback, if
someone sees a way to do things better, that would be great! Thanks for reading
that long blob of text.

Diff Detail

Build Status

Buildable 5663
Build 5663: arc lint + arc unit

Event Timeline

cryptoad created this revision.Apr 11 2017, 9:58 AM

Herald added subscribers: mgorny, srhines, rengolin, aemerson. · View Herald TranscriptApr 11 2017, 9:59 AM

alekseyshl accepted this revision.Apr 11 2017, 12:26 PM

alekseyshl added inline comments.

lib/scudo/scudo_allocator.cpp
176	Does UNLIKELY really improve the generated code?

This revision is now accepted and ready to land.Apr 11 2017, 12:26 PM

cryptoad added inline comments.Apr 11 2017, 1:00 PM

lib/scudo/scudo_allocator.cpp
176	I do like it as it will make the error condition the target of the conditional jump, and the rest of the code follows the regular flow. For example for that particular check, on x64: .text:0000000000053B72 E8 99 9A 00 00 call _ZN7__scudo20computeHardwareCRC32Ejm ; __scudo::computeHardwareCRC32(uint,ulong) .text:0000000000053B77 4C 8B 44 24 08 mov r8, [rsp+78h+var_70] .text:0000000000053B7C 66 41 39 C0 cmp r8w, ax .text:0000000000053B80 0F 85 CA 02 00 00 jnz loc_53E50 ; error .text:0000000000053B86 49 C1 EC 20 shr r12, 20h The error is the target of the long jump. I changed all the die conditions to be UNLIKELY as if they are hit, we terminate anyway. The performance gain is not necessarily significant, but the assembly does look cleaner.

I could use some more eyes and comments on this please!

cryptoad added a reviewer: dvyukov.Apr 14 2017, 9:11 AM

Android doesn't support thread_local

eugenis@, Is that still true?
Anyway, would you like to look at this from the Android POV?

In D31947#728470, @kcc wrote:

Android doesn't support thread_local

eugenis@, Is that still true?
Anyway, would you like to look at this from the Android POV?

That isn't true. Android does support thread_local. This patch should not have a different Android path.

In D31947#728499, @srhines wrote:

In D31947#728470, @kcc wrote:

Android doesn't support thread_local

eugenis@, Is that still true?
Anyway, would you like to look at this from the Android POV?

That isn't true. Android does support thread_local. This patch should not have a different Android path.

To be more specific, thread_local is supported via emutls (llvm/projects/compiler-rt/lib/builtins/emutls.c), which itself calls malloc to allocate the TLS.
Which unfortunately doesn't work well for an allocator that replaces malloc.

eugenis added inline comments.Apr 17 2017, 1:32 PM

lib/scudo/scudo_allocator.cpp
317	Calling initThreadMaybe() from all entry points looks error-prone. Is it ok (performance-wise) to do lazy initialization in getCurrentThreadContext?
lib/scudo/scudo_thread.h
11	an actual description would be nice

cryptoad marked an inline comment as done.Apr 17 2017, 1:37 PM

cryptoad added inline comments.

lib/scudo/scudo_allocator.cpp
317	Things like BackendAllocator.ReturnNullOrDieOnBadRequest will require initialization, but are called prior to getCurrentThreadContext. I am also actually not super happy about the way this turned out. The alternative would be a preinit or equivalent?
lib/scudo/scudo_thread.h
11	Sorry, user failure. I will address that.

eugenis added inline comments.Apr 17 2017, 2:19 PM

lib/scudo/scudo_allocator.cpp
317	Ideally access to the allocator cache should go through ThreadLocalContext as well. Maybe. What do you mean by preinit?

cryptoad marked an inline comment as done.Apr 17 2017, 2:24 PM

cryptoad added inline comments.

lib/scudo/scudo_allocator.cpp
317	Access to the local cache & quarantine cache go through the thread context. The issue I think is more about the global init, which is currently called via a pthread_once in the thread init. So realistically, the global init doesn't happen until a thread has been initialized. Unfortunately, that means all the options for the backend haven't been parsed yet if we wait to get the thread context (unless I move it up the code). I was thinking like in ASan, where it could be initialized once and for all via the preinit_array?

preinit_array can not be used in a shared library. A library can use -z initfirst, but we probably don't want to go there, and it's not supported on Android.

Let's leave it like this.

Android doesn't support thread_local

We have a (real) TLS slot for tsan (TLS_SLOT_TSAN). I wonder if we can re-use it for other sanitizers and scudo. Sanitizers are mutually exclusive, so there should be no problems using TLS_SLOT_TSAN is asan/msan. Scudo is not supposed to be used with sanitizers, right? So it seems we can just (ab)use TLS_SLOT_TSAN as well. Accessing it is just few machine instructions (see TLS_SLOT_TSAN in tsan_platform_linux.cc).

In D31947#728503, @cryptoad wrote:

To be more specific, thread_local is supported via emutls (llvm/projects/compiler-rt/lib/builtins/emutls.c), which itself calls malloc to allocate the TLS.
Which unfortunately doesn't work well for an allocator that replaces malloc.

I thought we had fixed this one by asking the Android devs to implement proper TLS on Android. They said it was simple and wasn't there because no one needed it.

@srhines, were you at the meeting with @jasonk, @kcc and some Android devs at Google, maybe 2 years ago? We discussed how emutls could be completely avoided.

Or maybe I remember it wrong...

--renato

First of all, do you have any benchmarks? Single-threaded, multi-threaded with/without contention. How do profiles look like?

lib/scudo/scudo_allocator.cpp
317	Agree, this does not look good if we care about performance. We could use preinit_array (or some other android alternative), but we also need to init thread (do we?). So we could piggy-back on thread init check. Namely: ThreadContext* GetThreadContext() { ThreadContext* ctx = __get_tls()[TLS_TSAN_SLOT]; if (LIKELY(ctx)) return ctx; // implies that thread and global context were initialized return GetThreadContextSlow(); } ThreadContext* GetThreadContextSlow() { init global context once; create and init thread context; store it into TLS_TSAN_SLOT and return; } If we call GetThreadContext() once in each interface function and then explicitly propagate the object pointer, we don't do any excessive work at all. This needs special care if some interface functions can be called from signal handlers.
lib/scudo/scudo_thread_android.cpp
36	Humm... is the idea that you build scudo for each particular device knowing number of cores? We can get severe performance drop if 2 or more active threads share the same context. We need to avoid contention at all costs. I am thinking of the following scheme. obtain number of cores at runtime create NCORES (or 2*NCORES) contexts allow threads to dynamically re-associate with contexts to resolve contention The re-association algorithm can be along the following lines. Remember the last used contenxt. Try to TryLock it. If TryLock succeeds, use it. If TryLock fails, try to find another unlocked context. If all contexts are locked, find the one that was unused for the longest time. The usage accounting can be done with only 1 additional check/store on fast path. Namely: struct Context { Mutex mu; atomic_uint64_t unused_since; ... }; bool Context::TryLock() { if (mu.TryLock()) { atomic_store_relaxed(&unused_since, 0); return true; } if (atomic_load_relaxed(&unused_since) == 0) atomic_store_relaxed(&unused_since, now()); return false; } I think this should provide pretty good contention resolution with minimal cost and reasonable complexity.

In D31947#728975, @rengolin wrote:

I thought we had fixed this one by asking the Android devs to implement proper TLS on Android. They said it was simple and wasn't there because no one needed it.

I had a short talk yesterday with some Android Bionic people, and they said they would put it back on the to-do list, but without a commitment as to when it would land.

In D31947#728956, @dvyukov wrote:

We have a (real) TLS slot for tsan (TLS_SLOT_TSAN). I wonder if we can re-use it for other sanitizers and scudo. Sanitizers are mutually exclusive, so there should be no problems using TLS_SLOT_TSAN is asan/msan. Scudo is not supposed to be used with sanitizers, right? So it seems we can just (ab)use TLS_SLOT_TSAN as well. Accessing it is just few machine instructions (see TLS_SLOT_TSAN in tsan_platform_linux.cc).

Scudo indeed is mutually exclusive with the other Sanitizers, so this option sounds like it could work!

In D31947#729047, @dvyukov wrote:

First of all, do you have any benchmarks? Single-threaded, multi-threaded with/without contention. How do profiles look like?

I have shared with Aleksey some Flame profiles, I can send that to you as well. This ended up with the couple of optimizations he recently did.

In D31947#729227, @cryptoad wrote:

In D31947#729047, @dvyukov wrote:

First of all, do you have any benchmarks? Single-threaded, multi-threaded with/without contention. How do profiles look like?

I have shared with Aleksey some Flame profiles, I can send that to you as well. This ended up with the couple of optimizations he recently did.

Yes, please.

In D31947#728975, @rengolin wrote:

In D31947#728503, @cryptoad wrote:

To be more specific, thread_local is supported via emutls (llvm/projects/compiler-rt/lib/builtins/emutls.c), which itself calls malloc to allocate the TLS.
Which unfortunately doesn't work well for an allocator that replaces malloc.

I thought we had fixed this one by asking the Android devs to implement proper TLS on Android. They said it was simple and wasn't there because no one needed it.

@srhines, were you at the meeting with @jasonk, @kcc and some Android devs at Google, maybe 2 years ago? We discussed how emutls could be completely avoided.

It's unfortunately been too long. There was no progress there IIRC, so we didn't continue pursuing anything related to it. The bionic folks were also concerned about the direction that most of the patches were taking. Yabin added TSan support, but it isn't widely used in Android (it remains harder to set up than ASan).

Or maybe I remember it wrong...

--renato

Added descriptions to scudo_thread*.
One of the additional change that didn't make it to the initial commit was
to move the software CRC32 into scudo_utils.h for inlining purposes.

@dvyukov would it be acceptable to get this patch out in its current form and use this as a base for the further improvement you suggested?
Namely: improve contention, potential use of the tsan TLS slot, rework thread/global initialization.

In D31947#730656, @cryptoad wrote:

@dvyukov would it be acceptable to get this patch out in its current form and use this as a base for the further improvement you suggested?
Namely: improve contention, potential use of the tsan TLS slot, rework thread/global initialization.

Is there a pressing need?
I think the main problem with this change is that it's very large. You can get both if you split it. For example:

Minor, unrelated changes/refactorings.
Preparation for Android support, but no actual Android code (only Linux as now).
Rework initialization (but again no Android code).
Actual Android support (will not need to touch any common code, just provide platform-specific parts).

In D31947#730825, @dvyukov wrote:

In D31947#730656, @cryptoad wrote:

@dvyukov would it be acceptable to get this patch out in its current form and use this as a base for the further improvement you suggested?
Namely: improve contention, potential use of the tsan TLS slot, rework thread/global initialization.

Is there a pressing need?
I think the main problem with this change is that it's very large. You can get both if you split it. For example:

Minor, unrelated changes/refactorings.

Preparation for Android support, but no actual Android code (only Linux as now).

Rework initialization (but again no Android code).

Actual Android support (will not need to touch any common code, just provide platform-specific parts).

Sounds good.

cryptoad abandoned this revision.Apr 19 2017, 12:11 PM

cryptoad mentioned this in D32242: [scudo] Minor changes and refactoring.Apr 19 2017, 1:45 PM

cryptoad mentioned this in rL300846: [scudo] Minor changes and refactoring.Apr 20 2017, 8:43 AM

cryptoad mentioned this in D32649: [scudo] Add Android support.Apr 28 2017, 10:25 AM

cryptoad mentioned this in rL302300: [scudo] Add Android support.May 5 2017, 2:51 PM

Revision Contents

Path

Size

lib/

scudo/

CMakeLists.txt

2 lines

scudo_allocator.h

51 lines

scudo_allocator.cpp

401 lines

scudo_allocator_secondary.h

17 lines

scudo_thread.h

48 lines

scudo_thread_android.cpp

74 lines

scudo_thread_linux.cpp

73 lines

scudo_utils.h

62 lines

scudo_utils.cpp

57 lines

Diff 95768

lib/scudo/CMakeLists.txt

	add_compiler_rt_component(scudo)			add_compiler_rt_component(scudo)

	include_directories(..)			include_directories(..)

	set(SCUDO_CFLAGS ${SANITIZER_COMMON_CFLAGS})			set(SCUDO_CFLAGS ${SANITIZER_COMMON_CFLAGS})
	# SANITIZER_COMMON_CFLAGS include -fno-builtin, but we actually want builtins!			# SANITIZER_COMMON_CFLAGS include -fno-builtin, but we actually want builtins!
	list(APPEND SCUDO_CFLAGS -fbuiltin)			list(APPEND SCUDO_CFLAGS -fbuiltin)
	append_rtti_flag(OFF SCUDO_CFLAGS)			append_rtti_flag(OFF SCUDO_CFLAGS)

	set(SCUDO_SOURCES			set(SCUDO_SOURCES
	scudo_allocator.cpp			scudo_allocator.cpp
	scudo_flags.cpp			scudo_flags.cpp
	scudo_crc32.cpp			scudo_crc32.cpp
	scudo_interceptors.cpp			scudo_interceptors.cpp
	scudo_new_delete.cpp			scudo_new_delete.cpp
	scudo_termination.cpp			scudo_termination.cpp
				scudo_thread_android.cpp
				scudo_thread_linux.cpp
	scudo_utils.cpp)			scudo_utils.cpp)

	# Enable the SSE 4.2 instruction set for scudo_crc32.cpp, if available.			# Enable the SSE 4.2 instruction set for scudo_crc32.cpp, if available.
	if (COMPILER_RT_HAS_MSSE4_2_FLAG)			if (COMPILER_RT_HAS_MSSE4_2_FLAG)
	set_source_files_properties(scudo_crc32.cpp PROPERTIES COMPILE_FLAGS -msse4.2)			set_source_files_properties(scudo_crc32.cpp PROPERTIES COMPILE_FLAGS -msse4.2)
	endif()			endif()

	# Enable the AArch64 CRC32 feature for scudo_crc32.cpp, if available.			# Enable the AArch64 CRC32 feature for scudo_crc32.cpp, if available.
	Show All 18 Lines

lib/scudo/scudo_allocator.h

Show First 20 Lines • Show All 76 Lines • ▼ Show 20 Lines	struct AllocatorOptions {
bool DeallocationTypeMismatch;		bool DeallocationTypeMismatch;
bool DeleteSizeMismatch;		bool DeleteSizeMismatch;
bool ZeroContents;		bool ZeroContents;

void setFrom(const Flags f, const CommonFlags cf);		void setFrom(const Flags f, const CommonFlags cf);
void copyTo(Flags f, CommonFlags cf) const;		void copyTo(Flags f, CommonFlags cf) const;
};		};

		#if SANITIZER_CAN_USE_ALLOCATOR64
		const uptr AllocatorSpace = ~0ULL;
		# if defined(__aarch64__) && SANITIZER_ANDROID
		const uptr AllocatorSize = 0x4000000000ULL; // 256G.
		# elif defined(__aarch64__)
		// AArch64/SANITIZER_CAN_USER_ALLOCATOR64 is only for 42-bit VMA
		// so no need to different values for different VMA.
		const uptr kAllocatorSize = 0x10000000000ULL; // 1T.
		# else
		const uptr AllocatorSize = 0x40000000000ULL; // 4T.
		# endif
		typedef DefaultSizeClassMap SizeClassMap;
		struct AP {
		static const uptr kSpaceBeg = AllocatorSpace;
		static const uptr kSpaceSize = AllocatorSize;
		static const uptr kMetadataSize = 0;
		typedef __scudo::SizeClassMap SizeClassMap;
		typedef NoOpMapUnmapCallback MapUnmapCallback;
		static const uptr kFlags =
		SizeClassAllocator64FlagMasks::kRandomShuffleChunks;
		};
		typedef SizeClassAllocator64<AP> PrimaryAllocator;
		#else
		// Currently, the 32-bit Sanitizer allocator has not yet benefited from all the
		// security improvements brought to the 64-bit one. This makes the 32-bit
		// version of Scudo slightly less toughened.
		static const uptr RegionSizeLog = 20;
		static const uptr NumRegions = SANITIZER_MMAP_RANGE_SIZE >> RegionSizeLog;
		# if SANITIZER_WORDSIZE == 32
		typedef FlatByteMap<NumRegions> ByteMap;
		# elif SANITIZER_WORDSIZE == 64
		typedef TwoLevelByteMap<(NumRegions >> 12), 1 << 12> ByteMap;
		# endif // SANITIZER_WORDSIZE
		typedef DefaultSizeClassMap SizeClassMap;
		typedef SizeClassAllocator32<0, SANITIZER_MMAP_RANGE_SIZE, 0, SizeClassMap,
		RegionSizeLog, ByteMap> PrimaryAllocator;
		#endif // SANITIZER_CAN_USE_ALLOCATOR64

		#include "scudo_allocator_secondary.h"

		typedef SizeClassAllocatorLocalCache<PrimaryAllocator> AllocatorCache;
		typedef ScudoLargeMmapAllocator SecondaryAllocator;
		typedef CombinedAllocator<PrimaryAllocator, AllocatorCache, SecondaryAllocator>
		ScudoBackendAllocator;

		ScudoBackendAllocator &getBackendAllocator();

		void initScudo();
void initAllocator(const AllocatorOptions &options);		void initAllocator(const AllocatorOptions &options);
void drainQuarantine();

void *scudoMalloc(uptr Size, AllocType Type);		void *scudoMalloc(uptr Size, AllocType Type);
void scudoFree(void *Ptr, AllocType Type);		void scudoFree(void *Ptr, AllocType Type);
void scudoSizedFree(void *Ptr, uptr Size, AllocType Type);		void scudoSizedFree(void *Ptr, uptr Size, AllocType Type);
void scudoRealloc(void Ptr, uptr Size);		void scudoRealloc(void Ptr, uptr Size);
void *scudoCalloc(uptr NMemB, uptr Size);		void *scudoCalloc(uptr NMemB, uptr Size);
void *scudoMemalign(uptr Alignment, uptr Size);		void *scudoMemalign(uptr Alignment, uptr Size);
void *scudoValloc(uptr Size);		void *scudoValloc(uptr Size);
void *scudoPvalloc(uptr Size);		void *scudoPvalloc(uptr Size);
int scudoPosixMemalign(void **MemPtr, uptr Alignment, uptr Size);		int scudoPosixMemalign(void **MemPtr, uptr Alignment, uptr Size);
void *scudoAlignedAlloc(uptr Alignment, uptr Size);		void *scudoAlignedAlloc(uptr Alignment, uptr Size);
uptr scudoMallocUsableSize(void *Ptr);		uptr scudoMallocUsableSize(void *Ptr);

#include "scudo_allocator_secondary.h"

} // namespace __scudo		} // namespace __scudo

#endif // SCUDO_ALLOCATOR_H_		#endif // SCUDO_ALLOCATOR_H_

lib/scudo/scudo_allocator.cpp

Show All 9 Lines
/// Scudo Hardened Allocator implementation.		/// Scudo Hardened Allocator implementation.
/// It uses the sanitizer_common allocator as a base and aims at mitigating		/// It uses the sanitizer_common allocator as a base and aims at mitigating
/// heap corruption vulnerabilities. It provides a checksum-guarded chunk		/// heap corruption vulnerabilities. It provides a checksum-guarded chunk
/// header, a delayed free list, and additional sanity checks.		/// header, a delayed free list, and additional sanity checks.
///		///
//===----------------------------------------------------------------------===//		//===----------------------------------------------------------------------===//

#include "scudo_allocator.h"		#include "scudo_allocator.h"
		#include "scudo_thread.h"
#include "scudo_utils.h"		#include "scudo_utils.h"

#include "sanitizer_common/sanitizer_allocator_interface.h"		#include "sanitizer_common/sanitizer_allocator_interface.h"
#include "sanitizer_common/sanitizer_quarantine.h"		#include "sanitizer_common/sanitizer_quarantine.h"

#include <limits.h>		#include <string.h>
#include <pthread.h>

#include <cstring>

namespace __scudo {		namespace __scudo {

#if SANITIZER_CAN_USE_ALLOCATOR64
const uptr AllocatorSpace = ~0ULL;
const uptr AllocatorSize = 0x40000000000ULL;
typedef DefaultSizeClassMap SizeClassMap;
struct AP {
static const uptr kSpaceBeg = AllocatorSpace;
static const uptr kSpaceSize = AllocatorSize;
static const uptr kMetadataSize = 0;
typedef __scudo::SizeClassMap SizeClassMap;
typedef NoOpMapUnmapCallback MapUnmapCallback;
static const uptr kFlags =
SizeClassAllocator64FlagMasks::kRandomShuffleChunks;
};
typedef SizeClassAllocator64<AP> PrimaryAllocator;
#else
// Currently, the 32-bit Sanitizer allocator has not yet benefited from all the
// security improvements brought to the 64-bit one. This makes the 32-bit
// version of Scudo slightly less toughened.
static const uptr RegionSizeLog = 20;
static const uptr NumRegions = SANITIZER_MMAP_RANGE_SIZE >> RegionSizeLog;
# if SANITIZER_WORDSIZE == 32
typedef FlatByteMap<NumRegions> ByteMap;
# elif SANITIZER_WORDSIZE == 64
typedef TwoLevelByteMap<(NumRegions >> 12), 1 << 12> ByteMap;
# endif // SANITIZER_WORDSIZE
typedef DefaultSizeClassMap SizeClassMap;
typedef SizeClassAllocator32<0, SANITIZER_MMAP_RANGE_SIZE, 0, SizeClassMap,
RegionSizeLog, ByteMap> PrimaryAllocator;
#endif // SANITIZER_CAN_USE_ALLOCATOR64

typedef SizeClassAllocatorLocalCache<PrimaryAllocator> AllocatorCache;
typedef ScudoLargeMmapAllocator SecondaryAllocator;
typedef CombinedAllocator<PrimaryAllocator, AllocatorCache, SecondaryAllocator>
ScudoAllocator;

static ScudoAllocator &getAllocator();

static thread_local Xorshift128Plus Prng;
// Global static cookie, initialized at start-up.		// Global static cookie, initialized at start-up.
static uptr Cookie;		static uptr Cookie;

// We default to software CRC32 if the alternatives are not supported, either		// We default to software CRC32 if the alternatives are not supported, either
// at compilation or at runtime.		// at compilation or at runtime.
static atomic_uint8_t HashAlgorithm = { CRC32Software };		static atomic_uint8_t HashAlgorithm = { CRC32Software };

SANITIZER_WEAK_ATTRIBUTE u32 computeHardwareCRC32(u32 Crc, uptr Data);		SANITIZER_WEAK_ATTRIBUTE u32 computeHardwareCRC32(u32 Crc, uptr Data);
Show All 20 Lines	struct ScudoChunk : UnpackedHeader {
void getAllocBeg(UnpackedHeader Header) {		void getAllocBeg(UnpackedHeader Header) {
return reinterpret_cast<void *>(		return reinterpret_cast<void *>(
reinterpret_cast<uptr>(this) - (Header->Offset << MinAlignmentLog));		reinterpret_cast<uptr>(this) - (Header->Offset << MinAlignmentLog));
}		}

// Returns the usable size for a chunk, meaning the amount of bytes from the		// Returns the usable size for a chunk, meaning the amount of bytes from the
// beginning of the user data to the end of the backend allocated chunk.		// beginning of the user data to the end of the backend allocated chunk.
uptr getUsableSize(UnpackedHeader *Header) {		uptr getUsableSize(UnpackedHeader *Header) {
uptr Size = getAllocator().GetActuallyAllocatedSize(getAllocBeg(Header));		uptr Size =
		getBackendAllocator().GetActuallyAllocatedSize(getAllocBeg(Header));
if (Size == 0)		if (Size == 0)
return Size;		return 0;
return Size - AlignedChunkHeaderSize - (Header->Offset << MinAlignmentLog);		return Size - AlignedChunkHeaderSize - (Header->Offset << MinAlignmentLog);
}		}

// Compute the checksum of the Chunk pointer and its ChunkHeader.		// Compute the checksum of the Chunk pointer and its ChunkHeader.
u16 computeChecksum(UnpackedHeader *Header) const {		u16 computeChecksum(UnpackedHeader *Header) const {
UnpackedHeader ZeroChecksumHeader = *Header;		UnpackedHeader ZeroChecksumHeader = *Header;
ZeroChecksumHeader.Checksum = 0;		ZeroChecksumHeader.Checksum = 0;
uptr HeaderHolder[sizeof(UnpackedHeader) / sizeof(uptr)];		uptr HeaderHolder[sizeof(UnpackedHeader) / sizeof(uptr)];
memcpy(&HeaderHolder, &ZeroChecksumHeader, sizeof(HeaderHolder));		memcpy(&HeaderHolder, &ZeroChecksumHeader, sizeof(HeaderHolder));
u8 HashType = atomic_load_relaxed(&HashAlgorithm);		u8 HashType = atomic_load_relaxed(&HashAlgorithm);
u32 Crc = computeCRC32(Cookie, reinterpret_cast<uptr>(this), HashType);		u32 Crc = computeCRC32(Cookie, reinterpret_cast<uptr>(this), HashType);
for (uptr i = 0; i < ARRAY_SIZE(HeaderHolder); i++)		for (uptr i = 0; i < ARRAY_SIZE(HeaderHolder); i++)
Crc = computeCRC32(Crc, HeaderHolder[i], HashType);		Crc = computeCRC32(Crc, HeaderHolder[i], HashType);
return static_cast<u16>(Crc);		return static_cast<u16>(Crc);
}		}

// Checks the validity of a chunk by verifying its checksum.		// Checks the validity of a chunk by verifying its checksum. This check
		// doesn't incur termination in case of an invalid chunk.
bool isValid() {		bool isValid() {
UnpackedHeader NewUnpackedHeader;		UnpackedHeader NewUnpackedHeader;
const AtomicPackedHeader *AtomicHeader =		const AtomicPackedHeader *AtomicHeader =
reinterpret_cast<const AtomicPackedHeader *>(this);		reinterpret_cast<const AtomicPackedHeader *>(this);
PackedHeader NewPackedHeader = atomic_load_relaxed(AtomicHeader);		PackedHeader NewPackedHeader = atomic_load_relaxed(AtomicHeader);
NewUnpackedHeader = bit_cast<UnpackedHeader>(NewPackedHeader);		NewUnpackedHeader = bit_cast<UnpackedHeader>(NewPackedHeader);
return (NewUnpackedHeader.Checksum == computeChecksum(&NewUnpackedHeader));		return (NewUnpackedHeader.Checksum == computeChecksum(&NewUnpackedHeader));
}		}

		// Nulls out a chunk header. When returning the chunk to the backend, there
		// is no need to store a valid ChunkAvailable header, as this would be
		// computationally expensive. Zero-ing out serves the same purpose by making
		// the header invalid. In the extremely rare event where 0 would be a valid
		// checksum for the chunk, the state of the chunk is ChunkAvailable anyway.
		COMPILER_CHECK(ChunkAvailable == 0);
		void eraseHeader() {
		PackedHeader NullPackedHeader = 0;
		AtomicPackedHeader *AtomicHeader =
		reinterpret_cast<AtomicPackedHeader *>(this);
		atomic_store_relaxed(AtomicHeader, NullPackedHeader);
		}

// Loads and unpacks the header, verifying the checksum in the process.		// Loads and unpacks the header, verifying the checksum in the process.
void loadHeader(UnpackedHeader *NewUnpackedHeader) const {		void loadHeader(UnpackedHeader *NewUnpackedHeader) const {
const AtomicPackedHeader *AtomicHeader =		const AtomicPackedHeader *AtomicHeader =
reinterpret_cast<const AtomicPackedHeader *>(this);		reinterpret_cast<const AtomicPackedHeader *>(this);
PackedHeader NewPackedHeader = atomic_load_relaxed(AtomicHeader);		PackedHeader NewPackedHeader = atomic_load_relaxed(AtomicHeader);
*NewUnpackedHeader = bit_cast<UnpackedHeader>(NewPackedHeader);		*NewUnpackedHeader = bit_cast<UnpackedHeader>(NewPackedHeader);
if (NewUnpackedHeader->Checksum != computeChecksum(NewUnpackedHeader)) {		if (UNLIKELY(NewUnpackedHeader->Checksum
		!= computeChecksum(NewUnpackedHeader))) {
dieWithMessage("ERROR: corrupted chunk header at address %p\n", this);		dieWithMessage("ERROR: corrupted chunk header at address %p\n", this);
}		}
}		}

// Packs and stores the header, computing the checksum in the process.		// Packs and stores the header, computing the checksum in the process.
void storeHeader(UnpackedHeader *NewUnpackedHeader) {		void storeHeader(UnpackedHeader *NewUnpackedHeader) {
NewUnpackedHeader->Checksum = computeChecksum(NewUnpackedHeader);		NewUnpackedHeader->Checksum = computeChecksum(NewUnpackedHeader);
PackedHeader NewPackedHeader = bit_cast<PackedHeader>(*NewUnpackedHeader);		PackedHeader NewPackedHeader = bit_cast<PackedHeader>(*NewUnpackedHeader);
AtomicPackedHeader *AtomicHeader =		AtomicPackedHeader *AtomicHeader =
reinterpret_cast<AtomicPackedHeader *>(this);		reinterpret_cast<AtomicPackedHeader *>(this);
atomic_store_relaxed(AtomicHeader, NewPackedHeader);		atomic_store_relaxed(AtomicHeader, NewPackedHeader);
}		}

// Packs and stores the header, computing the checksum in the process. We		// Packs and stores the header, computing the checksum in the process. We
// compare the current header with the expected provided one to ensure that		// compare the current header with the expected provided one to ensure that
// we are not being raced by a corruption occurring in another thread.		// we are not being raced by a corruption occurring in another thread.
void compareExchangeHeader(UnpackedHeader *NewUnpackedHeader,		void compareExchangeHeader(UnpackedHeader *NewUnpackedHeader,
UnpackedHeader *OldUnpackedHeader) {		UnpackedHeader *OldUnpackedHeader) {
NewUnpackedHeader->Checksum = computeChecksum(NewUnpackedHeader);		NewUnpackedHeader->Checksum = computeChecksum(NewUnpackedHeader);
PackedHeader NewPackedHeader = bit_cast<PackedHeader>(*NewUnpackedHeader);		PackedHeader NewPackedHeader = bit_cast<PackedHeader>(*NewUnpackedHeader);
PackedHeader OldPackedHeader = bit_cast<PackedHeader>(*OldUnpackedHeader);		PackedHeader OldPackedHeader = bit_cast<PackedHeader>(*OldUnpackedHeader);
AtomicPackedHeader *AtomicHeader =		AtomicPackedHeader *AtomicHeader =
reinterpret_cast<AtomicPackedHeader *>(this);		reinterpret_cast<AtomicPackedHeader *>(this);
if (!atomic_compare_exchange_strong(AtomicHeader,		if (UNLIKELY(!atomic_compare_exchange_strong(AtomicHeader,
&OldPackedHeader,		&OldPackedHeader,
NewPackedHeader,		NewPackedHeader,
memory_order_relaxed)) {		memory_order_relaxed))) {
dieWithMessage("ERROR: race on chunk header at address %p\n", this);		dieWithMessage("ERROR: race on chunk header at address %p\n", this);
}		}
}		}
};		};

static bool ScudoInitIsRunning = false;		static bool ScudoInitIsRunning = false;

static pthread_once_t GlobalInited = PTHREAD_ONCE_INIT;		void initScudo() {
static pthread_key_t PThreadKey;

static thread_local bool ThreadInited = false;
static thread_local bool ThreadTornDown = false;
static thread_local AllocatorCache Cache;

static void teardownThread(void *p) {
uptr v = reinterpret_cast<uptr>(p);
// The glibc POSIX thread-local-storage deallocation routine calls user
// provided destructors in a loop of PTHREAD_DESTRUCTOR_ITERATIONS.
// We want to be called last since other destructors might call free and the
// like, so we wait until PTHREAD_DESTRUCTOR_ITERATIONS before draining the
// quarantine and swallowing the cache.
if (v < PTHREAD_DESTRUCTOR_ITERATIONS) {
pthread_setspecific(PThreadKey, reinterpret_cast<void *>(v + 1));
return;
}
drainQuarantine();
getAllocator().DestroyCache(&Cache);
ThreadTornDown = true;
}

static void initInternal() {
SanitizerToolName = "Scudo";		SanitizerToolName = "Scudo";
CHECK(!ScudoInitIsRunning && "Scudo init calls itself!");		CHECK(!ScudoInitIsRunning && "Scudo init calls itself!");
ScudoInitIsRunning = true;		ScudoInitIsRunning = true;

// Check is SSE4.2 is supported, if so, opt for the CRC32 hardware version.		// Check is SSE4.2 is supported, if so, opt for the CRC32 hardware version.
if (testCPUFeature(CRC32CPUFeature)) {		if (testCPUFeature(CRC32CPUFeature)) {
atomic_store_relaxed(&HashAlgorithm, CRC32Hardware);		atomic_store_relaxed(&HashAlgorithm, CRC32Hardware);
}		}

initFlags();		initFlags();

AllocatorOptions Options;		AllocatorOptions Options;
Options.setFrom(getFlags(), common_flags());		Options.setFrom(getFlags(), common_flags());
initAllocator(Options);		initAllocator(Options);

MaybeStartBackgroudThread();

ScudoInitIsRunning = false;		ScudoInitIsRunning = false;
}		}

static void initGlobal() {
pthread_key_create(&PThreadKey, teardownThread);
initInternal();
}

static void NOINLINE initThread() {
pthread_once(&GlobalInited, initGlobal);
pthread_setspecific(PThreadKey, reinterpret_cast<void *>(1));
getAllocator().InitCache(&Cache);
ThreadInited = true;
}

struct QuarantineCallback {		struct QuarantineCallback {
explicit QuarantineCallback(AllocatorCache *Cache)		explicit QuarantineCallback(AllocatorCache *Cache)
: Cache_(Cache) {}		: Cache_(Cache) {}

// Chunk recycling function, returns a quarantined chunk to the backend.		// Chunk recycling function, returns a quarantined chunk to the backend.
void Recycle(ScudoChunk *Chunk) {		void Recycle(ScudoChunk *Chunk) {
UnpackedHeader Header;		UnpackedHeader Header;
Chunk->loadHeader(&Header);		Chunk->loadHeader(&Header);
if (Header.State != ChunkQuarantine) {		if (UNLIKELY(Header.State != ChunkQuarantine)) {
		alekseyshlUnsubmitted Not Done Reply Inline Actions Does UNLIKELY really improve the generated code? alekseyshl: Does UNLIKELY really improve the generated code?
		cryptoadAuthorUnsubmitted Not Done Reply Inline Actions I do like it as it will make the error condition the target of the conditional jump, and the rest of the code follows the regular flow. For example for that particular check, on x64: .text:0000000000053B72 E8 99 9A 00 00 call _ZN7__scudo20computeHardwareCRC32Ejm ; __scudo::computeHardwareCRC32(uint,ulong) .text:0000000000053B77 4C 8B 44 24 08 mov r8, [rsp+78h+var_70] .text:0000000000053B7C 66 41 39 C0 cmp r8w, ax .text:0000000000053B80 0F 85 CA 02 00 00 jnz loc_53E50 ; error .text:0000000000053B86 49 C1 EC 20 shr r12, 20h The error is the target of the long jump. I changed all the die conditions to be UNLIKELY as if they are hit, we terminate anyway. The performance gain is not necessarily significant, but the assembly does look cleaner. cryptoad: I do like it as it will make the error condition the target of the conditional jump, and the…
dieWithMessage("ERROR: invalid chunk state when recycling address %p\n",		dieWithMessage("ERROR: invalid chunk state when recycling address %p\n",
Chunk);		Chunk);
}		}
		Chunk->eraseHeader();
void *Ptr = Chunk->getAllocBeg(&Header);		void *Ptr = Chunk->getAllocBeg(&Header);
getAllocator().Deallocate(Cache_, Ptr);		getBackendAllocator().Deallocate(Cache_, Ptr);
}		}

/// Internal quarantine allocation and deallocation functions.		/// Internal quarantine allocation and deallocation functions.
void *Allocate(uptr Size) {		void *Allocate(uptr Size) {
// The internal quarantine memory cannot be protected by us. But the only		// TODO(kostyak): figure out the best way to protect the batches.
// structures allocated are QuarantineBatch, that are 8KB for x64. So we		return getBackendAllocator().Allocate(Cache_, Size, MinAlignment);
// will use mmap for those, and given that Deallocate doesn't pass a size
// in, we enforce the size of the allocation to be sizeof(QuarantineBatch).
// TODO(kostyak): switching to mmap impacts greatly performances, we have
// to find another solution
// CHECK_EQ(Size, sizeof(QuarantineBatch));
// return MmapOrDie(Size, "QuarantineBatch");
return getAllocator().Allocate(Cache_, Size, 1, false);
}		}

void Deallocate(void *Ptr) {		void Deallocate(void *Ptr) {
// UnmapOrDie(Ptr, sizeof(QuarantineBatch));		getBackendAllocator().Deallocate(Cache_, Ptr);
getAllocator().Deallocate(Cache_, Ptr);
}		}

AllocatorCache *Cache_;		AllocatorCache *Cache_;
};		};

typedef Quarantine<QuarantineCallback, ScudoChunk> ScudoQuarantine;		typedef Quarantine<QuarantineCallback, ScudoChunk> ScudoQuarantine;
typedef ScudoQuarantine::Cache QuarantineCache;		typedef ScudoQuarantine::Cache ScudoQuarantineCache;
static thread_local QuarantineCache ThreadQuarantineCache;		COMPILER_CHECK(sizeof(ScudoQuarantineCache)
		<= sizeof(ScudoThreadContext::QuarantineCachePlaceHolder));

		AllocatorCache getAllocatorCache(ScudoThreadContext ThreadContext) {
		return &ThreadContext->Cache;
		}

		ScudoQuarantineCache getQuarantineCache(ScudoThreadContext ThreadContext) {
		return reinterpret_cast<
		ScudoQuarantineCache *>(ThreadContext->QuarantineCachePlaceHolder);
		}

		Xorshift128Plus getPrng(ScudoThreadContext ThreadContext) {
		return &ThreadContext->Prng;
		}

void AllocatorOptions::setFrom(const Flags f, const CommonFlags cf) {		void AllocatorOptions::setFrom(const Flags f, const CommonFlags cf) {
MayReturnNull = cf->allocator_may_return_null;		MayReturnNull = cf->allocator_may_return_null;
ReleaseToOSIntervalMs = cf->allocator_release_to_os_interval_ms;		ReleaseToOSIntervalMs = cf->allocator_release_to_os_interval_ms;
QuarantineSizeMb = f->QuarantineSizeMb;		QuarantineSizeMb = f->QuarantineSizeMb;
ThreadLocalQuarantineSizeKb = f->ThreadLocalQuarantineSizeKb;		ThreadLocalQuarantineSizeKb = f->ThreadLocalQuarantineSizeKb;
DeallocationTypeMismatch = f->DeallocationTypeMismatch;		DeallocationTypeMismatch = f->DeallocationTypeMismatch;
DeleteSizeMismatch = f->DeleteSizeMismatch;		DeleteSizeMismatch = f->DeleteSizeMismatch;
ZeroContents = f->ZeroContents;		ZeroContents = f->ZeroContents;
}		}

void AllocatorOptions::copyTo(Flags f, CommonFlags cf) const {		void AllocatorOptions::copyTo(Flags f, CommonFlags cf) const {
cf->allocator_may_return_null = MayReturnNull;		cf->allocator_may_return_null = MayReturnNull;
cf->allocator_release_to_os_interval_ms = ReleaseToOSIntervalMs;		cf->allocator_release_to_os_interval_ms = ReleaseToOSIntervalMs;
f->QuarantineSizeMb = QuarantineSizeMb;		f->QuarantineSizeMb = QuarantineSizeMb;
f->ThreadLocalQuarantineSizeKb = ThreadLocalQuarantineSizeKb;		f->ThreadLocalQuarantineSizeKb = ThreadLocalQuarantineSizeKb;
f->DeallocationTypeMismatch = DeallocationTypeMismatch;		f->DeallocationTypeMismatch = DeallocationTypeMismatch;
f->DeleteSizeMismatch = DeleteSizeMismatch;		f->DeleteSizeMismatch = DeleteSizeMismatch;
f->ZeroContents = ZeroContents;		f->ZeroContents = ZeroContents;
}		}

struct Allocator {		struct ScudoAllocator {
static const uptr MaxAllowedMallocSize =		static const uptr MaxAllowedMallocSize =
FIRST_32_SECOND_64(2UL << 30, 1ULL << 40);		FIRST_32_SECOND_64(2UL << 30, 1ULL << 40);

ScudoAllocator BackendAllocator;		ScudoBackendAllocator BackendAllocator;
ScudoQuarantine AllocatorQuarantine;		ScudoQuarantine AllocatorQuarantine;

// The fallback caches are used when the thread local caches have been		// The fallback caches are used when the thread local caches have been
// 'detroyed' on thread tear-down. They are protected by a Mutex as they can		// 'detroyed' on thread tear-down. They are protected by a Mutex as they can
// be accessed by different threads.		// be accessed by different threads.
StaticSpinMutex FallbackMutex;		StaticSpinMutex FallbackMutex;
AllocatorCache FallbackAllocatorCache;		AllocatorCache FallbackAllocatorCache;
QuarantineCache FallbackQuarantineCache;		ScudoQuarantineCache FallbackQuarantineCache;
		Xorshift128Plus GlobalPrng;

bool DeallocationTypeMismatch;		bool DeallocationTypeMismatch;
bool ZeroContents;		bool ZeroContents;
bool DeleteSizeMismatch;		bool DeleteSizeMismatch;

explicit Allocator(LinkerInitialized)		explicit ScudoAllocator(LinkerInitialized)
: AllocatorQuarantine(LINKER_INITIALIZED),		: AllocatorQuarantine(LINKER_INITIALIZED),
FallbackQuarantineCache(LINKER_INITIALIZED) {}		FallbackQuarantineCache(LINKER_INITIALIZED) {}

void init(const AllocatorOptions &Options) {		void init(const AllocatorOptions &Options) {
// Verify that the header offset field can hold the maximum offset. In the		// Verify that the header offset field can hold the maximum offset. In the
// case of the Secondary allocator, it takes care of alignment and the		// case of the Secondary allocator, it takes care of alignment and the
// offset will always be 0. In the case of the Primary, the worst case		// offset will always be 0. In the case of the Primary, the worst case
// scenario happens in the last size class, when the backend allocation		// scenario happens in the last size class, when the backend allocation
Show All 25 Lines	void init(const AllocatorOptions &Options) {

DeallocationTypeMismatch = Options.DeallocationTypeMismatch;		DeallocationTypeMismatch = Options.DeallocationTypeMismatch;
DeleteSizeMismatch = Options.DeleteSizeMismatch;		DeleteSizeMismatch = Options.DeleteSizeMismatch;
ZeroContents = Options.ZeroContents;		ZeroContents = Options.ZeroContents;
BackendAllocator.Init(Options.MayReturnNull, Options.ReleaseToOSIntervalMs);		BackendAllocator.Init(Options.MayReturnNull, Options.ReleaseToOSIntervalMs);
AllocatorQuarantine.Init(		AllocatorQuarantine.Init(
static_cast<uptr>(Options.QuarantineSizeMb) << 20,		static_cast<uptr>(Options.QuarantineSizeMb) << 20,
static_cast<uptr>(Options.ThreadLocalQuarantineSizeKb) << 10);		static_cast<uptr>(Options.ThreadLocalQuarantineSizeKb) << 10);
		FallbackMutex.Init();
BackendAllocator.InitCache(&FallbackAllocatorCache);		BackendAllocator.InitCache(&FallbackAllocatorCache);
Cookie = Prng.Next();		GlobalPrng.initFromURandom();
		Cookie = GlobalPrng.getNext();
}		}

// Helper function that checks for a valid Scudo chunk.		// Helper function that checks for a valid Scudo chunk. nullptr isn't.
bool isValidPointer(const void *UserPtr) {		bool isValidPointer(const void *UserPtr) {
if (UNLIKELY(!ThreadInited))		initThreadMaybe();
initThread();		if (!UserPtr)
uptr ChunkBeg = reinterpret_cast<uptr>(UserPtr);
if (!IsAligned(ChunkBeg, MinAlignment)) {
return false;		return false;
}		uptr UserBeg = reinterpret_cast<uptr>(UserPtr);
ScudoChunk *Chunk =		if (!IsAligned(UserBeg, MinAlignment))
reinterpret_cast<ScudoChunk *>(ChunkBeg - AlignedChunkHeaderSize);		return false;
return Chunk->isValid();		return getScudoChunk(UserBeg)->isValid();
}		}

// Allocates a chunk.		// Allocates a chunk.
void *allocate(uptr Size, uptr Alignment, AllocType Type) {		void *allocate(uptr Size, uptr Alignment, AllocType Type,
if (UNLIKELY(!ThreadInited))		bool ForceZeroContents = false) {
initThread();		initThreadMaybe();
		eugenisUnsubmitted Not Done Reply Inline Actions Calling initThreadMaybe() from all entry points looks error-prone. Is it ok (performance-wise) to do lazy initialization in getCurrentThreadContext? eugenis: Calling initThreadMaybe() from all entry points looks error-prone. Is it ok (performance-wise)…
		cryptoadAuthorUnsubmitted Not Done Reply Inline Actions Things like BackendAllocator.ReturnNullOrDieOnBadRequest will require initialization, but are called prior to getCurrentThreadContext. I am also actually not super happy about the way this turned out. The alternative would be a preinit or equivalent? cryptoad: Things like BackendAllocator.ReturnNullOrDieOnBadRequest will require initialization, but are…
		eugenisUnsubmitted Not Done Reply Inline Actions Ideally access to the allocator cache should go through ThreadLocalContext as well. Maybe. What do you mean by preinit? eugenis: Ideally access to the allocator cache should go through ThreadLocalContext as well. Maybe.
		cryptoadAuthorUnsubmitted Not Done Reply Inline Actions Access to the local cache & quarantine cache go through the thread context. The issue I think is more about the global init, which is currently called via a pthread_once in the thread init. So realistically, the global init doesn't happen until a thread has been initialized. Unfortunately, that means all the options for the backend haven't been parsed yet if we wait to get the thread context (unless I move it up the code). I was thinking like in ASan, where it could be initialized once and for all via the preinit_array? cryptoad: Access to the local cache & quarantine cache go through the thread context. The issue I think…
		dvyukovUnsubmitted Not Done Reply Inline Actions Agree, this does not look good if we care about performance. We could use preinit_array (or some other android alternative), but we also need to init thread (do we?). So we could piggy-back on thread init check. Namely: ThreadContext* GetThreadContext() { ThreadContext* ctx = __get_tls()[TLS_TSAN_SLOT]; if (LIKELY(ctx)) return ctx; // implies that thread and global context were initialized return GetThreadContextSlow(); } ThreadContext* GetThreadContextSlow() { init global context once; create and init thread context; store it into TLS_TSAN_SLOT and return; } If we call GetThreadContext() once in each interface function and then explicitly propagate the object pointer, we don't do any excessive work at all. This needs special care if some interface functions can be called from signal handlers. dvyukov: Agree, this does not look good if we care about performance. We could use preinit_array (or…
if (!IsPowerOfTwo(Alignment)) {		if (UNLIKELY(!IsPowerOfTwo(Alignment))) {
dieWithMessage("ERROR: alignment is not a power of 2\n");		dieWithMessage("ERROR: alignment is not a power of 2\n");
}		}
if (Alignment > MaxAlignment)		if (Alignment > MaxAlignment)
return BackendAllocator.ReturnNullOrDieOnBadRequest();		return BackendAllocator.ReturnNullOrDieOnBadRequest();
if (Alignment < MinAlignment)		if (Alignment < MinAlignment)
Alignment = MinAlignment;		Alignment = MinAlignment;
if (Size == 0)
Size = 1;
if (Size >= MaxAllowedMallocSize)		if (Size >= MaxAllowedMallocSize)
return BackendAllocator.ReturnNullOrDieOnBadRequest();		return BackendAllocator.ReturnNullOrDieOnBadRequest();
		if (Size == 0)
		Size = 1;

uptr NeededSize = RoundUpTo(Size, MinAlignment) + AlignedChunkHeaderSize;		uptr NeededSize = RoundUpTo(Size, MinAlignment) + AlignedChunkHeaderSize;
if (Alignment > MinAlignment)		if (Alignment > MinAlignment)
NeededSize += Alignment;		NeededSize += Alignment;
if (NeededSize >= MaxAllowedMallocSize)		if (NeededSize >= MaxAllowedMallocSize)
return BackendAllocator.ReturnNullOrDieOnBadRequest();		return BackendAllocator.ReturnNullOrDieOnBadRequest();

// Primary backed and Secondary backed allocations have a different		// Primary backed and Secondary backed allocations have a different
// treatment. We deal with alignment requirements of Primary serviced		// treatment. We deal with alignment requirements of Primary serviced
// allocations here, but the Secondary will take care of its own alignment		// allocations here, but the Secondary will take care of its own alignment
// needs, which means we also have to work around some limitations of the		// needs, which means we also have to work around some limitations of the
// combined allocator to accommodate the situation.		// combined allocator to accommodate the situation.
bool FromPrimary = PrimaryAllocator::CanAllocate(NeededSize, MinAlignment);		bool FromPrimary = PrimaryAllocator::CanAllocate(NeededSize, MinAlignment);

		uptr Salt;
void *Ptr;		void *Ptr;
if (LIKELY(!ThreadTornDown)) {		uptr AllocationAlignment = FromPrimary ? MinAlignment : Alignment;
Ptr = BackendAllocator.Allocate(&Cache, NeededSize,		ScudoThreadContext *ThreadContext = getCurrentThreadContext();
FromPrimary ? MinAlignment : Alignment);		// Based on what backs the ThreadContext, the locking mechanism differ (it
		// might not be locked at all for thread_local variables).
		if (ThreadContext) {
		ThreadContext->Lock();
		Salt = getPrng(ThreadContext)->getNext();
		Ptr = BackendAllocator.Allocate(getAllocatorCache(ThreadContext),
		NeededSize, AllocationAlignment);
		ThreadContext->Unlock();
} else {		} else {
SpinMutexLock l(&FallbackMutex);		SpinMutexLock Lock(&FallbackMutex);
Ptr = BackendAllocator.Allocate(&FallbackAllocatorCache, NeededSize,		Salt = GlobalPrng.getNext();
FromPrimary ? MinAlignment : Alignment);		Ptr = BackendAllocator.Allocate(&FallbackAllocatorCache,
		NeededSize, AllocationAlignment);
}		}
if (!Ptr)		if (!Ptr)
return BackendAllocator.ReturnNullOrDieOnOOM();		return BackendAllocator.ReturnNullOrDieOnOOM();

uptr AllocBeg = reinterpret_cast<uptr>(Ptr);		uptr AllocBeg = reinterpret_cast<uptr>(Ptr);
// If the allocation was serviced by the secondary, the returned pointer		// If the allocation was serviced by the secondary, the returned pointer
// accounts for ChunkHeaderSize to pass the alignment check of the combined		// accounts for ChunkHeaderSize to pass the alignment check of the combined
// allocator. Adjust it here.		// allocator. Adjust it here.
if (!FromPrimary) {		if (!FromPrimary) {
AllocBeg -= AlignedChunkHeaderSize;		AllocBeg -= AlignedChunkHeaderSize;
if (Alignment > MinAlignment)		if (Alignment > MinAlignment)
NeededSize -= Alignment;		NeededSize -= Alignment;
}		}

uptr ActuallyAllocatedSize = BackendAllocator.GetActuallyAllocatedSize(		uptr ActuallyAllocatedSize = BackendAllocator.GetActuallyAllocatedSize(
reinterpret_cast<void *>(AllocBeg));		reinterpret_cast<void *>(AllocBeg));
// If requested, we will zero out the entire contents of the returned chunk.		// If requested, we will zero out the entire contents of the returned chunk.
if (ZeroContents && FromPrimary)		if ((ForceZeroContents \|\| ZeroContents) && FromPrimary)
memset(Ptr, 0, ActuallyAllocatedSize);		memset(Ptr, 0, ActuallyAllocatedSize);

uptr ChunkBeg = AllocBeg + AlignedChunkHeaderSize;		uptr UserBeg = AllocBeg + AlignedChunkHeaderSize;
if (!IsAligned(ChunkBeg, Alignment))		if (!IsAligned(UserBeg, Alignment))
ChunkBeg = RoundUpTo(ChunkBeg, Alignment);		UserBeg = RoundUpTo(UserBeg, Alignment);
CHECK_LE(ChunkBeg + Size, AllocBeg + NeededSize);		CHECK_LE(UserBeg + Size, AllocBeg + NeededSize);
ScudoChunk *Chunk =
reinterpret_cast<ScudoChunk *>(ChunkBeg - AlignedChunkHeaderSize);
UnpackedHeader Header = {};		UnpackedHeader Header = {};
Header.State = ChunkAllocated;		Header.State = ChunkAllocated;
uptr Offset = ChunkBeg - AlignedChunkHeaderSize - AllocBeg;		uptr Offset = UserBeg - AlignedChunkHeaderSize - AllocBeg;
Header.Offset = Offset >> MinAlignmentLog;		Header.Offset = Offset >> MinAlignmentLog;
Header.AllocType = Type;		Header.AllocType = Type;
Header.UnusedBytes = ActuallyAllocatedSize - Offset -		Header.UnusedBytes = ActuallyAllocatedSize - Offset -
AlignedChunkHeaderSize - Size;		AlignedChunkHeaderSize - Size;
Header.Salt = static_cast<u8>(Prng.Next());		Header.Salt = static_cast<u8>(Salt);
Chunk->storeHeader(&Header);		getScudoChunk(UserBeg)->storeHeader(&Header);
void UserPtr = reinterpret_cast<void >(ChunkBeg);		void UserPtr = reinterpret_cast<void >(UserBeg);
// TODO(kostyak): hooks sound like a terrible idea security wise but might
// be needed for things to work properly?
// if (&__sanitizer_malloc_hook) __sanitizer_malloc_hook(UserPtr, Size);		// if (&__sanitizer_malloc_hook) __sanitizer_malloc_hook(UserPtr, Size);
return UserPtr;		return UserPtr;
}		}

		// Place a chunk in the quarantine. In the event of a zero-sized quarantine,
		// we directly deallocate the chunk, otherwise the flow would lead to the
		// chunk being checksummed twice, once before Put and once in Recycle, with
		// no additional security value.
		void quarantineOrDeallocateChunk(ScudoChunk Chunk, UnpackedHeader Header,
		uptr Size) {
		bool BypassQuarantine = (AllocatorQuarantine.GetCacheSize() == 0);
		ScudoThreadContext *ThreadContext = getCurrentThreadContext();
		if (BypassQuarantine) {
		Chunk->eraseHeader();
		void *Ptr = Chunk->getAllocBeg(Header);
		if (ThreadContext) {
		ThreadContext->Lock();
		getBackendAllocator().Deallocate(getAllocatorCache(ThreadContext), Ptr);
		ThreadContext->Unlock();
		} else {
		SpinMutexLock Lock(&FallbackMutex);
		getBackendAllocator().Deallocate(&FallbackAllocatorCache, Ptr);
		}
		} else {
		UnpackedHeader NewHeader = *Header;
		NewHeader.State = ChunkQuarantine;
		Chunk->compareExchangeHeader(&NewHeader, Header);
		if (ThreadContext) {
		ThreadContext->Lock();
		AllocatorQuarantine.Put(getQuarantineCache(ThreadContext),
		QuarantineCallback(
		getAllocatorCache(ThreadContext)),
		Chunk, Size);
		ThreadContext->Unlock();
		} else {
		SpinMutexLock Lock(&FallbackMutex);
		AllocatorQuarantine.Put(&FallbackQuarantineCache,
		QuarantineCallback(&FallbackAllocatorCache),
		Chunk, Size);
		}
		}
		}

// Deallocates a Chunk, which means adding it to the delayed free list (or		// Deallocates a Chunk, which means adding it to the delayed free list (or
// Quarantine).		// Quarantine) or returning it to the backend.
void deallocate(void *UserPtr, uptr DeleteSize, AllocType Type) {		void deallocate(void *UserPtr, uptr DeleteSize, AllocType Type) {
if (UNLIKELY(!ThreadInited))		initThreadMaybe();
initThread();
// TODO(kostyak): see hook comment above
// if (&__sanitizer_free_hook) __sanitizer_free_hook(UserPtr);		// if (&__sanitizer_free_hook) __sanitizer_free_hook(UserPtr);
if (!UserPtr)		if (!UserPtr)
return;		return;
uptr ChunkBeg = reinterpret_cast<uptr>(UserPtr);		uptr UserBeg = reinterpret_cast<uptr>(UserPtr);
if (!IsAligned(ChunkBeg, MinAlignment)) {		if (UNLIKELY(!IsAligned(UserBeg, MinAlignment))) {
dieWithMessage("ERROR: attempted to deallocate a chunk not properly "		dieWithMessage("ERROR: attempted to deallocate a chunk not properly "
"aligned at address %p\n", UserPtr);		"aligned at address %p\n", UserPtr);
}		}
ScudoChunk *Chunk =		ScudoChunk *Chunk = getScudoChunk(UserBeg);
reinterpret_cast<ScudoChunk *>(ChunkBeg - AlignedChunkHeaderSize);
UnpackedHeader OldHeader;		UnpackedHeader OldHeader;
Chunk->loadHeader(&OldHeader);		Chunk->loadHeader(&OldHeader);
if (OldHeader.State != ChunkAllocated) {		if (UNLIKELY(OldHeader.State != ChunkAllocated)) {
dieWithMessage("ERROR: invalid chunk state when deallocating address "		dieWithMessage("ERROR: invalid chunk state when deallocating address "
"%p\n", UserPtr);		"%p\n", UserPtr);
}		}
uptr UsableSize = Chunk->getUsableSize(&OldHeader);
UnpackedHeader NewHeader = OldHeader;
NewHeader.State = ChunkQuarantine;
Chunk->compareExchangeHeader(&NewHeader, &OldHeader);
if (DeallocationTypeMismatch) {		if (DeallocationTypeMismatch) {
// The deallocation type has to match the allocation one.		// The deallocation type has to match the allocation one.
if (NewHeader.AllocType != Type) {		if (OldHeader.AllocType != Type) {
// With the exception of memalign'd Chunks, that can be still be free'd.		// With the exception of memalign'd Chunks, that can be still be free'd.
if (NewHeader.AllocType != FromMemalign \|\| Type != FromMalloc) {		if (OldHeader.AllocType != FromMemalign \|\| Type != FromMalloc) {
dieWithMessage("ERROR: allocation type mismatch on address %p\n",		dieWithMessage("ERROR: allocation type mismatch on address %p\n",
Chunk);		UserPtr);
}		}
}		}
}		}
uptr Size = UsableSize - OldHeader.UnusedBytes;		uptr UsableSize = Chunk->getUsableSize(&OldHeader);
if (DeleteSizeMismatch) {		if (DeleteSizeMismatch) {
		uptr Size = UsableSize - OldHeader.UnusedBytes;
if (DeleteSize && DeleteSize != Size) {		if (DeleteSize && DeleteSize != Size) {
dieWithMessage("ERROR: invalid sized delete on chunk at address %p\n",		dieWithMessage("ERROR: invalid sized delete on chunk at address %p\n",
Chunk);		UserPtr);
}		}
}		}
		quarantineOrDeallocateChunk(Chunk, &OldHeader, UsableSize);
if (LIKELY(!ThreadTornDown)) {
AllocatorQuarantine.Put(&ThreadQuarantineCache,
QuarantineCallback(&Cache), Chunk, UsableSize);
} else {
SpinMutexLock l(&FallbackMutex);
AllocatorQuarantine.Put(&FallbackQuarantineCache,
QuarantineCallback(&FallbackAllocatorCache),
Chunk, UsableSize);
}
}		}

// Reallocates a chunk. We can save on a new allocation if the new requested		// Reallocates a chunk. We can save on a new allocation if the new requested
// size still fits in the chunk.		// size still fits in the chunk.
void reallocate(void OldPtr, uptr NewSize) {		void reallocate(void OldPtr, uptr NewSize) {
if (UNLIKELY(!ThreadInited))		initThreadMaybe();
initThread();		uptr UserBeg = reinterpret_cast<uptr>(OldPtr);
uptr ChunkBeg = reinterpret_cast<uptr>(OldPtr);		if (UNLIKELY(!IsAligned(UserBeg, MinAlignment))) {
ScudoChunk *Chunk =		dieWithMessage("ERROR: attempted to reallocate a chunk not properly "
reinterpret_cast<ScudoChunk *>(ChunkBeg - AlignedChunkHeaderSize);		"aligned at address %p\n", OldPtr);
		}
		ScudoChunk *Chunk = getScudoChunk(UserBeg);
UnpackedHeader OldHeader;		UnpackedHeader OldHeader;
Chunk->loadHeader(&OldHeader);		Chunk->loadHeader(&OldHeader);
if (OldHeader.State != ChunkAllocated) {		if (UNLIKELY(OldHeader.State != ChunkAllocated)) {
dieWithMessage("ERROR: invalid chunk state when reallocating address "		dieWithMessage("ERROR: invalid chunk state when reallocating address "
"%p\n", OldPtr);		"%p\n", OldPtr);
}		}
uptr Size = Chunk->getUsableSize(&OldHeader);		if (UNLIKELY(OldHeader.AllocType != FromMalloc)) {
if (OldHeader.AllocType != FromMalloc) {
dieWithMessage("ERROR: invalid chunk type when reallocating address %p\n",		dieWithMessage("ERROR: invalid chunk type when reallocating address %p\n",
Chunk);		OldPtr);
}		}
UnpackedHeader NewHeader = OldHeader;		uptr UsableSize = Chunk->getUsableSize(&OldHeader);
// The new size still fits in the current chunk.		// The new size still fits in the current chunk.
if (NewSize <= Size) {		if (NewSize <= UsableSize) {
NewHeader.UnusedBytes = Size - NewSize;		UnpackedHeader NewHeader = OldHeader;
		NewHeader.UnusedBytes = UsableSize - NewSize;
Chunk->compareExchangeHeader(&NewHeader, &OldHeader);		Chunk->compareExchangeHeader(&NewHeader, &OldHeader);
return OldPtr;		return OldPtr;
}		}
// Otherwise, we have to allocate a new chunk and copy the contents of the		// Otherwise, we have to allocate a new chunk and copy the contents of the
// old one.		// old one.
void *NewPtr = allocate(NewSize, MinAlignment, FromMalloc);		void *NewPtr = allocate(NewSize, MinAlignment, FromMalloc);
if (NewPtr) {		if (NewPtr) {
uptr OldSize = Size - OldHeader.UnusedBytes;		uptr OldSize = UsableSize - OldHeader.UnusedBytes;
memcpy(NewPtr, OldPtr, Min(NewSize, OldSize));		memcpy(NewPtr, OldPtr, Min(NewSize, OldSize));
NewHeader.State = ChunkQuarantine;		quarantineOrDeallocateChunk(Chunk, &OldHeader, UsableSize);
Chunk->compareExchangeHeader(&NewHeader, &OldHeader);
if (LIKELY(!ThreadTornDown)) {
AllocatorQuarantine.Put(&ThreadQuarantineCache,
QuarantineCallback(&Cache), Chunk, Size);
} else {
SpinMutexLock l(&FallbackMutex);
AllocatorQuarantine.Put(&FallbackQuarantineCache,
QuarantineCallback(&FallbackAllocatorCache),
Chunk, Size);
}
}		}
return NewPtr;		return NewPtr;
}		}

		ScudoChunk *getScudoChunk(uptr UserBeg) {
		return reinterpret_cast<ScudoChunk *>(UserBeg - AlignedChunkHeaderSize);
		}

// Helper function that returns the actual usable size of a chunk.		// Helper function that returns the actual usable size of a chunk.
uptr getUsableSize(const void *Ptr) {		uptr getUsableSize(const void *Ptr) {
if (UNLIKELY(!ThreadInited))		initThreadMaybe();
initThread();
if (!Ptr)		if (!Ptr)
return 0;		return 0;
uptr ChunkBeg = reinterpret_cast<uptr>(Ptr);		uptr UserBeg = reinterpret_cast<uptr>(Ptr);
ScudoChunk *Chunk =		ScudoChunk *Chunk = getScudoChunk(UserBeg);
reinterpret_cast<ScudoChunk *>(ChunkBeg - AlignedChunkHeaderSize);
UnpackedHeader Header;		UnpackedHeader Header;
Chunk->loadHeader(&Header);		Chunk->loadHeader(&Header);
// Getting the usable size of a chunk only makes sense if it's allocated.		// Getting the usable size of a chunk only makes sense if it's allocated.
if (Header.State != ChunkAllocated) {		if (UNLIKELY(Header.State != ChunkAllocated)) {
dieWithMessage("ERROR: invalid chunk state when sizing address %p\n",		dieWithMessage("ERROR: invalid chunk state when sizing address %p\n",
Ptr);		Ptr);
}		}
return Chunk->getUsableSize(&Header);		return Chunk->getUsableSize(&Header);
}		}

void *calloc(uptr NMemB, uptr Size) {		void *calloc(uptr NMemB, uptr Size) {
if (UNLIKELY(!ThreadInited))		initThreadMaybe();
initThread();
uptr Total = NMemB * Size;		uptr Total = NMemB * Size;
if (Size != 0 && Total / Size != NMemB) // Overflow check		if (Size != 0 && Total / Size != NMemB) // Overflow check
return BackendAllocator.ReturnNullOrDieOnBadRequest();		return BackendAllocator.ReturnNullOrDieOnBadRequest();
void *Ptr = allocate(Total, MinAlignment, FromMalloc);		return allocate(Total, MinAlignment, FromMalloc, true);
// If ZeroContents, the content of the chunk has already been zero'd out.
if (!ZeroContents && Ptr && BackendAllocator.FromPrimary(Ptr))
memset(Ptr, 0, getUsableSize(Ptr));
return Ptr;
}		}

void drainQuarantine() {		void commitBack(ScudoThreadContext *ThreadContext) {
AllocatorQuarantine.Drain(&ThreadQuarantineCache,		AllocatorCache *Cache = getAllocatorCache(ThreadContext);
QuarantineCallback(&Cache));		AllocatorQuarantine.Drain(getQuarantineCache(ThreadContext),
		QuarantineCallback(Cache));
		BackendAllocator.DestroyCache(Cache);
}		}

uptr getStats(AllocatorStat StatType) {		uptr getStats(AllocatorStat StatType) {
if (UNLIKELY(!ThreadInited))		initThreadMaybe();
initThread();
uptr stats[AllocatorStatCount];		uptr stats[AllocatorStatCount];
BackendAllocator.GetStats(stats);		BackendAllocator.GetStats(stats);
return stats[StatType];		return stats[StatType];
}		}
};		};

static Allocator Instance(LINKER_INITIALIZED);		static ScudoAllocator Instance(LINKER_INITIALIZED);

static ScudoAllocator &getAllocator() {		ScudoBackendAllocator &getBackendAllocator() {
return Instance.BackendAllocator;		return Instance.BackendAllocator;
}		}

void initAllocator(const AllocatorOptions &Options) {		void initAllocator(const AllocatorOptions &Options) {
Instance.init(Options);		Instance.init(Options);
}		}

void drainQuarantine() {		void ScudoThreadContext::commitBack() {
Instance.drainQuarantine();		Instance.commitBack(this);
}		}

void *scudoMalloc(uptr Size, AllocType Type) {		void *scudoMalloc(uptr Size, AllocType Type) {
return Instance.allocate(Size, MinAlignment, Type);		return Instance.allocate(Size, MinAlignment, Type);
}		}

void scudoFree(void *Ptr, AllocType Type) {		void scudoFree(void *Ptr, AllocType Type) {
Instance.deallocate(Ptr, 0, Type);		Instance.deallocate(Ptr, 0, Type);
▲ Show 20 Lines • Show All 88 Lines • Show Last 20 Lines

lib/scudo/scudo_allocator_secondary.h

Show First 20 Lines • Show All 82 Lines • ▼ Show 20 Lines	CHECK_EQ(MapBeg + PageSize, reinterpret_cast<uptr>(
MmapFixedOrDie(MapBeg + PageSize, MapSize - 2 * PageSize)));		MmapFixedOrDie(MapBeg + PageSize, MapSize - 2 * PageSize)));
uptr Ptr = UserBeg - AlignedChunkHeaderSize;		uptr Ptr = UserBeg - AlignedChunkHeaderSize;
SecondaryHeader *Header = getHeader(Ptr);		SecondaryHeader *Header = getHeader(Ptr);
Header->MapBeg = MapBeg;		Header->MapBeg = MapBeg;
Header->MapSize = MapSize;		Header->MapSize = MapSize;
// The primary adds the whole class size to the stats when allocating a		// The primary adds the whole class size to the stats when allocating a
// chunk, so we will do something similar here. But we will not account for		// chunk, so we will do something similar here. But we will not account for
// the guard pages.		// the guard pages.
		{
		SpinMutexLock l(&StatsMutex);
Stats->Add(AllocatorStatAllocated, MapSize - 2 * PageSize);		Stats->Add(AllocatorStatAllocated, MapSize - 2 * PageSize);
Stats->Add(AllocatorStatMapped, MapSize - 2 * PageSize);		Stats->Add(AllocatorStatMapped, MapSize - 2 * PageSize);
		}

return reinterpret_cast<void *>(UserBeg);		return reinterpret_cast<void *>(UserBeg);
}		}

void *ReturnNullOrDieOnBadRequest() {		void *ReturnNullOrDieOnBadRequest() {
if (atomic_load(&MayReturnNull, memory_order_acquire))		if (atomic_load(&MayReturnNull, memory_order_acquire))
return nullptr;		return nullptr;
ReportAllocatorCannotReturnNull(false);		ReportAllocatorCannotReturnNull(false);
}		}

void *ReturnNullOrDieOnOOM() {		void *ReturnNullOrDieOnOOM() {
if (atomic_load(&MayReturnNull, memory_order_acquire))		if (atomic_load(&MayReturnNull, memory_order_acquire))
return nullptr;		return nullptr;
ReportAllocatorCannotReturnNull(true);		ReportAllocatorCannotReturnNull(true);
}		}

void SetMayReturnNull(bool AllocatorMayReturnNull) {		void SetMayReturnNull(bool AllocatorMayReturnNull) {
atomic_store(&MayReturnNull, AllocatorMayReturnNull, memory_order_release);		atomic_store(&MayReturnNull, AllocatorMayReturnNull, memory_order_release);
}		}

void Deallocate(AllocatorStats Stats, void Ptr) {		void Deallocate(AllocatorStats Stats, void Ptr) {
SecondaryHeader *Header = getHeader(Ptr);		SecondaryHeader *Header = getHeader(Ptr);
		{
		SpinMutexLock l(&StatsMutex);
Stats->Sub(AllocatorStatAllocated, Header->MapSize - 2 * PageSize);		Stats->Sub(AllocatorStatAllocated, Header->MapSize - 2 * PageSize);
Stats->Sub(AllocatorStatMapped, Header->MapSize - 2 * PageSize);		Stats->Sub(AllocatorStatMapped, Header->MapSize - 2 * PageSize);
		}
UnmapOrDie(reinterpret_cast<void *>(Header->MapBeg), Header->MapSize);		UnmapOrDie(reinterpret_cast<void *>(Header->MapBeg), Header->MapSize);
}		}

uptr TotalMemoryUsed() {		uptr TotalMemoryUsed() {
UNIMPLEMENTED();		UNIMPLEMENTED();
}		}

bool PointerIsMine(const void *Ptr) {		bool PointerIsMine(const void *Ptr) {
UNIMPLEMENTED();		UNIMPLEMENTED();
}		}

uptr GetActuallyAllocatedSize(void *Ptr) {		uptr GetActuallyAllocatedSize(void *Ptr) {
SecondaryHeader *Header = getHeader(Ptr);		SecondaryHeader *Header = getHeader(Ptr);
// Deduct PageSize as MapEnd includes the trailing guard page.		// Deduct PageSize as MapSize includes the trailing guard page.
uptr MapEnd = Header->MapBeg + Header->MapSize - PageSize;		uptr MapEnd = Header->MapBeg + Header->MapSize - PageSize;
return MapEnd - reinterpret_cast<uptr>(Ptr);		return MapEnd - reinterpret_cast<uptr>(Ptr);
}		}

void GetMetaData(const void Ptr) {		void GetMetaData(const void Ptr) {
UNIMPLEMENTED();		UNIMPLEMENTED();
}		}

Show All 38 Lines	private:
}		}
SecondaryHeader getHeader(const void Ptr) {		SecondaryHeader getHeader(const void Ptr) {
return getHeader(reinterpret_cast<uptr>(Ptr));		return getHeader(reinterpret_cast<uptr>(Ptr));
}		}

const uptr SecondaryHeaderSize = sizeof(SecondaryHeader);		const uptr SecondaryHeaderSize = sizeof(SecondaryHeader);
const uptr HeadersSize = SecondaryHeaderSize + AlignedChunkHeaderSize;		const uptr HeadersSize = SecondaryHeaderSize + AlignedChunkHeaderSize;
uptr PageSize;		uptr PageSize;
		SpinMutex StatsMutex;
atomic_uint8_t MayReturnNull;		atomic_uint8_t MayReturnNull;
};		};

#endif // SCUDO_ALLOCATOR_SECONDARY_H_		#endif // SCUDO_ALLOCATOR_SECONDARY_H_

lib/scudo/scudo_thread.h

This file was added.

				//===-- scudo_thread.h ------------------------------------------- C++ --===//
				//
				// The LLVM Compiler Infrastructure
				//
				// This file is distributed under the University of Illinois Open Source
				// License. See LICENSE.TXT for details.
				//
				//===----------------------------------------------------------------------===//
				///
				/// Scudo thread local structure definition.
				/// Implementation varies based on the thread local primitives offered by the
				eugenisUnsubmitted Done Reply Inline Actions an actual description would be nice eugenis: an actual description would be nice
				cryptoadAuthorUnsubmitted Not Done Reply Inline Actions Sorry, user failure. I will address that. cryptoad: Sorry, user failure. I will address that.
				/// underlying platform.
				///
				//===----------------------------------------------------------------------===//

				#ifndef SCUDO_THREAD_H_
				#define SCUDO_THREAD_H_

				#include "scudo_allocator.h"
				#include "scudo_utils.h"

				#include "sanitizer_common/sanitizer_platform.h"

				namespace __scudo {

				struct ScudoThreadContext {
				public:
				StaticSpinMutex Mutex;
				AllocatorCache Cache;
				Xorshift128Plus Prng;
				uptr QuarantineCachePlaceHolder[4];
				void init() {
				Mutex.Init();
				getBackendAllocator().InitCache(&Cache);
				Prng.initFromURandom();
				memset(QuarantineCachePlaceHolder, 0, sizeof(QuarantineCachePlaceHolder));
				}
				void commitBack();
				void Lock();
				void Unlock();
				};

				void initThreadMaybe();
				ScudoThreadContext *getCurrentThreadContext();

				} // namespace __scudo

				#endif // SCUDO_THREAD_H_

lib/scudo/scudo_thread_android.cpp

This file was added.

				//===-- scudo_thread_android.cpp --------------------------------- C++ --===//
				//
				// The LLVM Compiler Infrastructure
				//
				// This file is distributed under the University of Illinois Open Source
				// License. See LICENSE.TXT for details.
				//
				//===----------------------------------------------------------------------===//
				///
				/// Scudo thread local implementation for Android, as it currently only supports
				/// thread_local via emutls, which doesn't work for our purposes.
				///
				//===----------------------------------------------------------------------===//

				#include "sanitizer_common/sanitizer_platform.h"

				#if SANITIZER_LINUX && (SANITIZER_ANDROID \|\| defined(SCUDO_NO_TLS))

				#include "scudo_thread.h"

				#include "sanitizer_common/sanitizer_atomic.h"

				#include <pthread.h>

				namespace __scudo {

				static pthread_once_t GlobalInited = PTHREAD_ONCE_INIT;
				static pthread_key_t PThreadKey;

				// For Android, and possibly other platforms with stronger memory constraints,
				// we can't necessarily afford a context per thread. The alternative adopted
				// here is a fixed set of contexts (the number being defined at compile time),
				// where contexts are assigned to new threads in a round-robin fashion.

				#ifndef SCUDO_N_CONTEXTS
				# define SCUDO_N_CONTEXTS 4
				dvyukovUnsubmitted Not Done Reply Inline Actions Humm... is the idea that you build scudo for each particular device knowing number of cores? We can get severe performance drop if 2 or more active threads share the same context. We need to avoid contention at all costs. I am thinking of the following scheme. obtain number of cores at runtime create NCORES (or 2NCORES) contexts allow threads to dynamically re-associate with contexts to resolve contention The re-association algorithm can be along the following lines. Remember the last used contenxt. Try to TryLock it. If TryLock succeeds, use it. If TryLock fails, try to find another unlocked context. If all contexts are locked, find the one that was unused for the longest time. The usage accounting can be done with only 1 additional check/store on fast path. Namely: struct Context { Mutex mu; atomic_uint64_t unused_since; ... }; bool Context::TryLock() { if (mu.TryLock()) { atomic_store_relaxed(&unused_since, 0); return true; } if (atomic_load_relaxed(&unused_since) == 0) atomic_store_relaxed(&unused_since, now()); return false; } I think this should provide pretty good contention resolution with minimal cost and reasonable complexity. dvyukov:* Humm... is the idea that you build scudo for each particular device knowing number of cores? We…
				#endif

				static atomic_uint32_t ThreadContextCurrentIndex;
				static ScudoThreadContext *ThreadContexts;

				static void initOnce() {
				CHECK_EQ(pthread_key_create(&PThreadKey, NULL), 0);
				initScudo();
				ThreadContexts = reinterpret_cast<ScudoThreadContext *>(
				MmapOrDie(sizeof(ScudoThreadContext) * SCUDO_N_CONTEXTS, __func__));
				for (int i = 0; i < SCUDO_N_CONTEXTS; i++)
				ThreadContexts[i].init();
				}

				void initThreadMaybe() {
				pthread_once(&GlobalInited, initOnce);
				if (pthread_getspecific(PThreadKey) == NULL) {
				u32 Index = atomic_fetch_add(&ThreadContextCurrentIndex, 1,
				memory_order_relaxed);
				ScudoThreadContext *ThreadContext =
				&ThreadContexts[Index % SCUDO_N_CONTEXTS];
				pthread_setspecific(PThreadKey, ThreadContext);
				}
				}

				ScudoThreadContext *getCurrentThreadContext() {
				ScudoThreadContext *ThreadContext =
				reinterpret_cast<ScudoThreadContext *>(pthread_getspecific(PThreadKey));
				CHECK(ThreadContext);
				return ThreadContext;
				}

				void ScudoThreadContext::Lock() { Mutex.Lock(); }
				void ScudoThreadContext::Unlock() { Mutex.Unlock(); }

				} // namespace __scudo

				#endif

lib/scudo/scudo_thread_linux.cpp

This file was added.

				//===-- scudo_thread_linux.cpp ----------------------------------- C++ --===//
				//
				// The LLVM Compiler Infrastructure
				//
				// This file is distributed under the University of Illinois Open Source
				// License. See LICENSE.TXT for details.
				//
				//===----------------------------------------------------------------------===//
				///
				/// Scudo thread local implementation for platforms supporting thread_local.
				///
				//===----------------------------------------------------------------------===//

				#include "sanitizer_common/sanitizer_platform.h"

				#if SANITIZER_LINUX && !SANITIZER_ANDROID && !defined(SCUDO_NO_TLS)

				#include "scudo_thread.h"

				#include <limits.h>
				#include <pthread.h>

				namespace __scudo {

				static pthread_once_t GlobalInited = PTHREAD_ONCE_INIT;
				static pthread_key_t PThreadKey;

				static thread_local bool ThreadInited = false;
				static thread_local bool ThreadTornDown = false;
				static thread_local ScudoThreadContext ThreadLocalContext;

				static void teardownThread(void *Ptr) {
				uptr Iteration = reinterpret_cast<uptr>(Ptr);
				// The glibc POSIX thread-local-storage deallocation routine calls user
				// provided destructors in a loop of PTHREAD_DESTRUCTOR_ITERATIONS.
				// We want to be called last since other destructors might call free and the
				// like, so we wait until PTHREAD_DESTRUCTOR_ITERATIONS before draining the
				// quarantine and swallowing the cache.
				if (Iteration < PTHREAD_DESTRUCTOR_ITERATIONS) {
				pthread_setspecific(PThreadKey, reinterpret_cast<void *>(Iteration + 1));
				return;
				}
				ThreadLocalContext.commitBack();
				ThreadTornDown = true;
				}


				static void initOnce() {
				CHECK_EQ(pthread_key_create(&PThreadKey, teardownThread), 0);
				initScudo();
				}

				void initThreadMaybe() {
				if (LIKELY(ThreadInited))
				return;
				pthread_once(&GlobalInited, initOnce);
				pthread_setspecific(PThreadKey, reinterpret_cast<void *>(1));
				ThreadLocalContext.init();
				ThreadInited = true;
				}

				ScudoThreadContext *getCurrentThreadContext() {
				if (ThreadTornDown)
				return nullptr;
				return &ThreadLocalContext;
				}

				void ScudoThreadContext::Lock() {}
				void ScudoThreadContext::Unlock() {}

				} // namespace __scudo

				#endif // SANITIZER_LINUX && !SANITIZER_ANDROID

lib/scudo/scudo_utils.h

	//===-- scudo_utils.h -------------------------------------------- C++ --===//			//===-- scudo_utils.h -------------------------------------------- C++ --===//
	//			//
	// The LLVM Compiler Infrastructure			// The LLVM Compiler Infrastructure
	//			//
	// This file is distributed under the University of Illinois Open Source			// This file is distributed under the University of Illinois Open Source
	// License. See LICENSE.TXT for details.			// License. See LICENSE.TXT for details.
	//			//
	//===----------------------------------------------------------------------===//			//===----------------------------------------------------------------------===//
	///			///
	/// Header for scudo_utils.cpp.			/// Header for scudo_utils.cpp.
	///			///
	//===----------------------------------------------------------------------===//			//===----------------------------------------------------------------------===//

	#ifndef SCUDO_UTILS_H_			#ifndef SCUDO_UTILS_H_
	#define SCUDO_UTILS_H_			#define SCUDO_UTILS_H_

	#include <string.h>

	#include "sanitizer_common/sanitizer_common.h"			#include "sanitizer_common/sanitizer_common.h"

				#include <string.h>

	namespace __scudo {			namespace __scudo {

	template <class Dest, class Source>			template <class Dest, class Source>
	inline Dest bit_cast(const Source& source) {			inline Dest bit_cast(const Source& source) {
	static_assert(sizeof(Dest) == sizeof(Source), "Sizes are not equal!");			static_assert(sizeof(Dest) == sizeof(Source), "Sizes are not equal!");
	Dest dest;			Dest dest;
	memcpy(&dest, &source, sizeof(dest));			memcpy(&dest, &source, sizeof(dest));
	return dest;			return dest;
	}			}

	void NORETURN dieWithMessage(const char *Format, ...);			void NORETURN dieWithMessage(const char *Format, ...);

	enum CPUFeature {			enum CPUFeature {
	CRC32CPUFeature = 0,			CRC32CPUFeature = 0,
	MaxCPUFeature,			MaxCPUFeature,
	};			};
	bool testCPUFeature(CPUFeature feature);			bool testCPUFeature(CPUFeature feature);

	// Tiny PRNG based on https://en.wikipedia.org/wiki/Xorshift#xorshift.2B			// Tiny PRNG based on https://en.wikipedia.org/wiki/Xorshift#xorshift.2B
	// The state (128 bits) will be stored in thread local storage.			// The state (128 bits) will be stored in thread local storage.
	struct Xorshift128Plus {			struct Xorshift128Plus {
	public:			public:
	Xorshift128Plus();			void initFromURandom();
	u64 Next() {			u64 getNext() {
	u64 x = State[0];			u64 x = State[0];
	const u64 y = State[1];			const u64 y = State[1];
	State[0] = y;			State[0] = y;
	x ^= x << 23;			x ^= x << 23;
	State[1] = x ^ y ^ (x >> 17) ^ (y >> 26);			State[1] = x ^ y ^ (x >> 17) ^ (y >> 26);
	return State[1] + y;			return State[1] + y;
	}			}
	private:			private:
	u64 State[2];			u64 State[2];
	};			};

	enum : u8 {			enum : u8 {
	CRC32Software = 0,			CRC32Software = 0,
	CRC32Hardware = 1,			CRC32Hardware = 1,
	};			};

	u32 computeSoftwareCRC32(u32 Crc, uptr Data);			const static u32 CRC32Table[] = {
				0x00000000, 0x77073096, 0xee0e612c, 0x990951ba, 0x076dc419, 0x706af48f,
				0xe963a535, 0x9e6495a3, 0x0edb8832, 0x79dcb8a4, 0xe0d5e91e, 0x97d2d988,
				0x09b64c2b, 0x7eb17cbd, 0xe7b82d07, 0x90bf1d91, 0x1db71064, 0x6ab020f2,
				0xf3b97148, 0x84be41de, 0x1adad47d, 0x6ddde4eb, 0xf4d4b551, 0x83d385c7,
				0x136c9856, 0x646ba8c0, 0xfd62f97a, 0x8a65c9ec, 0x14015c4f, 0x63066cd9,
				0xfa0f3d63, 0x8d080df5, 0x3b6e20c8, 0x4c69105e, 0xd56041e4, 0xa2677172,
				0x3c03e4d1, 0x4b04d447, 0xd20d85fd, 0xa50ab56b, 0x35b5a8fa, 0x42b2986c,
				0xdbbbc9d6, 0xacbcf940, 0x32d86ce3, 0x45df5c75, 0xdcd60dcf, 0xabd13d59,
				0x26d930ac, 0x51de003a, 0xc8d75180, 0xbfd06116, 0x21b4f4b5, 0x56b3c423,
				0xcfba9599, 0xb8bda50f, 0x2802b89e, 0x5f058808, 0xc60cd9b2, 0xb10be924,
				0x2f6f7c87, 0x58684c11, 0xc1611dab, 0xb6662d3d, 0x76dc4190, 0x01db7106,
				0x98d220bc, 0xefd5102a, 0x71b18589, 0x06b6b51f, 0x9fbfe4a5, 0xe8b8d433,
				0x7807c9a2, 0x0f00f934, 0x9609a88e, 0xe10e9818, 0x7f6a0dbb, 0x086d3d2d,
				0x91646c97, 0xe6635c01, 0x6b6b51f4, 0x1c6c6162, 0x856530d8, 0xf262004e,
				0x6c0695ed, 0x1b01a57b, 0x8208f4c1, 0xf50fc457, 0x65b0d9c6, 0x12b7e950,
				0x8bbeb8ea, 0xfcb9887c, 0x62dd1ddf, 0x15da2d49, 0x8cd37cf3, 0xfbd44c65,
				0x4db26158, 0x3ab551ce, 0xa3bc0074, 0xd4bb30e2, 0x4adfa541, 0x3dd895d7,
				0xa4d1c46d, 0xd3d6f4fb, 0x4369e96a, 0x346ed9fc, 0xad678846, 0xda60b8d0,
				0x44042d73, 0x33031de5, 0xaa0a4c5f, 0xdd0d7cc9, 0x5005713c, 0x270241aa,
				0xbe0b1010, 0xc90c2086, 0x5768b525, 0x206f85b3, 0xb966d409, 0xce61e49f,
				0x5edef90e, 0x29d9c998, 0xb0d09822, 0xc7d7a8b4, 0x59b33d17, 0x2eb40d81,
				0xb7bd5c3b, 0xc0ba6cad, 0xedb88320, 0x9abfb3b6, 0x03b6e20c, 0x74b1d29a,
				0xead54739, 0x9dd277af, 0x04db2615, 0x73dc1683, 0xe3630b12, 0x94643b84,
				0x0d6d6a3e, 0x7a6a5aa8, 0xe40ecf0b, 0x9309ff9d, 0x0a00ae27, 0x7d079eb1,
				0xf00f9344, 0x8708a3d2, 0x1e01f268, 0x6906c2fe, 0xf762575d, 0x806567cb,
				0x196c3671, 0x6e6b06e7, 0xfed41b76, 0x89d32be0, 0x10da7a5a, 0x67dd4acc,
				0xf9b9df6f, 0x8ebeeff9, 0x17b7be43, 0x60b08ed5, 0xd6d6a3e8, 0xa1d1937e,
				0x38d8c2c4, 0x4fdff252, 0xd1bb67f1, 0xa6bc5767, 0x3fb506dd, 0x48b2364b,
				0xd80d2bda, 0xaf0a1b4c, 0x36034af6, 0x41047a60, 0xdf60efc3, 0xa867df55,
				0x316e8eef, 0x4669be79, 0xcb61b38c, 0xbc66831a, 0x256fd2a0, 0x5268e236,
				0xcc0c7795, 0xbb0b4703, 0x220216b9, 0x5505262f, 0xc5ba3bbe, 0xb2bd0b28,
				0x2bb45a92, 0x5cb36a04, 0xc2d7ffa7, 0xb5d0cf31, 0x2cd99e8b, 0x5bdeae1d,
				0x9b64c2b0, 0xec63f226, 0x756aa39c, 0x026d930a, 0x9c0906a9, 0xeb0e363f,
				0x72076785, 0x05005713, 0x95bf4a82, 0xe2b87a14, 0x7bb12bae, 0x0cb61b38,
				0x92d28e9b, 0xe5d5be0d, 0x7cdcefb7, 0x0bdbdf21, 0x86d3d2d4, 0xf1d4e242,
				0x68ddb3f8, 0x1fda836e, 0x81be16cd, 0xf6b9265b, 0x6fb077e1, 0x18b74777,
				0x88085ae6, 0xff0f6a70, 0x66063bca, 0x11010b5c, 0x8f659eff, 0xf862ae69,
				0x616bffd3, 0x166ccf45, 0xa00ae278, 0xd70dd2ee, 0x4e048354, 0x3903b3c2,
				0xa7672661, 0xd06016f7, 0x4969474d, 0x3e6e77db, 0xaed16a4a, 0xd9d65adc,
				0x40df0b66, 0x37d83bf0, 0xa9bcae53, 0xdebb9ec5, 0x47b2cf7f, 0x30b5ffe9,
				0xbdbdf21c, 0xcabac28a, 0x53b39330, 0x24b4a3a6, 0xbad03605, 0xcdd70693,
				0x54de5729, 0x23d967bf, 0xb3667a2e, 0xc4614ab8, 0x5d681b02, 0x2a6f2b94,
				0xb40bbe37, 0xc30c8ea1, 0x5a05df1b, 0x2d02ef8d
				};

				INLINE u32 computeSoftwareCRC32(u32 Crc, uptr Data) {
				for (uptr i = 0; i < sizeof(Data); i++) {
				Crc = CRC32Table[(Crc ^ Data) & 0xff] ^ (Crc >> 8);
				Data >>= 8;
				}
				return Crc;
				}

	} // namespace __scudo			} // namespace __scudo

	#endif // SCUDO_UTILS_H_			#endif // SCUDO_UTILS_H_

lib/scudo/scudo_utils.cpp

Show First 20 Lines • Show All 147 Lines • ▼ Show 20 Lines	static void fillRandom(u8 *Data, ssize_t Size) {
}		}
bool Success = readRetry(Fd, Data, Size) == Size;		bool Success = readRetry(Fd, Data, Size) == Size;
close(Fd);		close(Fd);
if (!Success) {		if (!Success) {
dieWithMessage("ERROR: failed to read enough data from /dev/urandom.\n");		dieWithMessage("ERROR: failed to read enough data from /dev/urandom.\n");
}		}
}		}

// Default constructor for Xorshift128Plus seeds the state with /dev/urandom.
// TODO(kostyak): investigate using getrandom() if available.		// TODO(kostyak): investigate using getrandom() if available.
Xorshift128Plus::Xorshift128Plus() {		void Xorshift128Plus::initFromURandom() {
fillRandom(reinterpret_cast<u8 *>(State), sizeof(State));		fillRandom(reinterpret_cast<u8 *>(State), sizeof(State));
}		}

const static u32 CRC32Table[] = {
0x00000000, 0x77073096, 0xee0e612c, 0x990951ba, 0x076dc419, 0x706af48f,
0xe963a535, 0x9e6495a3, 0x0edb8832, 0x79dcb8a4, 0xe0d5e91e, 0x97d2d988,
0x09b64c2b, 0x7eb17cbd, 0xe7b82d07, 0x90bf1d91, 0x1db71064, 0x6ab020f2,
0xf3b97148, 0x84be41de, 0x1adad47d, 0x6ddde4eb, 0xf4d4b551, 0x83d385c7,
0x136c9856, 0x646ba8c0, 0xfd62f97a, 0x8a65c9ec, 0x14015c4f, 0x63066cd9,
0xfa0f3d63, 0x8d080df5, 0x3b6e20c8, 0x4c69105e, 0xd56041e4, 0xa2677172,
0x3c03e4d1, 0x4b04d447, 0xd20d85fd, 0xa50ab56b, 0x35b5a8fa, 0x42b2986c,
0xdbbbc9d6, 0xacbcf940, 0x32d86ce3, 0x45df5c75, 0xdcd60dcf, 0xabd13d59,
0x26d930ac, 0x51de003a, 0xc8d75180, 0xbfd06116, 0x21b4f4b5, 0x56b3c423,
0xcfba9599, 0xb8bda50f, 0x2802b89e, 0x5f058808, 0xc60cd9b2, 0xb10be924,
0x2f6f7c87, 0x58684c11, 0xc1611dab, 0xb6662d3d, 0x76dc4190, 0x01db7106,
0x98d220bc, 0xefd5102a, 0x71b18589, 0x06b6b51f, 0x9fbfe4a5, 0xe8b8d433,
0x7807c9a2, 0x0f00f934, 0x9609a88e, 0xe10e9818, 0x7f6a0dbb, 0x086d3d2d,
0x91646c97, 0xe6635c01, 0x6b6b51f4, 0x1c6c6162, 0x856530d8, 0xf262004e,
0x6c0695ed, 0x1b01a57b, 0x8208f4c1, 0xf50fc457, 0x65b0d9c6, 0x12b7e950,
0x8bbeb8ea, 0xfcb9887c, 0x62dd1ddf, 0x15da2d49, 0x8cd37cf3, 0xfbd44c65,
0x4db26158, 0x3ab551ce, 0xa3bc0074, 0xd4bb30e2, 0x4adfa541, 0x3dd895d7,
0xa4d1c46d, 0xd3d6f4fb, 0x4369e96a, 0x346ed9fc, 0xad678846, 0xda60b8d0,
0x44042d73, 0x33031de5, 0xaa0a4c5f, 0xdd0d7cc9, 0x5005713c, 0x270241aa,
0xbe0b1010, 0xc90c2086, 0x5768b525, 0x206f85b3, 0xb966d409, 0xce61e49f,
0x5edef90e, 0x29d9c998, 0xb0d09822, 0xc7d7a8b4, 0x59b33d17, 0x2eb40d81,
0xb7bd5c3b, 0xc0ba6cad, 0xedb88320, 0x9abfb3b6, 0x03b6e20c, 0x74b1d29a,
0xead54739, 0x9dd277af, 0x04db2615, 0x73dc1683, 0xe3630b12, 0x94643b84,
0x0d6d6a3e, 0x7a6a5aa8, 0xe40ecf0b, 0x9309ff9d, 0x0a00ae27, 0x7d079eb1,
0xf00f9344, 0x8708a3d2, 0x1e01f268, 0x6906c2fe, 0xf762575d, 0x806567cb,
0x196c3671, 0x6e6b06e7, 0xfed41b76, 0x89d32be0, 0x10da7a5a, 0x67dd4acc,
0xf9b9df6f, 0x8ebeeff9, 0x17b7be43, 0x60b08ed5, 0xd6d6a3e8, 0xa1d1937e,
0x38d8c2c4, 0x4fdff252, 0xd1bb67f1, 0xa6bc5767, 0x3fb506dd, 0x48b2364b,
0xd80d2bda, 0xaf0a1b4c, 0x36034af6, 0x41047a60, 0xdf60efc3, 0xa867df55,
0x316e8eef, 0x4669be79, 0xcb61b38c, 0xbc66831a, 0x256fd2a0, 0x5268e236,
0xcc0c7795, 0xbb0b4703, 0x220216b9, 0x5505262f, 0xc5ba3bbe, 0xb2bd0b28,
0x2bb45a92, 0x5cb36a04, 0xc2d7ffa7, 0xb5d0cf31, 0x2cd99e8b, 0x5bdeae1d,
0x9b64c2b0, 0xec63f226, 0x756aa39c, 0x026d930a, 0x9c0906a9, 0xeb0e363f,
0x72076785, 0x05005713, 0x95bf4a82, 0xe2b87a14, 0x7bb12bae, 0x0cb61b38,
0x92d28e9b, 0xe5d5be0d, 0x7cdcefb7, 0x0bdbdf21, 0x86d3d2d4, 0xf1d4e242,
0x68ddb3f8, 0x1fda836e, 0x81be16cd, 0xf6b9265b, 0x6fb077e1, 0x18b74777,
0x88085ae6, 0xff0f6a70, 0x66063bca, 0x11010b5c, 0x8f659eff, 0xf862ae69,
0x616bffd3, 0x166ccf45, 0xa00ae278, 0xd70dd2ee, 0x4e048354, 0x3903b3c2,
0xa7672661, 0xd06016f7, 0x4969474d, 0x3e6e77db, 0xaed16a4a, 0xd9d65adc,
0x40df0b66, 0x37d83bf0, 0xa9bcae53, 0xdebb9ec5, 0x47b2cf7f, 0x30b5ffe9,
0xbdbdf21c, 0xcabac28a, 0x53b39330, 0x24b4a3a6, 0xbad03605, 0xcdd70693,
0x54de5729, 0x23d967bf, 0xb3667a2e, 0xc4614ab8, 0x5d681b02, 0x2a6f2b94,
0xb40bbe37, 0xc30c8ea1, 0x5a05df1b, 0x2d02ef8d
};

u32 computeSoftwareCRC32(u32 Crc, uptr Data) {
for (uptr i = 0; i < sizeof(Data); i++) {
Crc = CRC32Table[(Crc ^ Data) & 0xff] ^ (Crc >> 8);
Data >>= 8;
}
return Crc;
}

} // namespace __scudo		} // namespace __scudo