This is an archive of the discontinued LLVM Phabricator instance.

Differential D32440

[scudo] Move thread local variables into their own files
ClosedPublic

Authored by cryptoad on Apr 24 2017, 10:07 AM.

Details

Reviewers
kcc
dvyukov
alekseyshl
Commits
rG36b34341613b: [scudo] Move thread local variables into their own files
rCRT301584: [scudo] Move thread local variables into their own files
rL301584: [scudo] Move thread local variables into their own files
Summary

This change introduces scudo_tls.h & scudo_tls_linux.cpp, where we move the
thread local variables used by the allocator, namely the cache, quarantine
cache & prng. ScudoThreadContext will hold those. This patch doesn't
introduce any new platform support yet, this will be the object of a later
patch. This also changes the PRNG so that the structure can be POD.

Diff Detail

Event Timeline

cryptoad created this revision.Apr 24 2017, 10:07 AM
Herald added a subscriber: mgorny. · View Herald TranscriptApr 24 2017, 10:07 AM
cryptoad updated this revision to Diff 96458.Apr 24 2017, 1:34 PM

Refactoring a couple of things.

Harbormaster completed remote builds in B5833: Diff 96458.Apr 24 2017, 1:34 PM
alekseyshl added inline comments.Apr 24 2017, 2:04 PM
lib/scudo/scudo_allocator.h
108

Two more spaces indent.

lib/scudo/scudo_tls_linux.cpp
31

Why those are two separate flags (some combinations are invalid) and not an enum State field in the ThreadLocalContext?

cryptoad marked an inline comment as done.Apr 24 2017, 2:18 PM
cryptoad added inline comments.
lib/scudo/scudo_tls_linux.cpp
31

That is a valid point. I'm going to change it.

cryptoad updated this revision to Diff 96469.Apr 24 2017, 2:29 PM

Addressing Aleksey's comments.

Harbormaster completed remote builds in B5836: Diff 96469.Apr 24 2017, 2:29 PM
cryptoad marked an inline comment as done.Apr 24 2017, 2:30 PM
alekseyshl accepted this revision.Apr 24 2017, 3:16 PM
This revision is now accepted and ready to land.Apr 24 2017, 3:16 PM
dvyukov edited edge metadata.Apr 26 2017, 11:59 AM

otherwise looks good

lib/scudo/scudo_tls_linux.cpp
60

The fast path needs to be inlinable (defined in header file).

cryptoad added inline comments.Apr 26 2017, 1:46 PM
lib/scudo/scudo_tls_linux.cpp
60

Previous reviews of similar changes have edged towards less ifdef and a clear separation of the platform specific codes in separate cpp, yielding less complicated code. The issue I can see happening is multiplication of ifdefs in this header when SANITIZER_ANDROID comes into play next if defining the fast path in the header. Is this OK?

dvyukov added inline comments.Apr 27 2017, 3:25 AM
lib/scudo/scudo_tls_linux.cpp
60

You can do the same we do for source files. Namely:

// scudo_tls.h
...
#include <scudo_tls_linux.h>
#include <scudo_tls_android.h>
...

// scudo_tls_linux.h
#if SANITIZER_LINUX
... necessary declarations and bodies of inline functions go here ...
#endif

// scudo_tls_android.h
#if SANITIZER_ANDROID
... necessary declarations and bodies of inline functions go here ...
#endif

I understand their concerns, but some pieces of sanitizer runtimes are kinda performance-critical. We do have mixed per-platform code in interception.h library, in tsan_platform.h. And tsan_update_shadow_word_inl.h is just awful in the name of performance. These are intentional compromises.

cryptoad updated this revision to Diff 96933.Apr 27 2017, 9:55 AM

Addressing Dmitry's comments.

Introduce a scudo_tls_linux.h file, included within scudo_tls.h with fastpath
functions definition (initThreadMaybe & getThreadContext).

An additionaly change is aligning ScudoThreadContext on 64-bytes.

cryptoad marked 3 inline comments as done.Apr 27 2017, 9:56 AM
alekseyshl added inline comments.Apr 27 2017, 10:14 AM
lib/scudo/scudo_tls_linux.h
35

Why not ALWAYS_INLINE then?

dvyukov accepted this revision.Apr 27 2017, 10:17 AM

LGTM on my side, but wait for Aleksey if he has more comments

cryptoad updated this revision to Diff 96939.Apr 27 2017, 10:21 AM

Changing the fastpath functions to ALWAYS_INLINE as per Aleksey's suggestion.

cryptoad marked an inline comment as done.Apr 27 2017, 10:22 AM
alekseyshl accepted this revision.Apr 27 2017, 10:24 AM

Other than these minor comments, LGTM.

lib/scudo/scudo_allocator.cpp
209

What was the reason of removing it? This thread implements RSS checks and heap profiling, don't you want this functionality supported in Scusdo too?

cryptoad added inline comments.Apr 27 2017, 10:41 AM
lib/scudo/scudo_allocator.cpp
209

I removed it (for now) for a couple of reasons:

  • I currently do not have a __sanitizer_print_memory_profile function defined, so the heap profiling isn't of a much use;
  • the soft rss check uses a writeable function pointer as a callback, which is something I am generally trying to avoid in Scudo;

My plan is to have a second look once things stabilize a bit so that this function can be of use, but I figure it wasn't needed for now.

Let me know if that makes sense, or if you'd rather have it stay!

alekseyshl added inline comments.Apr 27 2017, 10:44 AM
lib/scudo/scudo_allocator.cpp
209

I was merely curious and you explained the reasoning, no need to bring it back. Thanks!

cryptoad added a comment.Apr 27 2017, 10:48 AM

Thank you Dmitry & Aleksey.
I appreciate the time you guys are spending reviewing those changes, and the valuable feedback you are providing!

cryptoad closed this revision.Apr 27 2017, 1:34 PM

Revision Contents

Diff 96939

lib/scudo/CMakeLists.txt

add_compiler_rt_component(scudo) add_compiler_rt_component(scudo)
include_directories(..) include_directories(..)
set(SCUDO_CFLAGS ${SANITIZER_COMMON_CFLAGS}) set(SCUDO_CFLAGS ${SANITIZER_COMMON_CFLAGS})
# SANITIZER_COMMON_CFLAGS include -fno-builtin, but we actually want builtins! # SANITIZER_COMMON_CFLAGS include -fno-builtin, but we actually want builtins!
list(APPEND SCUDO_CFLAGS -fbuiltin) list(APPEND SCUDO_CFLAGS -fbuiltin)
append_rtti_flag(OFF SCUDO_CFLAGS) append_rtti_flag(OFF SCUDO_CFLAGS)
set(SCUDO_SOURCES set(SCUDO_SOURCES
scudo_allocator.cpp scudo_allocator.cpp
scudo_flags.cpp scudo_flags.cpp
scudo_crc32.cpp scudo_crc32.cpp
scudo_interceptors.cpp scudo_interceptors.cpp
scudo_new_delete.cpp scudo_new_delete.cpp
scudo_termination.cpp scudo_termination.cpp
scudo_tls_linux.cpp
scudo_utils.cpp) scudo_utils.cpp)
# Enable the SSE 4.2 instruction set for scudo_crc32.cpp, if available. # Enable the SSE 4.2 instruction set for scudo_crc32.cpp, if available.
if (COMPILER_RT_HAS_MSSE4_2_FLAG) if (COMPILER_RT_HAS_MSSE4_2_FLAG)
set_source_files_properties(scudo_crc32.cpp PROPERTIES COMPILE_FLAGS -msse4.2) set_source_files_properties(scudo_crc32.cpp PROPERTIES COMPILE_FLAGS -msse4.2)
endif() endif()
# Enable the AArch64 CRC32 feature for scudo_crc32.cpp, if available. # Enable the AArch64 CRC32 feature for scudo_crc32.cpp, if available.
Show All 18 Lines

lib/scudo/scudo_allocator.h

Show First 20 LinesShow All 47 Lines▼ Show 20 Linesstruct UnpackedHeader {
u64 SizeOrUnusedBytes : 19; // Size for Primary backed allocations, amount of u64 SizeOrUnusedBytes : 19; // Size for Primary backed allocations, amount of
// unused bytes in the chunk for Secondary ones. // unused bytes in the chunk for Secondary ones.
u64 FromPrimary : 1; u64 FromPrimary : 1;
u64 State : 2; // available, allocated, or quarantined u64 State : 2; // available, allocated, or quarantined
u64 AllocType : 2; // malloc, new, new[], or memalign u64 AllocType : 2; // malloc, new, new[], or memalign
u64 Offset : 16; // Offset from the beginning of the backend u64 Offset : 16; // Offset from the beginning of the backend
// allocation to the beginning of the chunk // allocation to the beginning of the chunk
// itself, in multiples of MinAlignment. See // itself, in multiples of MinAlignment. See
/// comment about its maximum value and in init(). // comment about its maximum value and in init().
u64 Salt : 8; u64 Salt : 8;
}; };
typedef atomic_uint64_t AtomicPackedHeader; typedef atomic_uint64_t AtomicPackedHeader;
COMPILER_CHECK(sizeof(UnpackedHeader) == sizeof(PackedHeader)); COMPILER_CHECK(sizeof(UnpackedHeader) == sizeof(PackedHeader));
// Minimum alignment of 8 bytes for 32-bit, 16 for 64-bit // Minimum alignment of 8 bytes for 32-bit, 16 for 64-bit
const uptr MinAlignmentLog = FIRST_32_SECOND_64(3, 4); const uptr MinAlignmentLog = FIRST_32_SECOND_64(3, 4);
const uptr MaxAlignmentLog = 24; // 16 MB const uptr MaxAlignmentLog = 24; // 16 MB
const uptr MinAlignment = 1 << MinAlignmentLog; const uptr MinAlignment = 1 << MinAlignmentLog;
const uptr MaxAlignment = 1 << MaxAlignmentLog; const uptr MaxAlignment = 1 << MaxAlignmentLog;
const uptr ChunkHeaderSize = sizeof(PackedHeader); const uptr ChunkHeaderSize = sizeof(PackedHeader);
const uptr AlignedChunkHeaderSize = const uptr AlignedChunkHeaderSize =
(ChunkHeaderSize + MinAlignment - 1) & ~(MinAlignment - 1); (ChunkHeaderSize + MinAlignment - 1) & ~(MinAlignment - 1);
struct AllocatorOptions { #if SANITIZER_CAN_USE_ALLOCATOR64
u32 QuarantineSizeMb; const uptr AllocatorSpace = ~0ULL;
u32 ThreadLocalQuarantineSizeKb; const uptr AllocatorSize = 0x40000000000ULL; // 4TB.
bool MayReturnNull; typedef DefaultSizeClassMap SizeClassMap;
s32 ReleaseToOSIntervalMs; struct AP {
bool DeallocationTypeMismatch; static const uptr kSpaceBeg = AllocatorSpace;
bool DeleteSizeMismatch; static const uptr kSpaceSize = AllocatorSize;
bool ZeroContents; static const uptr kMetadataSize = 0;
typedef __scudo::SizeClassMap SizeClassMap;
void setFrom(const Flags *f, const CommonFlags *cf); typedef NoOpMapUnmapCallback MapUnmapCallback;
void copyTo(Flags *f, CommonFlags *cf) const; static const uptr kFlags =
SizeClassAllocator64FlagMasks::kRandomShuffleChunks;
}; };
typedef SizeClassAllocator64<AP> PrimaryAllocator;
#else
// Currently, the 32-bit Sanitizer allocator has not yet benefited from all the
// security improvements brought to the 64-bit one. This makes the 32-bit
// version of Scudo slightly less toughened.
static const uptr RegionSizeLog = 20;
static const uptr NumRegions = SANITIZER_MMAP_RANGE_SIZE >> RegionSizeLog;
# if SANITIZER_WORDSIZE == 32
typedef FlatByteMap<NumRegions> ByteMap;
# elif SANITIZER_WORDSIZE == 64
typedef TwoLevelByteMap<(NumRegions >> 12), 1 << 12> ByteMap;
# endif // SANITIZER_WORDSIZE
typedef DefaultSizeClassMap SizeClassMap;
typedef SizeClassAllocator32<0, SANITIZER_MMAP_RANGE_SIZE, 0, SizeClassMap,
RegionSizeLog, ByteMap> PrimaryAllocator;
#endif // SANITIZER_CAN_USE_ALLOCATOR64
#include "scudo_allocator_secondary.h"
void initAllocator(const AllocatorOptions &options); typedef SizeClassAllocatorLocalCache<PrimaryAllocator> AllocatorCache;
void drainQuarantine(); typedef ScudoLargeMmapAllocator SecondaryAllocator;
typedef CombinedAllocator<PrimaryAllocator, AllocatorCache, SecondaryAllocator>
ScudoBackendAllocator;
alekseyshlUnsubmitted
Done
ReplyInline Actions

Two more spaces indent.

alekseyshl: Two more spaces indent.
void initScudo();
void *scudoMalloc(uptr Size, AllocType Type); void *scudoMalloc(uptr Size, AllocType Type);
void scudoFree(void *Ptr, AllocType Type); void scudoFree(void *Ptr, AllocType Type);
void scudoSizedFree(void *Ptr, uptr Size, AllocType Type); void scudoSizedFree(void *Ptr, uptr Size, AllocType Type);
void *scudoRealloc(void *Ptr, uptr Size); void *scudoRealloc(void *Ptr, uptr Size);
void *scudoCalloc(uptr NMemB, uptr Size); void *scudoCalloc(uptr NMemB, uptr Size);
void *scudoMemalign(uptr Alignment, uptr Size); void *scudoMemalign(uptr Alignment, uptr Size);
void *scudoValloc(uptr Size); void *scudoValloc(uptr Size);
void *scudoPvalloc(uptr Size); void *scudoPvalloc(uptr Size);
int scudoPosixMemalign(void **MemPtr, uptr Alignment, uptr Size); int scudoPosixMemalign(void **MemPtr, uptr Alignment, uptr Size);
void *scudoAlignedAlloc(uptr Alignment, uptr Size); void *scudoAlignedAlloc(uptr Alignment, uptr Size);
uptr scudoMallocUsableSize(void *Ptr); uptr scudoMallocUsableSize(void *Ptr);
#include "scudo_allocator_secondary.h"
} // namespace __scudo } // namespace __scudo
#endif // SCUDO_ALLOCATOR_H_ #endif // SCUDO_ALLOCATOR_H_

lib/scudo/scudo_allocator.cpp

Show All 9 Lines
/// Scudo Hardened Allocator implementation. /// Scudo Hardened Allocator implementation.
/// It uses the sanitizer_common allocator as a base and aims at mitigating /// It uses the sanitizer_common allocator as a base and aims at mitigating
/// heap corruption vulnerabilities. It provides a checksum-guarded chunk /// heap corruption vulnerabilities. It provides a checksum-guarded chunk
/// header, a delayed free list, and additional sanity checks. /// header, a delayed free list, and additional sanity checks.
/// ///
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
#include "scudo_allocator.h" #include "scudo_allocator.h"
#include "scudo_tls.h"
#include "scudo_utils.h" #include "scudo_utils.h"
#include "sanitizer_common/sanitizer_allocator_interface.h" #include "sanitizer_common/sanitizer_allocator_interface.h"
#include "sanitizer_common/sanitizer_quarantine.h" #include "sanitizer_common/sanitizer_quarantine.h"
#include <limits.h> #include <limits.h>
#include <pthread.h> #include <pthread.h>
#include <string.h> #include <string.h>
namespace __scudo { namespace __scudo {
#if SANITIZER_CAN_USE_ALLOCATOR64
const uptr AllocatorSpace = ~0ULL;
const uptr AllocatorSize = 0x40000000000ULL;
typedef DefaultSizeClassMap SizeClassMap;
struct AP {
static const uptr kSpaceBeg = AllocatorSpace;
static const uptr kSpaceSize = AllocatorSize;
static const uptr kMetadataSize = 0;
typedef __scudo::SizeClassMap SizeClassMap;
typedef NoOpMapUnmapCallback MapUnmapCallback;
static const uptr kFlags =
SizeClassAllocator64FlagMasks::kRandomShuffleChunks;
};
typedef SizeClassAllocator64<AP> PrimaryAllocator;
#else
// Currently, the 32-bit Sanitizer allocator has not yet benefited from all the
// security improvements brought to the 64-bit one. This makes the 32-bit
// version of Scudo slightly less toughened.
static const uptr RegionSizeLog = 20;
static const uptr NumRegions = SANITIZER_MMAP_RANGE_SIZE >> RegionSizeLog;
# if SANITIZER_WORDSIZE == 32
typedef FlatByteMap<NumRegions> ByteMap;
# elif SANITIZER_WORDSIZE == 64
typedef TwoLevelByteMap<(NumRegions >> 12), 1 << 12> ByteMap;
# endif // SANITIZER_WORDSIZE
typedef DefaultSizeClassMap SizeClassMap;
typedef SizeClassAllocator32<0, SANITIZER_MMAP_RANGE_SIZE, 0, SizeClassMap,
RegionSizeLog, ByteMap> PrimaryAllocator;
#endif // SANITIZER_CAN_USE_ALLOCATOR64
typedef SizeClassAllocatorLocalCache<PrimaryAllocator> AllocatorCache;
typedef ScudoLargeMmapAllocator SecondaryAllocator;
typedef CombinedAllocator<PrimaryAllocator, AllocatorCache, SecondaryAllocator>
ScudoBackendAllocator;
static ScudoBackendAllocator &getBackendAllocator();
static thread_local Xorshift128Plus Prng;
// Global static cookie, initialized at start-up. // Global static cookie, initialized at start-up.
static uptr Cookie; static uptr Cookie;
// We default to software CRC32 if the alternatives are not supported, either // We default to software CRC32 if the alternatives are not supported, either
// at compilation or at runtime. // at compilation or at runtime.
static atomic_uint8_t HashAlgorithm = { CRC32Software }; static atomic_uint8_t HashAlgorithm = { CRC32Software };
SANITIZER_WEAK_ATTRIBUTE u32 computeHardwareCRC32(u32 Crc, uptr Data); SANITIZER_WEAK_ATTRIBUTE u32 computeHardwareCRC32(u32 Crc, uptr Data);
INLINE u32 computeCRC32(u32 Crc, uptr Data, u8 HashType) { INLINE u32 computeCRC32(u32 Crc, uptr Data, u8 HashType) {
// If SSE4.2 is defined here, it was enabled everywhere, as opposed to only // If SSE4.2 is defined here, it was enabled everywhere, as opposed to only
// for scudo_crc32.cpp. This means that other SSE instructions were likely // for scudo_crc32.cpp. This means that other SSE instructions were likely
// emitted at other places, and as a result there is no reason to not use // emitted at other places, and as a result there is no reason to not use
// the hardware version of the CRC32. // the hardware version of the CRC32.
#if defined(__SSE4_2__) || defined(__ARM_FEATURE_CRC32) #if defined(__SSE4_2__) || defined(__ARM_FEATURE_CRC32)
return computeHardwareCRC32(Crc, Data); return computeHardwareCRC32(Crc, Data);
#else #else
if (computeHardwareCRC32 && HashType == CRC32Hardware) if (computeHardwareCRC32 && HashType == CRC32Hardware)
return computeHardwareCRC32(Crc, Data); return computeHardwareCRC32(Crc, Data);
else else
return computeSoftwareCRC32(Crc, Data); return computeSoftwareCRC32(Crc, Data);
#endif // defined(__SSE4_2__) #endif // defined(__SSE4_2__)
} }
static ScudoBackendAllocator &getBackendAllocator();
struct ScudoChunk : UnpackedHeader { struct ScudoChunk : UnpackedHeader {
// We can't use the offset member of the chunk itself, as we would double // We can't use the offset member of the chunk itself, as we would double
// fetch it without any warranty that it wouldn't have been tampered. To // fetch it without any warranty that it wouldn't have been tampered. To
// prevent this, we work with a local copy of the header. // prevent this, we work with a local copy of the header.
void *getAllocBeg(UnpackedHeader *Header) { void *getAllocBeg(UnpackedHeader *Header) {
return reinterpret_cast<void *>( return reinterpret_cast<void *>(
reinterpret_cast<uptr>(this) - (Header->Offset << MinAlignmentLog)); reinterpret_cast<uptr>(this) - (Header->Offset << MinAlignmentLog));
} }
▲ Show 20 LinesShow All 84 Lines▼ Show 20 Lines void compareExchangeHeader(UnpackedHeader *NewUnpackedHeader,
} }
} }
}; };
ScudoChunk *getScudoChunk(uptr UserBeg) { ScudoChunk *getScudoChunk(uptr UserBeg) {
return reinterpret_cast<ScudoChunk *>(UserBeg - AlignedChunkHeaderSize); return reinterpret_cast<ScudoChunk *>(UserBeg - AlignedChunkHeaderSize);
} }
static bool ScudoInitIsRunning = false; struct AllocatorOptions {
u32 QuarantineSizeMb;
u32 ThreadLocalQuarantineSizeKb;
bool MayReturnNull;
s32 ReleaseToOSIntervalMs;
bool DeallocationTypeMismatch;
bool DeleteSizeMismatch;
bool ZeroContents;
static pthread_once_t GlobalInited = PTHREAD_ONCE_INIT; void setFrom(const Flags *f, const CommonFlags *cf);
static pthread_key_t PThreadKey; void copyTo(Flags *f, CommonFlags *cf) const;
};
static thread_local bool ThreadInited = false; void AllocatorOptions::setFrom(const Flags *f, const CommonFlags *cf) {
static thread_local bool ThreadTornDown = false; MayReturnNull = cf->allocator_may_return_null;
static thread_local AllocatorCache Cache; ReleaseToOSIntervalMs = cf->allocator_release_to_os_interval_ms;
QuarantineSizeMb = f->QuarantineSizeMb;
static void teardownThread(void *p) { ThreadLocalQuarantineSizeKb = f->ThreadLocalQuarantineSizeKb;
uptr v = reinterpret_cast<uptr>(p); DeallocationTypeMismatch = f->DeallocationTypeMismatch;
// The glibc POSIX thread-local-storage deallocation routine calls user DeleteSizeMismatch = f->DeleteSizeMismatch;
// provided destructors in a loop of PTHREAD_DESTRUCTOR_ITERATIONS. ZeroContents = f->ZeroContents;
// We want to be called last since other destructors might call free and the
// like, so we wait until PTHREAD_DESTRUCTOR_ITERATIONS before draining the
// quarantine and swallowing the cache.
if (v < PTHREAD_DESTRUCTOR_ITERATIONS) {
pthread_setspecific(PThreadKey, reinterpret_cast<void *>(v + 1));
return;
} }
drainQuarantine();
getBackendAllocator().DestroyCache(&Cache); void AllocatorOptions::copyTo(Flags *f, CommonFlags *cf) const {
ThreadTornDown = true; cf->allocator_may_return_null = MayReturnNull;
cf->allocator_release_to_os_interval_ms = ReleaseToOSIntervalMs;
f->QuarantineSizeMb = QuarantineSizeMb;
f->ThreadLocalQuarantineSizeKb = ThreadLocalQuarantineSizeKb;
f->DeallocationTypeMismatch = DeallocationTypeMismatch;
f->DeleteSizeMismatch = DeleteSizeMismatch;
f->ZeroContents = ZeroContents;
} }
static void initInternal() { static void initScudoInternal(const AllocatorOptions &Options);
static bool ScudoInitIsRunning = false;
void initScudo() {
SanitizerToolName = "Scudo"; SanitizerToolName = "Scudo";
CHECK(!ScudoInitIsRunning && "Scudo init calls itself!"); CHECK(!ScudoInitIsRunning && "Scudo init calls itself!");
ScudoInitIsRunning = true; ScudoInitIsRunning = true;
// Check is SSE4.2 is supported, if so, opt for the CRC32 hardware version. // Check is SSE4.2 is supported, if so, opt for the CRC32 hardware version.
if (testCPUFeature(CRC32CPUFeature)) { if (testCPUFeature(CRC32CPUFeature)) {
atomic_store_relaxed(&HashAlgorithm, CRC32Hardware); atomic_store_relaxed(&HashAlgorithm, CRC32Hardware);
} }
initFlags(); initFlags();
AllocatorOptions Options; AllocatorOptions Options;
Options.setFrom(getFlags(), common_flags()); Options.setFrom(getFlags(), common_flags());
initAllocator(Options); initScudoInternal(Options);
MaybeStartBackgroudThread(); // TODO(kostyak): determine if MaybeStartBackgroudThread could be of some use.
alekseyshlUnsubmitted
Not Done
ReplyInline Actions

What was the reason of removing it? This thread implements RSS checks and heap profiling, don't you want this functionality supported in Scusdo too?

alekseyshl: What was the reason of removing it? This thread implements RSS checks and heap profiling, don't…
cryptoadAuthorUnsubmitted
Not Done
ReplyInline Actions

I removed it (for now) for a couple of reasons:

  • I currently do not have a __sanitizer_print_memory_profile function defined, so the heap profiling isn't of a much use;
  • the soft rss check uses a writeable function pointer as a callback, which is something I am generally trying to avoid in Scudo;

My plan is to have a second look once things stabilize a bit so that this function can be of use, but I figure it wasn't needed for now.

Let me know if that makes sense, or if you'd rather have it stay!

cryptoad: I removed it (for now) for a couple of reasons: - I currently do not have a…
alekseyshlUnsubmitted
Not Done
ReplyInline Actions

I was merely curious and you explained the reasoning, no need to bring it back. Thanks!

alekseyshl: I was merely curious and you explained the reasoning, no need to bring it back. Thanks!
ScudoInitIsRunning = false; ScudoInitIsRunning = false;
} }
static void initGlobal() {
pthread_key_create(&PThreadKey, teardownThread);
initInternal();
}
static void NOINLINE initThread() {
pthread_once(&GlobalInited, initGlobal);
pthread_setspecific(PThreadKey, reinterpret_cast<void *>(1));
getBackendAllocator().InitCache(&Cache);
ThreadInited = true;
}
struct QuarantineCallback { struct QuarantineCallback {
explicit QuarantineCallback(AllocatorCache *Cache) explicit QuarantineCallback(AllocatorCache *Cache)
: Cache_(Cache) {} : Cache_(Cache) {}
// Chunk recycling function, returns a quarantined chunk to the backend. // Chunk recycling function, returns a quarantined chunk to the backend.
void Recycle(ScudoChunk *Chunk) { void Recycle(ScudoChunk *Chunk) {
UnpackedHeader Header; UnpackedHeader Header;
Chunk->loadHeader(&Header); Chunk->loadHeader(&Header);
Show All 16 Lines void Deallocate(void *Ptr) {
getBackendAllocator().Deallocate(Cache_, Ptr); getBackendAllocator().Deallocate(Cache_, Ptr);
} }
AllocatorCache *Cache_; AllocatorCache *Cache_;
}; };
typedef Quarantine<QuarantineCallback, ScudoChunk> ScudoQuarantine; typedef Quarantine<QuarantineCallback, ScudoChunk> ScudoQuarantine;
typedef ScudoQuarantine::Cache ScudoQuarantineCache; typedef ScudoQuarantine::Cache ScudoQuarantineCache;
static thread_local ScudoQuarantineCache ThreadQuarantineCache; COMPILER_CHECK(sizeof(ScudoQuarantineCache) <=
sizeof(ScudoThreadContext::QuarantineCachePlaceHolder));
void AllocatorOptions::setFrom(const Flags *f, const CommonFlags *cf) { AllocatorCache *getAllocatorCache(ScudoThreadContext *ThreadContext) {
MayReturnNull = cf->allocator_may_return_null; return &ThreadContext->Cache;
ReleaseToOSIntervalMs = cf->allocator_release_to_os_interval_ms;
QuarantineSizeMb = f->QuarantineSizeMb;
ThreadLocalQuarantineSizeKb = f->ThreadLocalQuarantineSizeKb;
DeallocationTypeMismatch = f->DeallocationTypeMismatch;
DeleteSizeMismatch = f->DeleteSizeMismatch;
ZeroContents = f->ZeroContents;
} }
void AllocatorOptions::copyTo(Flags *f, CommonFlags *cf) const { ScudoQuarantineCache *getQuarantineCache(ScudoThreadContext *ThreadContext) {
cf->allocator_may_return_null = MayReturnNull; return reinterpret_cast<
cf->allocator_release_to_os_interval_ms = ReleaseToOSIntervalMs; ScudoQuarantineCache *>(ThreadContext->QuarantineCachePlaceHolder);
f->QuarantineSizeMb = QuarantineSizeMb; }
f->ThreadLocalQuarantineSizeKb = ThreadLocalQuarantineSizeKb;
f->DeallocationTypeMismatch = DeallocationTypeMismatch; Xorshift128Plus *getPrng(ScudoThreadContext *ThreadContext) {
f->DeleteSizeMismatch = DeleteSizeMismatch; return &ThreadContext->Prng;
f->ZeroContents = ZeroContents;
} }
struct ScudoAllocator { struct ScudoAllocator {
static const uptr MaxAllowedMallocSize = static const uptr MaxAllowedMallocSize =
FIRST_32_SECOND_64(2UL << 30, 1ULL << 40); FIRST_32_SECOND_64(2UL << 30, 1ULL << 40);
ScudoBackendAllocator BackendAllocator; ScudoBackendAllocator BackendAllocator;
ScudoQuarantine AllocatorQuarantine; ScudoQuarantine AllocatorQuarantine;
// The fallback caches are used when the thread local caches have been // The fallback caches are used when the thread local caches have been
// 'detroyed' on thread tear-down. They are protected by a Mutex as they can // 'detroyed' on thread tear-down. They are protected by a Mutex as they can
// be accessed by different threads. // be accessed by different threads.
StaticSpinMutex FallbackMutex; StaticSpinMutex FallbackMutex;
AllocatorCache FallbackAllocatorCache; AllocatorCache FallbackAllocatorCache;
ScudoQuarantineCache FallbackQuarantineCache; ScudoQuarantineCache FallbackQuarantineCache;
Xorshift128Plus FallbackPrng;
bool DeallocationTypeMismatch; bool DeallocationTypeMismatch;
bool ZeroContents; bool ZeroContents;
bool DeleteSizeMismatch; bool DeleteSizeMismatch;
explicit ScudoAllocator(LinkerInitialized) explicit ScudoAllocator(LinkerInitialized)
: AllocatorQuarantine(LINKER_INITIALIZED), : AllocatorQuarantine(LINKER_INITIALIZED),
FallbackQuarantineCache(LINKER_INITIALIZED) {} FallbackQuarantineCache(LINKER_INITIALIZED) {}
Show All 32 Lines void init(const AllocatorOptions &Options) {
DeallocationTypeMismatch = Options.DeallocationTypeMismatch; DeallocationTypeMismatch = Options.DeallocationTypeMismatch;
DeleteSizeMismatch = Options.DeleteSizeMismatch; DeleteSizeMismatch = Options.DeleteSizeMismatch;
ZeroContents = Options.ZeroContents; ZeroContents = Options.ZeroContents;
BackendAllocator.Init(Options.MayReturnNull, Options.ReleaseToOSIntervalMs); BackendAllocator.Init(Options.MayReturnNull, Options.ReleaseToOSIntervalMs);
AllocatorQuarantine.Init( AllocatorQuarantine.Init(
static_cast<uptr>(Options.QuarantineSizeMb) << 20, static_cast<uptr>(Options.QuarantineSizeMb) << 20,
static_cast<uptr>(Options.ThreadLocalQuarantineSizeKb) << 10); static_cast<uptr>(Options.ThreadLocalQuarantineSizeKb) << 10);
BackendAllocator.InitCache(&FallbackAllocatorCache); BackendAllocator.InitCache(&FallbackAllocatorCache);
Cookie = Prng.getNext(); FallbackPrng.initFromURandom();
Cookie = FallbackPrng.getNext();
} }
// Helper function that checks for a valid Scudo chunk. nullptr isn't. // Helper function that checks for a valid Scudo chunk. nullptr isn't.
bool isValidPointer(const void *UserPtr) { bool isValidPointer(const void *UserPtr) {
if (UNLIKELY(!ThreadInited)) initThreadMaybe();
initThread();
if (!UserPtr) if (!UserPtr)
return false; return false;
uptr UserBeg = reinterpret_cast<uptr>(UserPtr); uptr UserBeg = reinterpret_cast<uptr>(UserPtr);
if (!IsAligned(UserBeg, MinAlignment)) if (!IsAligned(UserBeg, MinAlignment))
return false; return false;
return getScudoChunk(UserBeg)->isValid(); return getScudoChunk(UserBeg)->isValid();
} }
// Allocates a chunk. // Allocates a chunk.
void *allocate(uptr Size, uptr Alignment, AllocType Type, void *allocate(uptr Size, uptr Alignment, AllocType Type,
bool ForceZeroContents = false) { bool ForceZeroContents = false) {
if (UNLIKELY(!ThreadInited)) initThreadMaybe();
initThread();
if (UNLIKELY(!IsPowerOfTwo(Alignment))) { if (UNLIKELY(!IsPowerOfTwo(Alignment))) {
dieWithMessage("ERROR: alignment is not a power of 2\n"); dieWithMessage("ERROR: alignment is not a power of 2\n");
} }
if (Alignment > MaxAlignment) if (Alignment > MaxAlignment)
return BackendAllocator.ReturnNullOrDieOnBadRequest(); return BackendAllocator.ReturnNullOrDieOnBadRequest();
if (Alignment < MinAlignment) if (Alignment < MinAlignment)
Alignment = MinAlignment; Alignment = MinAlignment;
if (Size >= MaxAllowedMallocSize) if (Size >= MaxAllowedMallocSize)
Show All 10 Lines void *allocate(uptr Size, uptr Alignment, AllocType Type,
// Primary backed and Secondary backed allocations have a different // Primary backed and Secondary backed allocations have a different
// treatment. We deal with alignment requirements of Primary serviced // treatment. We deal with alignment requirements of Primary serviced
// allocations here, but the Secondary will take care of its own alignment // allocations here, but the Secondary will take care of its own alignment
// needs, which means we also have to work around some limitations of the // needs, which means we also have to work around some limitations of the
// combined allocator to accommodate the situation. // combined allocator to accommodate the situation.
bool FromPrimary = PrimaryAllocator::CanAllocate(NeededSize, MinAlignment); bool FromPrimary = PrimaryAllocator::CanAllocate(NeededSize, MinAlignment);
void *Ptr; void *Ptr;
uptr Salt;
uptr AllocationAlignment = FromPrimary ? MinAlignment : Alignment; uptr AllocationAlignment = FromPrimary ? MinAlignment : Alignment;
if (LIKELY(!ThreadTornDown)) { ScudoThreadContext *ThreadContext = getThreadContext();
Ptr = BackendAllocator.Allocate(&Cache, NeededSize, AllocationAlignment); if (LIKELY(ThreadContext)) {
Salt = getPrng(ThreadContext)->getNext();
Ptr = BackendAllocator.Allocate(getAllocatorCache(ThreadContext),
NeededSize, AllocationAlignment);
} else { } else {
SpinMutexLock l(&FallbackMutex); SpinMutexLock l(&FallbackMutex);
Salt = FallbackPrng.getNext();
Ptr = BackendAllocator.Allocate(&FallbackAllocatorCache, NeededSize, Ptr = BackendAllocator.Allocate(&FallbackAllocatorCache, NeededSize,
AllocationAlignment); AllocationAlignment);
} }
if (!Ptr) if (!Ptr)
return BackendAllocator.ReturnNullOrDieOnOOM(); return BackendAllocator.ReturnNullOrDieOnOOM();
uptr AllocBeg = reinterpret_cast<uptr>(Ptr); uptr AllocBeg = reinterpret_cast<uptr>(Ptr);
// If the allocation was serviced by the secondary, the returned pointer // If the allocation was serviced by the secondary, the returned pointer
Show All 25 Lines if (FromPrimary) {
// The secondary fits the allocations to a page, so the amount of unused // The secondary fits the allocations to a page, so the amount of unused
// bytes is the difference between the end of the user allocation and the // bytes is the difference between the end of the user allocation and the
// next page boundary. // next page boundary.
uptr PageSize = GetPageSizeCached(); uptr PageSize = GetPageSizeCached();
uptr TrailingBytes = (UserBeg + Size) & (PageSize - 1); uptr TrailingBytes = (UserBeg + Size) & (PageSize - 1);
if (TrailingBytes) if (TrailingBytes)
Header.SizeOrUnusedBytes = PageSize - TrailingBytes; Header.SizeOrUnusedBytes = PageSize - TrailingBytes;
} }
Header.Salt = static_cast<u8>(Prng.getNext()); Header.Salt = static_cast<u8>(Salt);
getScudoChunk(UserBeg)->storeHeader(&Header); getScudoChunk(UserBeg)->storeHeader(&Header);
void *UserPtr = reinterpret_cast<void *>(UserBeg); void *UserPtr = reinterpret_cast<void *>(UserBeg);
// if (&__sanitizer_malloc_hook) __sanitizer_malloc_hook(UserPtr, Size); // if (&__sanitizer_malloc_hook) __sanitizer_malloc_hook(UserPtr, Size);
return UserPtr; return UserPtr;
} }
// Place a chunk in the quarantine. In the event of a zero-sized quarantine, // Place a chunk in the quarantine. In the event of a zero-sized quarantine,
// we directly deallocate the chunk, otherwise the flow would lead to the // we directly deallocate the chunk, otherwise the flow would lead to the
// chunk being checksummed twice, once before Put and once in Recycle, with // chunk being loaded (and checked) twice, and stored (and checksummed) once,
// no additional security value. // with no additional security value.
void quarantineOrDeallocateChunk(ScudoChunk *Chunk, UnpackedHeader *Header, void quarantineOrDeallocateChunk(ScudoChunk *Chunk, UnpackedHeader *Header,
uptr Size) { uptr Size) {
bool BypassQuarantine = (AllocatorQuarantine.GetCacheSize() == 0); bool BypassQuarantine = (AllocatorQuarantine.GetCacheSize() == 0);
if (BypassQuarantine) { if (BypassQuarantine) {
Chunk->eraseHeader(); Chunk->eraseHeader();
void *Ptr = Chunk->getAllocBeg(Header); void *Ptr = Chunk->getAllocBeg(Header);
if (LIKELY(!ThreadTornDown)) { ScudoThreadContext *ThreadContext = getThreadContext();
getBackendAllocator().Deallocate(&Cache, Ptr); if (LIKELY(ThreadContext)) {
getBackendAllocator().Deallocate(getAllocatorCache(ThreadContext), Ptr);
} else { } else {
SpinMutexLock Lock(&FallbackMutex); SpinMutexLock Lock(&FallbackMutex);
getBackendAllocator().Deallocate(&FallbackAllocatorCache, Ptr); getBackendAllocator().Deallocate(&FallbackAllocatorCache, Ptr);
} }
} else { } else {
UnpackedHeader NewHeader = *Header; UnpackedHeader NewHeader = *Header;
NewHeader.State = ChunkQuarantine; NewHeader.State = ChunkQuarantine;
Chunk->compareExchangeHeader(&NewHeader, Header); Chunk->compareExchangeHeader(&NewHeader, Header);
if (LIKELY(!ThreadTornDown)) { ScudoThreadContext *ThreadContext = getThreadContext();
AllocatorQuarantine.Put(&ThreadQuarantineCache, if (LIKELY(ThreadContext)) {
QuarantineCallback(&Cache), Chunk, Size); AllocatorQuarantine.Put(getQuarantineCache(ThreadContext),
QuarantineCallback(
getAllocatorCache(ThreadContext)),
Chunk, Size);
} else { } else {
SpinMutexLock l(&FallbackMutex); SpinMutexLock l(&FallbackMutex);
AllocatorQuarantine.Put(&FallbackQuarantineCache, AllocatorQuarantine.Put(&FallbackQuarantineCache,
QuarantineCallback(&FallbackAllocatorCache), QuarantineCallback(&FallbackAllocatorCache),
Chunk, Size); Chunk, Size);
} }
} }
} }
// Deallocates a Chunk, which means adding it to the delayed free list (or // Deallocates a Chunk, which means adding it to the delayed free list (or
// Quarantine). // Quarantine).
void deallocate(void *UserPtr, uptr DeleteSize, AllocType Type) { void deallocate(void *UserPtr, uptr DeleteSize, AllocType Type) {
if (UNLIKELY(!ThreadInited)) initThreadMaybe();
initThread();
// if (&__sanitizer_free_hook) __sanitizer_free_hook(UserPtr); // if (&__sanitizer_free_hook) __sanitizer_free_hook(UserPtr);
if (!UserPtr) if (!UserPtr)
return; return;
uptr UserBeg = reinterpret_cast<uptr>(UserPtr); uptr UserBeg = reinterpret_cast<uptr>(UserPtr);
if (UNLIKELY(!IsAligned(UserBeg, MinAlignment))) { if (UNLIKELY(!IsAligned(UserBeg, MinAlignment))) {
dieWithMessage("ERROR: attempted to deallocate a chunk not properly " dieWithMessage("ERROR: attempted to deallocate a chunk not properly "
"aligned at address %p\n", UserPtr); "aligned at address %p\n", UserPtr);
} }
Show All 29 Lines void deallocate(void *UserPtr, uptr DeleteSize, AllocType Type) {
// usable size, that allows us to not call GetActuallyAllocatedSize. // usable size, that allows us to not call GetActuallyAllocatedSize.
uptr LiableSize = Size + (OldHeader.Offset << MinAlignment); uptr LiableSize = Size + (OldHeader.Offset << MinAlignment);
quarantineOrDeallocateChunk(Chunk, &OldHeader, LiableSize); quarantineOrDeallocateChunk(Chunk, &OldHeader, LiableSize);
} }
// Reallocates a chunk. We can save on a new allocation if the new requested // Reallocates a chunk. We can save on a new allocation if the new requested
// size still fits in the chunk. // size still fits in the chunk.
void *reallocate(void *OldPtr, uptr NewSize) { void *reallocate(void *OldPtr, uptr NewSize) {
if (UNLIKELY(!ThreadInited)) initThreadMaybe();
initThread();
uptr UserBeg = reinterpret_cast<uptr>(OldPtr); uptr UserBeg = reinterpret_cast<uptr>(OldPtr);
if (UNLIKELY(!IsAligned(UserBeg, MinAlignment))) { if (UNLIKELY(!IsAligned(UserBeg, MinAlignment))) {
dieWithMessage("ERROR: attempted to reallocate a chunk not properly " dieWithMessage("ERROR: attempted to reallocate a chunk not properly "
"aligned at address %p\n", OldPtr); "aligned at address %p\n", OldPtr);
} }
ScudoChunk *Chunk = getScudoChunk(UserBeg); ScudoChunk *Chunk = getScudoChunk(UserBeg);
UnpackedHeader OldHeader; UnpackedHeader OldHeader;
Chunk->loadHeader(&OldHeader); Chunk->loadHeader(&OldHeader);
Show All 25 Lines if (NewPtr) {
memcpy(NewPtr, OldPtr, Min(NewSize, OldSize)); memcpy(NewPtr, OldPtr, Min(NewSize, OldSize));
quarantineOrDeallocateChunk(Chunk, &OldHeader, UsableSize); quarantineOrDeallocateChunk(Chunk, &OldHeader, UsableSize);
} }
return NewPtr; return NewPtr;
} }
// Helper function that returns the actual usable size of a chunk. // Helper function that returns the actual usable size of a chunk.
uptr getUsableSize(const void *Ptr) { uptr getUsableSize(const void *Ptr) {
if (UNLIKELY(!ThreadInited)) initThreadMaybe();
initThread();
if (!Ptr) if (!Ptr)
return 0; return 0;
uptr UserBeg = reinterpret_cast<uptr>(Ptr); uptr UserBeg = reinterpret_cast<uptr>(Ptr);
ScudoChunk *Chunk = getScudoChunk(UserBeg); ScudoChunk *Chunk = getScudoChunk(UserBeg);
UnpackedHeader Header; UnpackedHeader Header;
Chunk->loadHeader(&Header); Chunk->loadHeader(&Header);
// Getting the usable size of a chunk only makes sense if it's allocated. // Getting the usable size of a chunk only makes sense if it's allocated.
if (UNLIKELY(Header.State != ChunkAllocated)) { if (UNLIKELY(Header.State != ChunkAllocated)) {
dieWithMessage("ERROR: invalid chunk state when sizing address %p\n", dieWithMessage("ERROR: invalid chunk state when sizing address %p\n",
Ptr); Ptr);
} }
return Chunk->getUsableSize(&Header); return Chunk->getUsableSize(&Header);
} }
void *calloc(uptr NMemB, uptr Size) { void *calloc(uptr NMemB, uptr Size) {
if (UNLIKELY(!ThreadInited)) initThreadMaybe();
initThread();
uptr Total = NMemB * Size; uptr Total = NMemB * Size;
if (Size != 0 && Total / Size != NMemB) // Overflow check if (Size != 0 && Total / Size != NMemB) // Overflow check
return BackendAllocator.ReturnNullOrDieOnBadRequest(); return BackendAllocator.ReturnNullOrDieOnBadRequest();
return allocate(Total, MinAlignment, FromMalloc, true); return allocate(Total, MinAlignment, FromMalloc, true);
} }
void drainQuarantine() { void commitBack(ScudoThreadContext *ThreadContext) {
AllocatorQuarantine.Drain(&ThreadQuarantineCache, AllocatorCache *Cache = getAllocatorCache(ThreadContext);
QuarantineCallback(&Cache)); AllocatorQuarantine.Drain(getQuarantineCache(ThreadContext),
QuarantineCallback(Cache));
BackendAllocator.DestroyCache(Cache);
} }
uptr getStats(AllocatorStat StatType) { uptr getStats(AllocatorStat StatType) {
if (UNLIKELY(!ThreadInited)) initThreadMaybe();
initThread();
uptr stats[AllocatorStatCount]; uptr stats[AllocatorStatCount];
BackendAllocator.GetStats(stats); BackendAllocator.GetStats(stats);
return stats[StatType]; return stats[StatType];
} }
}; };
static ScudoAllocator Instance(LINKER_INITIALIZED); static ScudoAllocator Instance(LINKER_INITIALIZED);
static ScudoBackendAllocator &getBackendAllocator() { static ScudoBackendAllocator &getBackendAllocator() {
return Instance.BackendAllocator; return Instance.BackendAllocator;
} }
void initAllocator(const AllocatorOptions &Options) { static void initScudoInternal(const AllocatorOptions &Options) {
Instance.init(Options); Instance.init(Options);
} }
void drainQuarantine() { void ScudoThreadContext::init() {
Instance.drainQuarantine(); getBackendAllocator().InitCache(&Cache);
Prng.initFromURandom();
memset(QuarantineCachePlaceHolder, 0, sizeof(QuarantineCachePlaceHolder));
}
void ScudoThreadContext::commitBack() {
Instance.commitBack(this);
} }
void *scudoMalloc(uptr Size, AllocType Type) { void *scudoMalloc(uptr Size, AllocType Type) {
return Instance.allocate(Size, MinAlignment, Type); return Instance.allocate(Size, MinAlignment, Type);
} }
void scudoFree(void *Ptr, AllocType Type) { void scudoFree(void *Ptr, AllocType Type) {
Instance.deallocate(Ptr, 0, Type); Instance.deallocate(Ptr, 0, Type);
▲ Show 20 LinesShow All 88 LinesShow Last 20 Lines

lib/scudo/scudo_tls.h

  • This file was added.
//===-- scudo_tls.h ---------------------------------------------*- C++ -*-===//
//
// The LLVM Compiler Infrastructure
//
// This file is distributed under the University of Illinois Open Source
// License. See LICENSE.TXT for details.
//
//===----------------------------------------------------------------------===//
///
/// Scudo thread local structure definition.
/// Implementation will differ based on the thread local storage primitives
/// offered by the underlying platform.
///
//===----------------------------------------------------------------------===//
#ifndef SCUDO_TLS_H_
#define SCUDO_TLS_H_
#include "scudo_allocator.h"
#include "scudo_utils.h"
namespace __scudo {
struct ALIGNED(64) ScudoThreadContext {
public:
AllocatorCache Cache;
Xorshift128Plus Prng;
uptr QuarantineCachePlaceHolder[4];
void init();
void commitBack();
};
void initThread();
// Fastpath functions are defined in the following platform specific headers.
#include "scudo_tls_linux.h"
} // namespace __scudo
#endif // SCUDO_TLS_H_

lib/scudo/scudo_tls_linux.h

  • This file was added.
//===-- scudo_tls_linux.h ---------------------------------------*- C++ -*-===//
//
// The LLVM Compiler Infrastructure
//
// This file is distributed under the University of Illinois Open Source
// License. See LICENSE.TXT for details.
//
//===----------------------------------------------------------------------===//
///
/// Scudo thread local structure fastpath functions implementation for platforms
/// supporting thread_local.
///
//===----------------------------------------------------------------------===//
#ifndef SCUDO_TLS_LINUX_H_
#define SCUDO_TLS_LINUX_H_
#ifndef SCUDO_TLS_H_
# error "This file must be included inside scudo_tls.h."
#endif // SCUDO_TLS_H_
#include "sanitizer_common/sanitizer_platform.h"
#if SANITIZER_LINUX
enum ThreadState : u8 {
ThreadNotInitialized = 0,
ThreadInitialized,
ThreadTornDown,
};
extern thread_local ThreadState ScudoThreadState;
extern thread_local ScudoThreadContext ThreadLocalContext;
ALWAYS_INLINE void initThreadMaybe() {
if (LIKELY(ScudoThreadState != ThreadNotInitialized))
alekseyshlUnsubmitted
Done
ReplyInline Actions

Why not ALWAYS_INLINE then?

alekseyshl: Why not ALWAYS_INLINE then?
return;
initThread();
}
ALWAYS_INLINE ScudoThreadContext *getThreadContext() {
if (UNLIKELY(ScudoThreadState == ThreadTornDown))
return nullptr;
return &ThreadLocalContext;
}
#endif // SANITIZER_LINUX
#endif // SCUDO_TLS_LINUX_H_

lib/scudo/scudo_tls_linux.cpp

  • This file was added.
//===-- scudo_tls_linux.cpp -------------------------------------*- C++ -*-===//
//
// The LLVM Compiler Infrastructure
//
// This file is distributed under the University of Illinois Open Source
// License. See LICENSE.TXT for details.
//
//===----------------------------------------------------------------------===//
///
/// Scudo thread local structure implementation for platforms supporting
/// thread_local.
///
//===----------------------------------------------------------------------===//
#include "sanitizer_common/sanitizer_platform.h"
#if SANITIZER_LINUX
#include "scudo_tls.h"
#include <limits.h>
#include <pthread.h>
namespace __scudo {
static pthread_once_t GlobalInitialized = PTHREAD_ONCE_INIT;
static pthread_key_t PThreadKey;
thread_local ThreadState ScudoThreadState = ThreadNotInitialized;
thread_local ScudoThreadContext ThreadLocalContext;
alekseyshlUnsubmitted
Not Done
ReplyInline Actions

Why those are two separate flags (some combinations are invalid) and not an enum State field in the ThreadLocalContext?

alekseyshl: Why those are two separate flags (some combinations are invalid) and not an enum State field in…
cryptoadAuthorUnsubmitted
Done
ReplyInline Actions

That is a valid point. I'm going to change it.

cryptoad: That is a valid point. I'm going to change it.
static void teardownThread(void *Ptr) {
uptr Iteration = reinterpret_cast<uptr>(Ptr);
// The glibc POSIX thread-local-storage deallocation routine calls user
// provided destructors in a loop of PTHREAD_DESTRUCTOR_ITERATIONS.
// We want to be called last since other destructors might call free and the
// like, so we wait until PTHREAD_DESTRUCTOR_ITERATIONS before draining the
// quarantine and swallowing the cache.
if (Iteration < PTHREAD_DESTRUCTOR_ITERATIONS) {
pthread_setspecific(PThreadKey, reinterpret_cast<void *>(Iteration + 1));
return;
}
ThreadLocalContext.commitBack();
ScudoThreadState = ThreadTornDown;
}
static void initOnce() {
CHECK_EQ(pthread_key_create(&PThreadKey, teardownThread), 0);
initScudo();
}
void initThread() {
pthread_once(&GlobalInitialized, initOnce);
pthread_setspecific(PThreadKey, reinterpret_cast<void *>(1));
ThreadLocalContext.init();
ScudoThreadState = ThreadInitialized;
}
} // namespace __scudo
dvyukovUnsubmitted
Done
ReplyInline Actions

The fast path needs to be inlinable (defined in header file).

dvyukov: The fast path needs to be inlinable (defined in header file).
cryptoadAuthorUnsubmitted
Done
ReplyInline Actions

Previous reviews of similar changes have edged towards less ifdef and a clear separation of the platform specific codes in separate cpp, yielding less complicated code. The issue I can see happening is multiplication of ifdefs in this header when SANITIZER_ANDROID comes into play next if defining the fast path in the header. Is this OK?

cryptoad: Previous reviews of similar changes have edged towards less ifdef and a clear separation of the…
dvyukovUnsubmitted
Done
ReplyInline Actions

You can do the same we do for source files. Namely:

// scudo_tls.h
...
#include <scudo_tls_linux.h>
#include <scudo_tls_android.h>
...

// scudo_tls_linux.h
#if SANITIZER_LINUX
... necessary declarations and bodies of inline functions go here ...
#endif

// scudo_tls_android.h
#if SANITIZER_ANDROID
... necessary declarations and bodies of inline functions go here ...
#endif

I understand their concerns, but some pieces of sanitizer runtimes are kinda performance-critical. We do have mixed per-platform code in interception.h library, in tsan_platform.h. And tsan_update_shadow_word_inl.h is just awful in the name of performance. These are intentional compromises.

dvyukov: You can do the same we do for source files. Namely: // scudo_tls.h ... #include…
#endif // SANITIZER_LINUX

lib/scudo/scudo_utils.h

Show All 34 Linesenum CPUFeature {
MaxCPUFeature, MaxCPUFeature,
}; };
bool testCPUFeature(CPUFeature feature); bool testCPUFeature(CPUFeature feature);
// Tiny PRNG based on https://en.wikipedia.org/wiki/Xorshift#xorshift.2B // Tiny PRNG based on https://en.wikipedia.org/wiki/Xorshift#xorshift.2B
// The state (128 bits) will be stored in thread local storage. // The state (128 bits) will be stored in thread local storage.
struct Xorshift128Plus { struct Xorshift128Plus {
public: public:
Xorshift128Plus(); void initFromURandom();
u64 getNext() { u64 getNext() {
u64 x = State[0]; u64 x = State[0];
const u64 y = State[1]; const u64 y = State[1];
State[0] = y; State[0] = y;
x ^= x << 23; x ^= x << 23;
State[1] = x ^ y ^ (x >> 17) ^ (y >> 26); State[1] = x ^ y ^ (x >> 17) ^ (y >> 26);
return State[1] + y; return State[1] + y;
} }
▲ Show 20 LinesShow All 66 LinesShow Last 20 Lines

lib/scudo/scudo_utils.cpp

Show First 20 LinesShow All 147 Lines▼ Show 20 Linesstatic void fillRandom(u8 *Data, ssize_t Size) {
} }
bool Success = readRetry(Fd, Data, Size) == Size; bool Success = readRetry(Fd, Data, Size) == Size;
close(Fd); close(Fd);
if (!Success) { if (!Success) {
dieWithMessage("ERROR: failed to read enough data from /dev/urandom.\n"); dieWithMessage("ERROR: failed to read enough data from /dev/urandom.\n");
} }
} }
// Default constructor for Xorshift128Plus seeds the state with /dev/urandom. // Seeds the xorshift state with /dev/urandom.
// TODO(kostyak): investigate using getrandom() if available. // TODO(kostyak): investigate using getrandom() if available.
Xorshift128Plus::Xorshift128Plus() { void Xorshift128Plus::initFromURandom() {
fillRandom(reinterpret_cast<u8 *>(State), sizeof(State)); fillRandom(reinterpret_cast<u8 *>(State), sizeof(State));
} }
} // namespace __scudo } // namespace __scudo