This is an archive of the discontinued LLVM Phabricator instance.

Differential D50330

[RFC] Implement out-of-process allocator enumeration for macOS
AbandonedPublic

Authored by delcypher on Aug 6 2018, 6:10 AM.

Details

Reviewers
kubamracek
kcc
dvyukov
vitalybuka
cryptoad
george.karpenkov
morehouse
Summary

Add support to allocators to enumerate allocations out-of-process.

This work is part of a multi patch series to implement a malloc zone
enumerator on Darwin. On Darwin zone enumerators work out-of-process. A
memory analysis tool wishing to inspect a malloc zone of a target
process, pauses the target process, dlopen()'s the target process's
allocator library (in our case asan/lsan/tsan) into itself and then
calls the malloc zone enumeration function (from the dlopened library)
to inspect the target process on the analysis process's behalf.

In order to implement this a first step is to allow the sanitizer
allocators to be enumerated out-of-process. This is what this
patch focuses on. Other necessary parts will be implemented in
later patches.

Earlier attempts at this patch suffered from code duplication where the
in-process and out-of-process code paths were independent which would
have lead to code maintenance problems in the future. This patch
unifies both the in-process and out-of-process code paths into a single
implementation using an ObjectView abstraction.

The ObjectView abstraction is an interface that abstracts away (most
of) the differences between in-process and out-of-process enumeration in
a type safe and efficient manner.

The LocalObjectView implementation of this abstraction is for
in-process enumeration and tries to be efficient by not storing
unnecessary data and by not performing any allocations or copy
operations.

The RemoteObjectView implementation of this abstraction is for
out-of-process enumeration. It automatically handles copying data from
another process and allocating/freeing storage for that copy.
Under the hood this implementation uses a new VMReadContext class to do
the actual copying and then uses a storage class to manage
the storage.

VMReadContext is a low-level abstraction for reading the memory of
another process. It is not intended to be used directly.

Existing allocator methods (such as ForEachChunk) simply create a
LocalObjectView (which is essentially acts just like a this pointer)
and call a static method with a OOP suffix that does the actual work.
The static methods with the OOP suffix are templated over a
ObjectView type which can either be LocalObjectView or some
instantiation of RemoteObjectView and also take a pointer to an
instance of that type. The choice to make these OOP methods being
static is deliberate because it means there is no this pointer and
so it is harder to accidenly call normal instance methods which could be
unsafe.

The Sanitizer allocator unit tests have been updated to do enumeration
using the RemoteObjectView interface in addition to the
LocalObjectView interface so that we can check that

  • The code correctly compiles when instantiated with RemoteObjectView (In the sanitizer libraries it currently is never instantiated with this type).
  • That the copying and allocation steps of RemoteObjectView work correctly.

rdar://problem/45284065

Diff Detail

Event Timeline

delcypher created this revision.Aug 6 2018, 6:10 AM
Herald added subscribers: Restricted Project, mgorny. ยท View Herald TranscriptAug 6 2018, 6:10 AM
kubamracek added a reviewer: george.karpenkov.Aug 6 2018, 9:51 AM
kubamracek added a project: Restricted Project.
kubamracek added a comment.Aug 13 2018, 11:44 AM

Ping.

kcc edited reviewers, added: morehouse; removed: alekseyshl.Aug 16 2018, 12:54 PM

[sorry for delay, I've been OOO]
Ouch. That's really a lot of code in the core parts of *san, which adds quite a bit of maintenance tax.
Two questions before we start reviewing the code:

  • is it possible to move more of the logic into Mac-specific files?
  • can other platforms benefit from this code in some way? How?
lib/sanitizer_common/sanitizer_process_vm_reader.h
27 โ†—(On Diff #159284)

is it possible to avoid #ifdefs in common code?

delcypher added a comment.Aug 17 2018, 3:21 AM

@kcc

In D50330#1203010, @kcc wrote:

[sorry for delay, I've been OOO]
Ouch. That's really a lot of code in the core parts of *san, which adds quite a bit of maintenance tax.
Two questions before we start reviewing the code:

  • is it possible to move more of the logic into Mac-specific files?

Yes, but that is some what in conflict with the idea the goal to have this code tested on all platforms. We would like to do this ideally because
we want tests to fail when someone changes the allocators in a way that would break out-of-process enumeration.

  • can other platforms benefit from this code in some way? How?

There would be several bits to this.

  • Other platforms would need to implement ProcessVMReaderContext so that it is able to read the memory of another ASanified process. In the code I note some ways this could be done on Linux.
  • To be able to do the actually enumeration the external process would need to know where the allocator lives in the target process. We would need to add mechanism for this for other platforms. On Darwin a mechanism already exists for this.

A more important question though is, what use cases on other Platforms are there? On macOS our use case is a lot of our pre-existing memory analysis
tools assume they can pause a running application and then enumerate the paused application's allocation. I'm not sure what use cases exist on other
platforms of enumerating allocations out of process.

Something worth noting is that there are multiple steps involved in implementing out-of-process allocation enumeration and this RFC is only the first step.
It didn't make sense to me to try to upstream the whole thing because that would make the patch too large and hard to review.

On to your more general concern about this approach adding too much code to core parts of ASan leading to more maintenance.

I've been thinking about this and there is a way to unify the ForEachChunk(...) and ForEachChunkOutOfProcess(...) methods so there is only a single implementation but it would
require a complete redesign of ProcessVMReaderContext. A way to unify the separate implementations is to template them on a type T, where T
implements the interface of ProcessVMReaderContext. When doing in-process enumeration the type T would basically be doing no-ops. When doing out-of-process
enumeration T would actually be the ProcessVMReaderContext type. There are some downsides to this approach.

  • With the in-process and out-of-process variants merged into one, anyone wishing to change this methods need to be very careful. They have to exclusively use the interface of T to dereference pointers. The code is also now harder to read because its written from the perspective of doing out-of-process enumeration, with the in-process case being handled in a very non-transparent way.
  • The design of ProcessVMReaderContext would need to be changed significantly. Currently ProcessVMReaderContext does not own or manage the storage allocated for data copied from a target process. Right now the storage is handled externally by having stack allocations and internal_memcpy(...)-ing data into those locations. This design isn't compatible if we have unified ForEachChunk implementations because we want the in-process enumeration to have zero added cost (we don't want additional stack allocations and internal_memcpy(...) calls). To do this we would need ProcessVMReaderContext to actually own the storage allocated for out-of-process enumeration. Arguably this a better design anyway.

A problem with the suggestion above though is I'm not 100% sure if we can unify everything. For example later patches add an out-of-process version of AsanChunk and
I'm not sure if we can have a single implementation of that class that supports both in-process and out-of-process enumeration.

So the question is. What is more important, keeping the in-process and out-of-process functions separate for readability or unifying for maintainability?

lib/sanitizer_common/sanitizer_process_vm_reader.h
27 โ†—(On Diff #159284)

Sure. I guess lib/sanitizer_common/sanitizer_internal_defs.h would be a sensible place to put the typedef?

kcc added a comment.Aug 20 2018, 6:12 PM

I've looked at the code once more and I am really afraid of this extra complexity in the core of asan that is never needed outside of OSX/iOS.
It would be much better to hide this into Mac-specific code that would use allocator's public APIs.
It's fine to add some public APIs to the allocator for that purpose, as long as they are testable.
Is that possible?

Also, just for my education, why would someone need to use heap, vmmap, or leaks on an asan-ified process?
For leaks, we have lsan (already works on Mac IIRC).
For heap, asan introduces a significant distortion so that the heap profiles won't be similar to the ones in production builds.
For vmmap, part of that can be achieved by asan's builtin heap profiler (linux-only today).

You certainly know more about Mac than I do, I just want to make sure you are solving a problem that needs to be solved.

kubamracek added a comment.Aug 20 2018, 7:45 PM
In D50330#1206984, @kcc wrote:

Also, just for my education, why would someone need to use heap, vmmap, or leaks on an asan-ified process?

This is all about preserving existing workflows and features that iOS/macOS developers rely on. I know that ASan has alternatives for some of these tools, but we can't just teach all existing developers to use a completely different toolset when using ASan. One example: The 'heap' tool and Xcode's Memory Graph Debugger are rich tools for analysing your heap and whether you're running with ASan or not doesn't matter from the user's perspective -- they expect these tools to work. I'm not worried about things like fragmentation, which as you said can vary greatly, but most information isn't going to be different under ASan: per-size allocation histogram, pointer reference cycles, number of allocations of certain size, per object class breakdown of allocations, for strings the tools can preview content, etc. All of this is already built into 'heap', 'leaks' and the Memory Graph Debugger and these things can't realistically be re-implemented into ASan/LSan. The idea of adding compatibility into the sanitizer allocator sounds much simpler in comparison.

kubamracek added a comment.Aug 20 2018, 7:50 PM
In D50330#1206984, @kcc wrote:

I've looked at the code once more and I am really afraid of this extra complexity in the core of asan that is never needed outside of OSX/iOS.
It would be much better to hide this into Mac-specific code that would use allocator's public APIs.

Just to make sure we're on the same page: You're only talking about the three added ForEachChunkOutOfProcess functions, right? The rest of the patch is almost entirely support/testing code that isn't adding any complexity to the core.

delcypher added a comment.Aug 22 2018, 4:03 AM
In D50330#1206984, @kcc wrote:

I've looked at the code once more and I am really afraid of this extra complexity in the core of asan that is never needed outside of OSX/iOS.
It would be much better to hide this into Mac-specific code that would use allocator's public APIs.
It's fine to add some public APIs to the allocator for that purpose, as long as they are testable.
Is that possible?

Could you elaborate on what you are envisioning? The only methods I've added to the allocators in this patch are the ForEachChunkOutOfProcess(...)
methods (later patches do add a few out-of-process variants of existing methods). At present the ForEachChunkOutOfProcess(...) methods have to
be in the allocator classes because they access internal implementation details of the allocators which are private. Adding public methods to let external code (that arguably belongs in the allocator) get at these internals
seems like a horrible layering violation. I'm not convinced doing that would have any positive impact because now:

  • There will be a public API that has to be maintained for just a single client in addition to having to maintain the allocator internals. Previously we only needed to worry about maintaining the allocator internals. Creating more maintenance burden than what is in this patch seems like the wrong way to go.
  • It's even easier to break out-of-process enumeration because the code for it would live far away the relevant allocators.

What about the other idea I suggested where the ForEachChunk methods are unified so there is only one implementation for both in-process and out-of-process?
For in-process we'd use a zero-cost abstraction so that for in-process enumeration we don't do any of the expensive operations required for out-of-process enumeration.
That would seem to me to fix your valid concerns over having to maintain two different ForEachChunk implementations. I've not tried implementing this yet because I don't
want to spend time implementing something that won't be accepted upstream. However if this an approach you might consider acceptable then I can try to implement it.

Also, just for my education, why would someone need to use heap, vmmap, or leaks on an asan-ified process?
For leaks, we have lsan (already works on Mac IIRC).
For heap, asan introduces a significant distortion so that the heap profiles won't be similar to the ones in production builds.
For vmmap, part of that can be achieved by asan's builtin heap profiler (linux-only today).

You certainly know more about Mac than I do, I just want to make sure you are solving a problem that needs to be solved.

@kubamracek Has already listed the main reasons why we want to do this. I'd like to add this will also help LSan support on macOS. Right now LSan "kind of" works on macOS. It has false positives due it not understanding various internal implementation details of various macOS specific libraries like GCD and the Swift runtime. The leaks tool on the other hand does not have these false positives because it is aware of these internal implementation details. Improvements to LSan on macOS will be greatly helped by comparing LSan reports against reports produced by the leaks tool. Being able to run the leaks tool on ASanified binary would make this process easier because programs don't need to be recompiled with ASan disabled to do leak checking with the leaks tool.

kcc added a comment.Aug 23 2018, 4:49 PM

Just to make sure we're on the same page: You're only talking about the three added ForEachChunkOutOfProcess functions, right? The rest of the patch is almost entirely support/testing code that isn't adding any complexity to the core.

Correct. Looking at them again...

kcc added a comment.Aug 23 2018, 4:50 PM

and of course, also, the ProcessVMReaderContext

kubamracek added a comment.Aug 24 2018, 2:10 PM
In D50330#1211776, @kcc wrote:

and of course, also, the ProcessVMReaderContext

If the abstraction of ProcessVMReaderContext is bothering you, we should be able to move most of it into Mac-specific source files and just have ForEachChunkOutOfProcess take more callback pointers instead.

But moving ForEachChunkOutOfProcess into Mac-specific files doesn't sound easy to do: ForEachChunkOutOfProcess needs access to internal structures of the allocator.

kcc added a comment.Aug 27 2018, 1:30 PM

ForEachChunkOutOfProcess needs access to internal structures of the allocator.

That's exactly why I proposed to consider implementing a public API instead.
It might be hard, but I'd like to know why before we proceed with the current change.

delcypher updated this revision to Diff 167989.Oct 2 2018, 11:23 AM
  • Implement SizeClassAllocator32 out-of-process enumeration
  • Split implementation of out-of-process functions into their own header files. These can be included by the platforms that actually need this functionality.
  • Remove ProcessVMReaderContext::ReadErrorTy and use bool instead.
  • Move declaration of the ProcessHandle into sanitizer_internal_defs.h.
vitalybuka added inline comments.Oct 2 2018, 11:37 AM
lib/sanitizer_common/sanitizer_allocator_bytemap.h
21

I'd avoid this typedefs use in implementation only
for sizeof please use actual variables, e.g. sizeof(*this)
other few places just decltype(*this)

delcypher added a comment.Oct 2 2018, 11:47 AM
In D50330#1214896, @kcc wrote:

ForEachChunkOutOfProcess needs access to internal structures of the allocator.

That's exactly why I proposed to consider implementing a public API instead.
It might be hard, but I'd like to know why before we proceed with the current change.

Sorry for taking so long to revisit this. I hope you'll find this version of the patch more palatable.

I tried looking at the idea of a "public API" and I see no reasonable way to do this. The out-of-process code has to know lots of internal details about the implementations of the allocators that I see no practical way to abstract. In particular the fact we are performing out-of-process reads couples us even very tightly to an allocator implementation because we have to be very careful to only call APIs on an allocator that do not dereference pointers. In several cases I have had to implement out-of-process versions of existing APIs because the existing ones aren't designed to work with the allocator being in a different process. To me these are very strong indicators that it does not make sense to pull the out-of-process enumeration code out of allocators.

Previously you raised concerns about having extra complexity inside the ASan allocators that no other platforms are using. The new version of the patch aims at a compromise that partially addresses this.

In this patch all of the out-of-process functions are declared in the allocator classes but they are defined in other header files. The idea here is that only platforms (i.e. Darwin) that actually need the out-of-process functionality should include the *_oop.h header files. All other platforms simply don't include those header files which means the out-of-process code never ends up inside the sanitizer libraries. In this patch only the unit tests consume the *_oop.h header files so we can ensure that compilation doesn't get broken. So in this patch the new out-of-process code doesn't ever appear in the sanitizer libraries. The intention in later patches is that the Darwin ASan library will also consume the *_oop.h header files but no other platform will.

This partially fixes your concerns because all non-Darwin sanitizer libraries will not contain out-of-process enumerator code. What this does not fix is the maintenance burden of maintaining two separate allocator enumerator implementations. This is unavoidable unless we combine them into an abstracted version of ForEachChunk(...) (and friends) that describes both in and out-of-process implementations.

Please let me know what you think.

delcypher added inline comments.Oct 4 2018, 5:47 AM
lib/sanitizer_common/sanitizer_allocator_bytemap.h
21

I can't do as you suggest because ReadOutOfProcess is a static method so there is no this pointer. However we can make this typedef private if you prefer. I was copying an existing pattern I saw in the size class allocators.

delcypher added a comment.Oct 9 2018, 11:55 AM

@kcc ping.

delcypher updated this revision to Diff 171733.Oct 30 2018, 11:08 AM
delcypher edited the summary of this revision. (Show Details)

New type safe and unified implementation based on discussions with @kcc.

Harbormaster completed remote builds in B24339: Diff 171733.Oct 30 2018, 11:09 AM
delcypher added a comment.Oct 30 2018, 11:20 AM

@kcc Here is a new version of the patch that tries to address your concern of having two separate in-process and out-of-process implementations.

Just to note at our discussions at LLVMDev you wanted the template type (in this case what I call ObjectView) to an allocator parameter. I have not done this because I discovered this is impossible (when ObjectView is templated on the type of the object it is representing) because you end up with mutually recursive types. I.e.

ObjectView<Allocator<Params< ObjectView<Allocator<Params< ... > > > > > >

Instead the methods that need to be used for out-of-process enumeration are templated. This seems like a better choice anyway because it means

  • There are not different allocator data types for in and out-of-process enumeration. This means it is impossible to have a data-layout divergence between the two types because there is only one.
  • It explicitly documents which methods are involved in out-of-process enumeration because they are templated on ObjectView.

I should also note this is not necessarily the final design. I have not finished reworking my internal patch to re-use this new ObjectView interface everywhere yet so there might need to be some design tweaks to accommodate this. However I really wanted to get early feedback on this new design because it has large implications on my work.

delcypher edited the summary of this revision. (Show Details)Oct 30 2018, 11:21 AM
delcypher updated this revision to Diff 171752.Oct 30 2018, 11:49 AM

Add missing ALWAYS_INLINE attributes.

Harbormaster completed remote builds in B24343: Diff 171752.Oct 30 2018, 11:49 AM
kcc added a comment.Oct 30 2018, 3:15 PM

Sorry, this isn't any better than the previous version.
Please understand my position: this is the core code for all the existing sanitizers, scudo, and the new hwasan,
we are planing to have this code in production (in fact, we already have it in production in many places).
There is no way we can maintain code with so much extra stuff in it. The change has to be less intrusive.

Just to note at our discussions at LLVMDev you wanted the template type (in this case what I call ObjectView) to an allocator parameter. I have not done this because I discovered this is impossible (when ObjectView is templated on the type of the object it is representing) because you end up with mutually recursive types. I.e.
ObjectView<Allocator<Params< ObjectView<Allocator<Params< ... > > > > > >

I don't understand this. Let's take some specific class, e.g. SizeClassAllocator64,
and see why ObjectView can't be made part of "Params".

Is it possible to make this change in several iterations where you start from introducing one more template parameter (ObjectView?) that does very little,
then we can iterate extending it.

delcypher added a comment.Oct 31 2018, 5:46 AM
In D50330#1281420, @kcc wrote:

Sorry, this isn't any better than the previous version.

I don't agree with that but perhaps I misunderstood precisely what you disliked about the previous version of the patch. My understanding was that you didn't like the fact there were duplicate implementation for enumerating allocations, one for in-process (what exists today), and one for out-of-process (what I'm trying to add).
This patch removes the duplicate implementations by unifying the implementations and templating them on a ObjectView type which abstracts the out-of-process operations (allocating memory, copying memory from another process into that allocated memory, deallocating the memory).

Please understand my position: this is the core code for all the existing sanitizers, scudo, and the new hwasan,
we are planing to have this code in production (in fact, we already have it in production in many places).
There is no way we can maintain code with so much extra stuff in it. The change has to be less intrusive.

Okay, I understand your position but I can't easily fix this patch unless you give me more explicit guidance on which parts you do not like. If you point to a particular thing (e.g. The design pattern that is being consistently followed) you don't like I can explain the reasoning behind it and also discuss alternatives.
Enumerating the allocators in an out-of-process mode is complicated and I think it is inevitable that the change will be intrusive.

There are certain places where I have made changes for safety reasons, but they could be dropped. For example the SpaceBeg() instance method has been modified because it is in the call graph of instance methods that are called from ForEachChunk(...). The rule I have been following is that instance methods should not be called directly
because doing so may be unsafe because they might deference memory that does not exist in the out-of-process scenario. A method like SpaceBeg() is actually safe to call directly on an allocator copied for another process but there is nothing enforcing that. Changing SpaceBeg() (in this case it's actually renamed to SpaceBegOOP() and a new method named SpaceBeg() just calls it with the appropriate arguments) to be templated on ObjectView and be a static method means that:

  • There is no this pointer with prevents anyone calling instance methods directly.
  • The fact that the method is templated on ObjectView documents the fact that this method is in the call graph for out-of-process enumeration. This forces the programmer to actually think about what they are doing because the method is used in the in-process and out-of-process code paths.

But as I mentioned earlier SpaceBeg() is currently safe to call directly on an Allocator so I could drop the changes (and to similar methods that are safe to call directly) if you don't like them. I'm not a fan of this because I prefer safety over simplicity.

Just to note at our discussions at LLVMDev you wanted the template type (in this case what I call ObjectView) to an allocator parameter. I have not done this because I discovered this is impossible (when ObjectView is templated on the type of the object it is representing) because you end up with mutually recursive types. I.e.
ObjectView<Allocator<Params< ObjectView<Allocator<Params< ... > > > > > >

I don't understand this. Let's take some specific class, e.g. SizeClassAllocator64,
and see why ObjectView can't be made part of "Params".

Sorry I was incorrect when I said this was "impossible". When I looked this initially I couldn't see a way to do because ObjectView is templated on the type it represents. If you have Params contain a fully instantiated typedef (e.g. ObjectView<SizeClassAllocator<...>>) you end up with
recursive types. To illustrate this consider this

#include <stdlib.h>

template <typename ObjectTy> class LocalObjectView {
private:
  uintptr_t local_address;

public:
  LocalObjectView(ObjectTy *addr)
      : local_address(reinterpret_cast<uintptr_t>(addr)) {}
  ObjectTy *GetLocalAddress() const {
    return reinterpret_cast<ObjectTy *>(local_address);
  }
  size_t GetSize() const { return sizeof(ObjectTy); }
};

template <template ObjectViewT>
class AP64 {
public:
  static const int kSomeConstant = 0;
  typedef ObjectViewT ObjectView;
};

template <typename Params> class SizeClassAllocator {
public:
  typedef SizeClassAllocator<Params> ThisT;
  static const auto kValue = Params::kSomeConstant;
  int foo = 0;

  static void DoSomething(Params::ObjectView* view) {
    view->GetLocalAddress()->foo = 1;
  }
};

int main() {
  // Can't declare the type because of recursive type
  // ??? = SizeClassAllocator<AP64<LocalObjectView<???>>>
  SizeClassAllocator<AP64<LocalObjectView<???>>> allocator;
}

Notice how it's impossible to actually instantiate the SizeClassAllocator in this example. Because of this I went with the approach of templating the methods I needed to change.

I've given this some thought and I've realised that there is a way to make this work by making Params::ObjectView a dependent type as shown below.

#include <stdlib.h>

template <typename ObjectTy> class LocalObjectView {
private:
  uintptr_t local_address;

public:
  LocalObjectView(ObjectTy *addr)
      : local_address(reinterpret_cast<uintptr_t>(addr)) {}
  ObjectTy *GetLocalAddress() const {
    return reinterpret_cast<ObjectTy *>(local_address);
  }
  size_t GetSize() const { return sizeof(ObjectTy); }
};

template <template <typename> class ObjectViewT> class AP64 {
public:
  static const int kSomeConstant = 0;
  template <typename ObjectTy> using ObjectView = ObjectViewT<ObjectTy>;
};

template <typename Params> class SizeClassAllocator {
public:
  typedef SizeClassAllocator<Params> ThisT;
  static const auto kValue = Params::kSomeConstant;
  int foo = 0;

  static void DoSomething(typename Params::template ObjectView<ThisT> *view) {
    view->GetLocalAddress()->foo = 1;
  }
};

int main() {
  SizeClassAllocator<AP64<LocalObjectView>> allocator;
  LocalObjectView<decltype(allocator)> view(&allocator);
  decltype(allocator)::DoSomething(&view);
}

So actually I could make ObjectView be part of the allocator parameters instead of what I've done in this patch.
A nice aspect of this is it means all the static_asserts can be removed (I think). A downside however is that it makes declaring allocator types a bit more cumbersome because
this type will have to appear in three places in the allocator (in the combined, primary, and secondary). Does this seem like the right trade-off?

Is it possible to make this change in several iterations where you start from introducing one more template parameter (ObjectView?) that does very little,
then we can iterate extending it.

I can certainly break this patch up into smaller pieces but I haven't done so because some parts don't make any sense in isolation. If you'd like me to submit in smaller pieces I can, but basically it would be this patch but with ObjectView as an allocator parameter. Is that something you'd accepted or are there more fundamental changes that you want to make?
I'm very wary of putting in the work to breaking up this patch if it's definitely going to be rejected again.

delcypher added a comment.Oct 31 2018, 2:51 PM

@kcc Just to give you an update on this. @kubamracek and I have been discussing this patch and we've decided that we will produce a much smaller version of this patch that focuses on making changes to just a single allocator and in a simpler way. @kubamracek 's view is that this will be much easier to review because this will illustrate the core design change we'd like to make with much less code that should be easier to critique.

kcc added a comment.Oct 31 2018, 2:53 PM

thanks!

delcypher added a comment.Nov 1 2018, 6:19 AM
In D50330#1282943, @kcc wrote:

thanks!

New patch is up https://reviews.llvm.org/D53975.

delcypher abandoned this revision.Nov 1 2018, 6:19 AM

Abandoning this change in favour of incremental patches to achieve the same functionality.

Revision Contents

Diff 171752

lib/sanitizer_common/CMakeLists.txt

Show All 31 Linesset(SANITIZER_SOURCES_NOTERMINATION
sanitizer_procmaps_mac.cc sanitizer_procmaps_mac.cc
sanitizer_procmaps_solaris.cc sanitizer_procmaps_solaris.cc
sanitizer_rtems.cc sanitizer_rtems.cc
sanitizer_solaris.cc sanitizer_solaris.cc
sanitizer_stoptheworld_mac.cc sanitizer_stoptheworld_mac.cc
sanitizer_suppressions.cc sanitizer_suppressions.cc
sanitizer_tls_get_addr.cc sanitizer_tls_get_addr.cc
sanitizer_thread_registry.cc sanitizer_thread_registry.cc
sanitizer_vm_read_context_common.cc
sanitizer_vm_read_context_mac.cc
sanitizer_vm_read_context_stubs.cc
sanitizer_win.cc) sanitizer_win.cc)
if(UNIX AND NOT APPLE AND NOT OS_NAME MATCHES "SunOS") if(UNIX AND NOT APPLE AND NOT OS_NAME MATCHES "SunOS")
list(APPEND SANITIZER_SOURCES_NOTERMINATION list(APPEND SANITIZER_SOURCES_NOTERMINATION
sanitizer_linux_x86_64.S) sanitizer_linux_x86_64.S)
list(APPEND SANITIZER_SOURCES_NOTERMINATION list(APPEND SANITIZER_SOURCES_NOTERMINATION
sanitizer_linux_mips64.S) sanitizer_linux_mips64.S)
endif() endif()
โ–ฒ Show 20 Lines โ€ข Show All 91 Lines โ€ข โ–ผ Show 20 Linesset(SANITIZER_IMPL_HEADERS
sanitizer_interceptors_ioctl_netbsd.inc sanitizer_interceptors_ioctl_netbsd.inc
sanitizer_interface_internal.h sanitizer_interface_internal.h
sanitizer_internal_defs.h sanitizer_internal_defs.h
sanitizer_lfstack.h sanitizer_lfstack.h
sanitizer_libc.h sanitizer_libc.h
sanitizer_libignore.h sanitizer_libignore.h
sanitizer_linux.h sanitizer_linux.h
sanitizer_list.h sanitizer_list.h
sanitizer_local_object_view.h
sanitizer_mac.h sanitizer_mac.h
sanitizer_malloc_mac.inc sanitizer_malloc_mac.inc
sanitizer_mutex.h sanitizer_mutex.h
sanitizer_persistent_allocator.h sanitizer_persistent_allocator.h
sanitizer_placement_new.h sanitizer_placement_new.h
sanitizer_platform.h sanitizer_platform.h
sanitizer_platform_interceptors.h sanitizer_platform_interceptors.h
sanitizer_platform_limits_netbsd.h sanitizer_platform_limits_netbsd.h
sanitizer_platform_limits_openbsd.h sanitizer_platform_limits_openbsd.h
sanitizer_platform_limits_posix.h sanitizer_platform_limits_posix.h
sanitizer_platform_limits_solaris.h sanitizer_platform_limits_solaris.h
sanitizer_posix.h sanitizer_posix.h
sanitizer_procmaps.h sanitizer_procmaps.h
sanitizer_quarantine.h sanitizer_quarantine.h
sanitizer_remote_object_view.h
sanitizer_report_decorator.h sanitizer_report_decorator.h
sanitizer_ring_buffer.h sanitizer_ring_buffer.h
sanitizer_rtems.h sanitizer_rtems.h
sanitizer_signal_interceptors.inc sanitizer_signal_interceptors.inc
sanitizer_stackdepot.h sanitizer_stackdepot.h
sanitizer_stackdepotbase.h sanitizer_stackdepotbase.h
sanitizer_stacktrace.h sanitizer_stacktrace.h
sanitizer_stacktrace_printer.h sanitizer_stacktrace_printer.h
sanitizer_stoptheworld.h sanitizer_stoptheworld.h
sanitizer_suppressions.h sanitizer_suppressions.h
sanitizer_symbolizer.h sanitizer_symbolizer.h
sanitizer_symbolizer_fuchsia.h sanitizer_symbolizer_fuchsia.h
sanitizer_symbolizer_internal.h sanitizer_symbolizer_internal.h
sanitizer_symbolizer_libbacktrace.h sanitizer_symbolizer_libbacktrace.h
sanitizer_symbolizer_mac.h sanitizer_symbolizer_mac.h
sanitizer_symbolizer_rtems.h sanitizer_symbolizer_rtems.h
sanitizer_syscall_generic.inc sanitizer_syscall_generic.inc
sanitizer_syscall_linux_aarch64.inc sanitizer_syscall_linux_aarch64.inc
sanitizer_syscall_linux_arm.inc sanitizer_syscall_linux_arm.inc
sanitizer_syscall_linux_x86_64.inc sanitizer_syscall_linux_x86_64.inc
sanitizer_syscalls_netbsd.inc sanitizer_syscalls_netbsd.inc
sanitizer_thread_registry.h sanitizer_thread_registry.h
sanitizer_tls_get_addr.h sanitizer_tls_get_addr.h
sanitizer_vector.h sanitizer_vector.h
sanitizer_vm_read_context.h
sanitizer_win.h sanitizer_win.h
sanitizer_win_defs.h sanitizer_win_defs.h
sanitizer_win_dll_thunk.h sanitizer_win_dll_thunk.h
sanitizer_win_weak_interception.h) sanitizer_win_weak_interception.h)
include_directories(..) include_directories(..)
set(SANITIZER_COMMON_DEFINITIONS) set(SANITIZER_COMMON_DEFINITIONS)
โ–ฒ Show 20 Lines โ€ข Show All 182 Lines โ€ข Show Last 20 Lines

lib/sanitizer_common/sanitizer_allocator.h

//===-- sanitizer_allocator.h -----------------------------------*- C++ -*-===// //===-- sanitizer_allocator.h -----------------------------------*- C++ -*-===//
// //
// The LLVM Compiler Infrastructure // The LLVM Compiler Infrastructure
// //
// This file is distributed under the University of Illinois Open Source // This file is distributed under the University of Illinois Open Source
// License. See LICENSE.TXT for details. // License. See LICENSE.TXT for details.
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// //
// Specialized memory allocator for ThreadSanitizer, MemorySanitizer, etc. // Specialized memory allocator for ThreadSanitizer, MemorySanitizer, etc.
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
#ifndef SANITIZER_ALLOCATOR_H #ifndef SANITIZER_ALLOCATOR_H
#define SANITIZER_ALLOCATOR_H #define SANITIZER_ALLOCATOR_H
#include "sanitizer_internal_defs.h"
#include "sanitizer_common.h" #include "sanitizer_common.h"
#include "sanitizer_internal_defs.h"
#include "sanitizer_lfstack.h"
#include "sanitizer_libc.h" #include "sanitizer_libc.h"
#include "sanitizer_list.h" #include "sanitizer_list.h"
#include "sanitizer_local_object_view.h"
#include "sanitizer_mutex.h" #include "sanitizer_mutex.h"
#include "sanitizer_lfstack.h"
#include "sanitizer_procmaps.h" #include "sanitizer_procmaps.h"
namespace __sanitizer { namespace __sanitizer {
// Allows the tools to name their allocations appropriately. // Allows the tools to name their allocations appropriately.
extern const char *PrimaryAllocatorName; extern const char *PrimaryAllocatorName;
extern const char *SecondaryAllocatorName; extern const char *SecondaryAllocatorName;
โ–ฒ Show 20 Lines โ€ข Show All 50 Lines โ€ข Show Last 20 Lines

lib/sanitizer_common/sanitizer_allocator_bytemap.h

Show All 12 Lines
#ifndef SANITIZER_ALLOCATOR_H #ifndef SANITIZER_ALLOCATOR_H
#error This file must be included inside sanitizer_allocator.h #error This file must be included inside sanitizer_allocator.h
#endif #endif
// Maps integers in rage [0, kSize) to u8 values. // Maps integers in rage [0, kSize) to u8 values.
template<u64 kSize> template<u64 kSize>
class FlatByteMap { class FlatByteMap {
public: public:
typedef FlatByteMap<kSize> ThisT;
vitalybukaUnsubmitted
Not Done
ReplyInline Actions

I'd avoid this typedefs use in implementation only
for sizeof please use actual variables, e.g. sizeof(*this)
other few places just decltype(*this)

vitalybuka: I'd avoid this typedefs use in implementation only for sizeof please use actual variables, e.g.
delcypherAuthorUnsubmitted
Not Done
ReplyInline Actions

I can't do as you suggest because ReadOutOfProcess is a static method so there is no this pointer. However we can make this typedef private if you prefer. I was copying an existing pattern I saw in the size class allocators.

delcypher: I can't do as you suggest because `ReadOutOfProcess` is a `static` method so there is no `this`โ€ฆ
void Init() { void Init() {
internal_memset(map_, 0, sizeof(map_)); internal_memset(map_, 0, sizeof(map_));
} }
void set(uptr idx, u8 val) { void set(uptr idx, u8 val) {
CHECK_LT(idx, kSize); CHECK_LT(idx, kSize);
CHECK_EQ(0U, map_[idx]); CHECK_EQ(0U, map_[idx]);
map_[idx] = val; map_[idx] = val;
} }
u8 operator[] (uptr idx) {
u8 operator[](uptr idx) const {
LocalObjectView<const ThisT> local_view(this);
return GetOOP(idx, &local_view);
}
template <typename ObjectView>
ALWAYS_INLINE static u8 GetOOP(uptr idx, ObjectView *view) {
static_assert(
std::is_same<ThisT, typename ObjectView::ObjectType>::value ||
std::is_same<const ThisT, typename ObjectView::ObjectType>::value,
"ObjectView has wrong type");
CHECK_LT(idx, kSize); CHECK_LT(idx, kSize);
// FIXME: CHECK may be too expensive here. CHECK(view->IsValid());
return map_[idx]; return view->GetLocalAddress()->map_[idx];
} }
private: private:
u8 map_[kSize]; u8 map_[kSize];
}; };
// TwoLevelByteMap maps integers in range [0, kSize1*kSize2) to u8 values. // TwoLevelByteMap maps integers in range [0, kSize1*kSize2) to u8 values.
// It is implemented as a two-dimensional array: array of kSize1 pointers // It is implemented as a two-dimensional array: array of kSize1 pointers
// to kSize2-byte arrays. The secondary arrays are mmaped on demand. // to kSize2-byte arrays. The secondary arrays are mmaped on demand.
// Each value is initially zero and can be set to something else only once. // Each value is initially zero and can be set to something else only once.
// Setting and getting values from multiple threads is safe w/o extra locking. // Setting and getting values from multiple threads is safe w/o extra locking.
template <u64 kSize1, u64 kSize2, class MapUnmapCallback = NoOpMapUnmapCallback> template <u64 kSize1, u64 kSize2, class MapUnmapCallback = NoOpMapUnmapCallback>
class TwoLevelByteMap { class TwoLevelByteMap {
public: public:
typedef TwoLevelByteMap<kSize1, kSize2, MapUnmapCallback> ThisT;
void Init() { void Init() {
internal_memset(map1_, 0, sizeof(map1_)); internal_memset(map1_, 0, sizeof(map1_));
mu_.Init(); mu_.Init();
} }
void TestOnlyUnmap() { void TestOnlyUnmap() {
for (uptr i = 0; i < kSize1; i++) { for (uptr i = 0; i < kSize1; i++) {
u8 *p = Get(i); u8 *p = Get(i);
Show All 10 Lines public:
void set(uptr idx, u8 val) { void set(uptr idx, u8 val) {
CHECK_LT(idx, kSize1 * kSize2); CHECK_LT(idx, kSize1 * kSize2);
u8 *map2 = GetOrCreate(idx / kSize2); u8 *map2 = GetOrCreate(idx / kSize2);
CHECK_EQ(0U, map2[idx % kSize2]); CHECK_EQ(0U, map2[idx % kSize2]);
map2[idx % kSize2] = val; map2[idx % kSize2] = val;
} }
u8 operator[] (uptr idx) const { u8 operator[] (uptr idx) const {
LocalObjectView<const ThisT> local_view(this);
return GetOOP(idx, &local_view);
}
template <typename ObjectView>
ALWAYS_INLINE static u8 GetOOP(uptr idx, ObjectView *view) {
static_assert(
std::is_same<ThisT, typename ObjectView::ObjectType>::value ||
std::is_same<const ThisT, typename ObjectView::ObjectType>::value,
"ObjectView has wrong type");
CHECK_LT(idx, kSize1 * kSize2); CHECK_LT(idx, kSize1 * kSize2);
u8 *map2 = Get(idx / kSize2); CHECK(view->IsValid());
if (!map2) return 0; // FIXME(dliew): This method is current safe to call directly. Should
return map2[idx % kSize2]; // we make an ObjectView version?
uptr map2 =
reinterpret_cast<uptr>(view->GetLocalAddress()->Get(idx / kSize2));
if (!map2)
return 0;
uptr byte_addr = map2 + (idx % kSize2);
typename ObjectView::template SmallAllocTy<u8> byte_view(
byte_addr, view->GetReadContext());
CHECK(byte_view.IsValid());
return *(byte_view.GetLocalAddress());
} }
private: private:
u8 *Get(uptr idx) const { u8 *Get(uptr idx) const {
CHECK_LT(idx, kSize1); CHECK_LT(idx, kSize1);
return reinterpret_cast<u8 *>( return reinterpret_cast<u8 *>(
atomic_load(&map1_[idx], memory_order_acquire)); atomic_load(&map1_[idx], memory_order_acquire));
} }
Show All 19 Lines

lib/sanitizer_common/sanitizer_allocator_combined.h

Show All 18 Lines
// PrimaryAllocator is efficient, but may not allocate some sizes (alignments). // PrimaryAllocator is efficient, but may not allocate some sizes (alignments).
// When allocating 2^x bytes it should return 2^x aligned chunk. // When allocating 2^x bytes it should return 2^x aligned chunk.
// PrimaryAllocator is used via a local AllocatorCache. // PrimaryAllocator is used via a local AllocatorCache.
// SecondaryAllocator can allocate anything, but is not efficient. // SecondaryAllocator can allocate anything, but is not efficient.
template <class PrimaryAllocator, class AllocatorCache, template <class PrimaryAllocator, class AllocatorCache,
class SecondaryAllocator> // NOLINT class SecondaryAllocator> // NOLINT
class CombinedAllocator { class CombinedAllocator {
public: public:
typedef CombinedAllocator<PrimaryAllocator, AllocatorCache,
SecondaryAllocator>
ThisT;
void InitLinkerInitialized(s32 release_to_os_interval_ms) { void InitLinkerInitialized(s32 release_to_os_interval_ms) {
primary_.Init(release_to_os_interval_ms); primary_.Init(release_to_os_interval_ms);
secondary_.InitLinkerInitialized(); secondary_.InitLinkerInitialized();
stats_.InitLinkerInitialized(); stats_.InitLinkerInitialized();
} }
void Init(s32 release_to_os_interval_ms) { void Init(s32 release_to_os_interval_ms) {
primary_.Init(release_to_os_interval_ms); primary_.Init(release_to_os_interval_ms);
โ–ฒ Show 20 Lines โ€ข Show All 145 Lines โ€ข โ–ผ Show 20 Lines public:
void ForceUnlock() { void ForceUnlock() {
secondary_.ForceUnlock(); secondary_.ForceUnlock();
primary_.ForceUnlock(); primary_.ForceUnlock();
} }
// Iterate over all existing chunks. // Iterate over all existing chunks.
// The allocator must be locked when calling this function. // The allocator must be locked when calling this function.
void ForEachChunk(ForEachChunkCallback callback, void *arg) { void ForEachChunk(ForEachChunkCallback callback, void *arg) {
primary_.ForEachChunk(callback, arg); LocalObjectView<ThisT> local_view(this);
secondary_.ForEachChunk(callback, arg); ThisT::ForEachChunkOOP(callback, arg, &local_view);
}
template <typename ObjectView>
ALWAYS_INLINE static void ForEachChunkOOP(ForEachChunkCallback callback,
void *arg, ObjectView *view) {
static_assert(std::is_same<ThisT, typename ObjectView::ObjectType>::value,
"ObjectView has wrong type");
CHECK(view->IsValid());
auto primary_slice = view->MakeSliceView(&ThisT::primary_);
PrimaryAllocator::ForEachChunkOOP(callback, arg, &primary_slice);
auto secondary_slice = view->MakeSliceView(&ThisT::secondary_);
SecondaryAllocator::ForEachChunkOOP(callback, arg, &secondary_slice);
} }
private: private:
PrimaryAllocator primary_; PrimaryAllocator primary_;
SecondaryAllocator secondary_; SecondaryAllocator secondary_;
AllocatorGlobalStats stats_; AllocatorGlobalStats stats_;
}; };

lib/sanitizer_common/sanitizer_allocator_primary32.h

Show First 20 Lines โ€ข Show All 230 Lines โ€ข โ–ผ Show 20 Lines void ForceUnlock() {
for (int i = kNumClasses - 1; i >= 0; i--) { for (int i = kNumClasses - 1; i >= 0; i--) {
GetSizeClassInfo(i)->mutex.Unlock(); GetSizeClassInfo(i)->mutex.Unlock();
} }
} }
// Iterate over all existing chunks. // Iterate over all existing chunks.
// The allocator must be locked when calling this function. // The allocator must be locked when calling this function.
void ForEachChunk(ForEachChunkCallback callback, void *arg) { void ForEachChunk(ForEachChunkCallback callback, void *arg) {
for (uptr region = 0; region < kNumPossibleRegions; region++) LocalObjectView<ThisT> local_view(this);
if (possible_regions[region]) { ForEachChunkOOP(callback, arg, &local_view);
uptr chunk_size = ClassIdToSize(possible_regions[region]); }
template <typename ObjectView>
ALWAYS_INLINE static void ForEachChunkOOP(ForEachChunkCallback callback,
void *arg, ObjectView *view) {
static_assert(std::is_same<ThisT, typename ObjectView::ObjectType>::value,
"ObjectView has wrong type");
CHECK(view->IsValid());
auto possible_regions_view = view->MakeSliceView(&ThisT::possible_regions);
CHECK(possible_regions_view.IsValid());
for (uptr region_id = 0; region_id < kNumPossibleRegions; ++region_id) {
auto class_id = ByteMap::GetOOP(region_id, &possible_regions_view);
if (!class_id)
continue;
uptr region_beg = region_id * kRegionSize;
uptr chunk_size = ClassIdToSize(class_id);
uptr max_chunks_in_region = kRegionSize / (chunk_size + kMetadataSize); uptr max_chunks_in_region = kRegionSize / (chunk_size + kMetadataSize);
uptr region_beg = region * kRegionSize;
for (uptr chunk = region_beg; for (uptr chunk = region_beg;
chunk < region_beg + max_chunks_in_region * chunk_size; chunk < region_beg + max_chunks_in_region * chunk_size;
chunk += chunk_size) { chunk += chunk_size) {
// Too slow: CHECK_EQ((void *)chunk, GetBlockBegin((void *)chunk));
callback(chunk, arg); callback(chunk, arg);
} }
} }
} }
void PrintStats() {} void PrintStats() {}
static uptr AdditionalSize() { return 0; } static uptr AdditionalSize() { return 0; }
typedef SizeClassMap SizeClassMapT; typedef SizeClassMap SizeClassMapT;
static const uptr kNumClasses = SizeClassMap::kNumClasses; static const uptr kNumClasses = SizeClassMap::kNumClasses;
private: private:
static const uptr kRegionSize = 1 << kRegionSizeLog; static const uptr kRegionSize = 1 << kRegionSizeLog;
static const uptr kNumPossibleRegions = kSpaceSize / kRegionSize; static const uptr kNumPossibleRegions = kSpaceSize / kRegionSize;
struct ALIGNED(SANITIZER_CACHE_LINE_SIZE) SizeClassInfo { struct ALIGNED(SANITIZER_CACHE_LINE_SIZE) SizeClassInfo {
StaticSpinMutex mutex; StaticSpinMutex mutex;
IntrusiveList<TransferBatch> free_list; IntrusiveList<TransferBatch> free_list;
u32 rand_state; u32 rand_state;
}; };
COMPILER_CHECK(sizeof(SizeClassInfo) % kCacheLineSize == 0); COMPILER_CHECK(sizeof(SizeClassInfo) % kCacheLineSize == 0);
uptr ComputeRegionId(uptr mem) { uptr ComputeRegionId(uptr mem) const {
const uptr res = mem >> kRegionSizeLog; const uptr res = mem >> kRegionSizeLog;
CHECK_LT(res, kNumPossibleRegions); CHECK_LT(res, kNumPossibleRegions);
return res; return res;
} }
uptr ComputeRegionBeg(uptr mem) { uptr ComputeRegionBeg(uptr mem) {
return mem & ~(kRegionSize - 1); return mem & ~(kRegionSize - 1);
} }
โ–ฒ Show 20 Lines โ€ข Show All 85 Lines โ€ข Show Last 20 Lines

lib/sanitizer_common/sanitizer_allocator_primary64.h

Show First 20 Lines โ€ข Show All 284 Lines โ€ข โ–ผ Show 20 Lines void ForceUnlock() {
for (int i = (int)kNumClasses - 1; i >= 0; i--) { for (int i = (int)kNumClasses - 1; i >= 0; i--) {
GetRegionInfo(i)->mutex.Unlock(); GetRegionInfo(i)->mutex.Unlock();
} }
} }
// Iterate over all existing chunks. // Iterate over all existing chunks.
// The allocator must be locked when calling this function. // The allocator must be locked when calling this function.
void ForEachChunk(ForEachChunkCallback callback, void *arg) { void ForEachChunk(ForEachChunkCallback callback, void *arg) {
for (uptr class_id = 1; class_id < kNumClasses; class_id++) { LocalObjectView<ThisT> local_view(this);
RegionInfo *region = GetRegionInfo(class_id); ThisT::ForEachChunkOOP(callback, arg, &local_view);
}
template <typename ObjectView>
ALWAYS_INLINE static void ForEachChunkOOP(ForEachChunkCallback callback,
void *arg, ObjectView *view) {
static_assert(std::is_same<ThisT, typename ObjectView::ObjectType>::value,
"ObjectView has wrong type");
CHECK(view->IsValid());
CHECK_NE(callback, nullptr);
if (!view->IsLocal()) {
// Out-of-process
// Sanity checks
// FIXME(dliew): These checks don't really do what we want. They use
// global constants in this process rather than the target process.
CHECK_EQ(view->GetLocalAddress()->address_range.base(),
view->GetLocalAddress()->SpaceBeg());
CHECK_EQ(view->GetLocalAddress()->address_range.size(),
kSpaceSize + ThisT::AdditionalSize());
// FIXME(dliew): Check that `kNumClasses` corresponds between this
// process and the target.
}
// Skip class_id 0 because it is used for zero sized allocations.
for (uptr class_id = 1; class_id < kNumClasses; ++class_id) {
// Compute address to RegionInfo in target process.
uptr region_ptr =
reinterpret_cast<uptr>(GetRegionInfoOOP(class_id, view));
// Copy RegionInfo from target process
typename ObjectView::template SmallAllocTy<RegionInfo> region_info_view(
region_ptr, view->GetReadContext());
CHECK(region_info_view.IsValid());
uptr chunk_size = ClassIdToSize(class_id); uptr chunk_size = ClassIdToSize(class_id);
uptr region_beg = SpaceBeg() + class_id * kRegionSize; uptr region_beg = SpaceBegOOP(view) + (class_id * kRegionSize);
for (uptr chunk = region_beg; uptr region_allocated_user =
chunk < region_beg + region->allocated_user; region_info_view.GetLocalAddress()->allocated_user;
// Iterate over the chunks in the region
for (uptr chunk = region_beg; chunk < region_beg + region_allocated_user;
chunk += chunk_size) { chunk += chunk_size) {
// Too slow: CHECK_EQ((void *)chunk, GetBlockBegin((void *)chunk)); // Too slow: CHECK_EQ((void *)chunk, GetBlockBegin((void *)chunk));
callback(chunk, arg); callback(chunk, arg);
} }
} }
} }
static uptr ClassIdToSize(uptr class_id) { static uptr ClassIdToSize(uptr class_id) {
โ–ฒ Show 20 Lines โ€ข Show All 250 Lines โ€ข โ–ผ Show 20 Lines private:
// In the worst case it may reguire kRegionSize/SizeClassMap::kMinSize // In the worst case it may reguire kRegionSize/SizeClassMap::kMinSize
// elements, but in reality this will not happen. For simplicity we // elements, but in reality this will not happen. For simplicity we
// dedicate 1/8 of the region's virtual space to FreeArray. // dedicate 1/8 of the region's virtual space to FreeArray.
static const uptr kFreeArraySize = kRegionSize / 8; static const uptr kFreeArraySize = kRegionSize / 8;
static const bool kUsingConstantSpaceBeg = kSpaceBeg != ~(uptr)0; static const bool kUsingConstantSpaceBeg = kSpaceBeg != ~(uptr)0;
uptr NonConstSpaceBeg; uptr NonConstSpaceBeg;
uptr SpaceBeg() const { uptr SpaceBeg() const {
return kUsingConstantSpaceBeg ? kSpaceBeg : NonConstSpaceBeg; LocalObjectView<const ThisT> local_view(this);
return SpaceBegOOP(&local_view);
}
uptr SpaceEnd() const {
LocalObjectView<const ThisT> local_view(this);
return SpaceEndOOP(&local_view);
}
template <typename ObjectView>
ALWAYS_INLINE static uptr SpaceBegOOP(ObjectView *view) {
static_assert(
std::is_same<ThisT, typename ObjectView::ObjectType>::value ||
std::is_same<const ThisT, typename ObjectView::ObjectType>::value,
"ObjectView has wrong type");
CHECK(view->IsValid());
return view->GetLocalAddress()->kUsingConstantSpaceBeg
? kSpaceBeg
: view->GetLocalAddress()->NonConstSpaceBeg;
}
template <typename ObjectView>
ALWAYS_INLINE static uptr SpaceEndOOP(ObjectView *view) {
static_assert(
std::is_same<ThisT, typename ObjectView::ObjectType>::value ||
std::is_same<const ThisT, typename ObjectView::ObjectType>::value,
"ObjectView has wrong type");
CHECK(view->IsValid());
return SpaceBegOOP(view) + kSpaceSize;
} }
uptr SpaceEnd() const { return SpaceBeg() + kSpaceSize; }
// kRegionSize must be >= 2^32. // kRegionSize must be >= 2^32.
COMPILER_CHECK((kRegionSize) >= (1ULL << (SANITIZER_WORDSIZE / 2))); COMPILER_CHECK((kRegionSize) >= (1ULL << (SANITIZER_WORDSIZE / 2)));
// kRegionSize must be <= 2^36, see CompactPtrT. // kRegionSize must be <= 2^36, see CompactPtrT.
COMPILER_CHECK((kRegionSize) <= (1ULL << (SANITIZER_WORDSIZE / 2 + 4))); COMPILER_CHECK((kRegionSize) <= (1ULL << (SANITIZER_WORDSIZE / 2 + 4)));
// Call mmap for user memory with at least this size. // Call mmap for user memory with at least this size.
static const uptr kUserMapSize = 1 << 16; static const uptr kUserMapSize = 1 << 16;
// Call mmap for metadata memory with at least this size. // Call mmap for metadata memory with at least this size.
static const uptr kMetaMapSize = 1 << 16; static const uptr kMetaMapSize = 1 << 16;
Show All 25 Lines struct ALIGNED(SANITIZER_CACHE_LINE_SIZE) RegionInfo {
u32 rand_state; // Seed for random shuffle, used if kRandomShuffleChunks. u32 rand_state; // Seed for random shuffle, used if kRandomShuffleChunks.
bool exhausted; // Whether region is out of space for new chunks. bool exhausted; // Whether region is out of space for new chunks.
Stats stats; Stats stats;
ReleaseToOsInfo rtoi; ReleaseToOsInfo rtoi;
}; };
COMPILER_CHECK(sizeof(RegionInfo) % kCacheLineSize == 0); COMPILER_CHECK(sizeof(RegionInfo) % kCacheLineSize == 0);
RegionInfo *GetRegionInfo(uptr class_id) const { RegionInfo *GetRegionInfo(uptr class_id) const {
LocalObjectView<const ThisT> local_view(this);
return GetRegionInfoOOP(class_id, &local_view);
}
template <typename ObjectView>
ALWAYS_INLINE static RegionInfo *GetRegionInfoOOP(uptr class_id,
ObjectView *view) {
static_assert(
std::is_same<ThisT, typename ObjectView::ObjectType>::value ||
std::is_same<const ThisT, typename ObjectView::ObjectType>::value,
"ObjectView has wrong type");
DCHECK_LT(class_id, kNumClasses); DCHECK_LT(class_id, kNumClasses);
RegionInfo *regions = reinterpret_cast<RegionInfo *>(SpaceEnd()); CHECK(view->IsValid());
RegionInfo *regions = reinterpret_cast<RegionInfo *>(SpaceEndOOP(view));
return &regions[class_id]; return &regions[class_id];
} }
uptr GetMetadataEnd(uptr region_beg) const { uptr GetMetadataEnd(uptr region_beg) const {
return region_beg + kRegionSize - kFreeArraySize; return region_beg + kRegionSize - kFreeArraySize;
} }
uptr GetChunkIdx(uptr chunk, uptr size) const { uptr GetChunkIdx(uptr chunk, uptr size) const {
โ–ฒ Show 20 Lines โ€ข Show All 236 Lines โ€ข Show Last 20 Lines

lib/sanitizer_common/sanitizer_allocator_secondary.h

Show First 20 Lines โ€ข Show All 65 Lines โ€ข โ–ผ Show 20 Lines
// This class can (de)allocate only large chunks of memory using mmap/unmap. // This class can (de)allocate only large chunks of memory using mmap/unmap.
// The main purpose of this allocator is to cover large and rare allocation // The main purpose of this allocator is to cover large and rare allocation
// sizes not covered by more efficient allocators (e.g. SizeClassAllocator64). // sizes not covered by more efficient allocators (e.g. SizeClassAllocator64).
template <class MapUnmapCallback = NoOpMapUnmapCallback, template <class MapUnmapCallback = NoOpMapUnmapCallback,
class PtrArrayT = DefaultLargeMmapAllocatorPtrArray> class PtrArrayT = DefaultLargeMmapAllocatorPtrArray>
class LargeMmapAllocator { class LargeMmapAllocator {
public: public:
typedef LargeMmapAllocator<MapUnmapCallback, PtrArrayT> ThisT;
void InitLinkerInitialized() { void InitLinkerInitialized() {
page_size_ = GetPageSizeCached(); page_size_ = GetPageSizeCached();
chunks_ = reinterpret_cast<Header**>(ptr_array_.Init()); chunks_ = reinterpret_cast<Header**>(ptr_array_.Init());
} }
void Init() { void Init() {
internal_memset(this, 0, sizeof(*this)); internal_memset(this, 0, sizeof(*this));
InitLinkerInitialized(); InitLinkerInitialized();
โ–ฒ Show 20 Lines โ€ข Show All 184 Lines โ€ข โ–ผ Show 20 Lines public:
void ForceUnlock() { void ForceUnlock() {
mutex_.Unlock(); mutex_.Unlock();
} }
// Iterate over all existing chunks. // Iterate over all existing chunks.
// The allocator must be locked when calling this function. // The allocator must be locked when calling this function.
void ForEachChunk(ForEachChunkCallback callback, void *arg) { void ForEachChunk(ForEachChunkCallback callback, void *arg) {
EnsureSortedChunks(); // Avoid doing the sort while iterating. LocalObjectView<ThisT> local_view(this);
for (uptr i = 0; i < n_chunks_; i++) { ThisT::ForEachChunkOOP(callback, arg, &local_view);
auto t = chunks_[i]; }
callback(reinterpret_cast<uptr>(GetUser(t)), arg);
template <typename ObjectView>
ALWAYS_INLINE static void ForEachChunkOOP(ForEachChunkCallback callback,
void *arg, ObjectView *view) {
static_assert(std::is_same<ThisT, typename ObjectView::ObjectType>::value,
"ObjectView has wrong type");
CHECK_NE(callback, nullptr);
CHECK(view->IsValid());
if (view->IsLocal()) {
// In-process
// We can only modify memory when its local so only sort the chunks in
// this scenario.
view->GetLocalAddress()
->EnsureSortedChunks(); // Avoid doing the sort while iterating.
} else {
// Out-of-process
// Sanity check
CHECK_EQ(view->GetLocalAddress()->page_size_, GetPageSize());
}
auto num_chunks = view->GetLocalAddress()->n_chunks_;
Header **chunks_begin = view->GetLocalAddress()->chunks_;
for (uptr i = 0; i < num_chunks; ++i) {
// Compute address of pointer to Header pointer in target process.
uptr oop_ptr_to_header_ptr =
reinterpret_cast<uptr>(chunks_begin) + (sizeof(Header *) * i);
// Copy the Header pointer into the local process.
typename ObjectView::template SmallAllocTy<Header *> oop_header_ptr_view(
oop_ptr_to_header_ptr, view->GetReadContext());
CHECK(oop_header_ptr_view.IsValid());
Header *header_ptr = *(oop_header_ptr_view.GetLocalAddress());
// Compute chunk address
uptr chunk_addr =
reinterpret_cast<uptr>(ThisT::GetUserOOP(header_ptr, view));
callback(chunk_addr, arg);
if (view->IsLocal()) {
// Consistency check: verify that the array did not change. // Consistency check: verify that the array did not change.
CHECK_EQ(chunks_[i], t); // NOTE: We are accessing memory in a way that is only safe locally
CHECK_EQ(chunks_[i]->chunk_idx, i); // here so that the check is easier to write. These need rewriting if
// we want to perform these checks in the out-of-process case.
CHECK_EQ(view->GetLocalAddress()->chunks_[i], header_ptr);
CHECK_EQ(view->GetLocalAddress()->chunks_[i]->chunk_idx, i);
}
} }
} }
private: private:
struct Header { struct Header {
uptr map_beg; uptr map_beg;
uptr map_size; uptr map_size;
uptr size; uptr size;
uptr chunk_idx; uptr chunk_idx;
}; };
Header *GetHeader(uptr p) { Header *GetHeader(uptr p) {
CHECK(IsAligned(p, page_size_)); CHECK(IsAligned(p, page_size_));
return reinterpret_cast<Header*>(p - page_size_); return reinterpret_cast<Header*>(p - page_size_);
} }
Header *GetHeader(const void *p) { Header *GetHeader(const void *p) {
return GetHeader(reinterpret_cast<uptr>(p)); return GetHeader(reinterpret_cast<uptr>(p));
} }
void *GetUser(Header *h) { void *GetUser(Header *h) {
CHECK(IsAligned((uptr)h, page_size_)); LocalObjectView<ThisT> local_view(this);
return reinterpret_cast<void*>(reinterpret_cast<uptr>(h) + page_size_); return ThisT::GetUserOOP(h, &local_view);
}
template <typename ObjectView>
ALWAYS_INLINE static void *GetUserOOP(Header *h, ObjectView *view) {
static_assert(std::is_same<ThisT, typename ObjectView::ObjectType>::value,
"ObjectView has wrong type");
auto page_size = view->GetLocalAddress()->page_size_;
CHECK(IsAligned((uptr)h, page_size));
return reinterpret_cast<void *>(reinterpret_cast<uptr>(h) + page_size);
} }
uptr RoundUpMapSize(uptr size) { uptr RoundUpMapSize(uptr size) {
return RoundUpTo(size, page_size_) + page_size_; return RoundUpTo(size, page_size_) + page_size_;
} }
uptr page_size_; uptr page_size_;
Header **chunks_; Header **chunks_;
Show All 9 Lines

lib/sanitizer_common/sanitizer_internal_defs.h

Show First 20 Lines โ€ข Show All 164 Lines โ€ข โ–ผ Show 20 Lines
typedef int error_t; typedef int error_t;
#endif #endif
#if SANITIZER_SOLARIS && !defined(_LP64) #if SANITIZER_SOLARIS && !defined(_LP64)
typedef long pid_t; typedef long pid_t;
#else #else
typedef int pid_t; typedef int pid_t;
#endif #endif
// process_vm_read_handle_t is a platform specific type used by a platform to
// read memory from another process.
#if SANITIZER_MAC
typedef unsigned int task_t;
typedef task_t process_vm_read_handle_t;
#else
// Stub value for other platforms.
typedef int process_vm_read_handle_t;
#endif
#if SANITIZER_FREEBSD || SANITIZER_NETBSD || \ #if SANITIZER_FREEBSD || SANITIZER_NETBSD || \
SANITIZER_OPENBSD || SANITIZER_MAC || \ SANITIZER_OPENBSD || SANITIZER_MAC || \
(SANITIZER_LINUX && defined(__x86_64__)) (SANITIZER_LINUX && defined(__x86_64__))
typedef u64 OFF_T; typedef u64 OFF_T;
#else #else
typedef uptr OFF_T; typedef uptr OFF_T;
#endif #endif
typedef u64 OFF64_T; typedef u64 OFF64_T;
โ–ฒ Show 20 Lines โ€ข Show All 255 Lines โ€ข Show Last 20 Lines

lib/sanitizer_common/sanitizer_local_object_view.h

  • This file was added.
//===-- sanitizer_local_object_view.h ---------------------------*- C++ -*-===//
//
// The LLVM Compiler Infrastructure
//
// This file is distributed under the University of Illinois Open Source
// License. See LICENSE.TXT for details.
//
//===----------------------------------------------------------------------===//
//
// The "local" (i.e. in-process) implementation of the `ObjectView` abstraction.
//
//===----------------------------------------------------------------------===//
#ifndef SANITIZER_LOCAL_OBJECT_VIEW_H
#define SANITIZER_LOCAL_OBJECT_VIEW_H
#include <type_traits>
#include "sanitizer_internal_defs.h"
namespace __sanitizer {
// Forward declare.
class VMReadContext;
template <typename T>
struct ObjectViewBase {
uptr GetSize() const { return sizeof(T); }
};
// Provides the implementation of the `ObjectView` abstraction for efficient
// views on in-process objects of type `ObjectTy`. This implementation does not
// make copies of objects and thus does not allocate any storage for these
// copies.
//
// Generic in/out-of-process code should only use the subset of the interface
// shared between `LocalObjectView` and `RemoteObjectView`.
template <typename ObjectTy>
struct LocalObjectView : ObjectViewBase<ObjectTy> {
private:
uptr target_address;
public:
using ObjectType = ObjectTy;
ALWAYS_INLINE LocalObjectView(uptr target_address, VMReadContext* ctx)
: target_address(target_address) {}
// Convenience constructor.
ALWAYS_INLINE LocalObjectView(ObjectTy* target_address)
: LocalObjectView(reinterpret_cast<uptr>(target_address), nullptr) {}
~LocalObjectView() {}
// Forbid copying in most cases.
LocalObjectView(const LocalObjectView&) = delete;
// We implement the move constructor so that `MakeSliceView(...)` works.
LocalObjectView(const LocalObjectView&& other)
: target_address(other.target_address) {}
LocalObjectView& operator=(const LocalObjectView&) = delete;
LocalObjectView& operator=(const LocalObjectView&&) = delete;
ALWAYS_INLINE bool IsLocal() const { return true; }
ALWAYS_INLINE bool IsValid() const { return true; }
ALWAYS_INLINE VMReadContext* GetReadContext() { return nullptr; }
// Can't return `const ObjectTy*` because on some paths
// we may need to modify the object.
ALWAYS_INLINE ObjectTy* GetLocalAddress() const {
return reinterpret_cast<ObjectTy*>(target_address);
}
ALWAYS_INLINE uptr GetTargetAddress() { return target_address; }
// `LargeAllocTy` and `SmallAllocTy` are intended for use by generic
// in/out-of-process code to make decisions on what type of storage is
// required for an object view.
//
// For views on local objects no copy is necessary so we just provide
// `LocalObjectView` so that no storage allocations are performed.
template <typename OtherObjectTy>
using LargeAllocTy = LocalObjectView<OtherObjectTy>;
template <typename OtherObjectTy>
using SmallAllocTy = LocalObjectView<OtherObjectTy>;
// Provides a type-safe and convenient way of creating a `LocalObjectView` of
// a field of a struct or class from an existing `LocalObjectView`.
//
// Example:
// ```
// class Foo {
// public:
// int a_field;
// };
//
// Foo foo_object;
// LocalObjectView<Foo> foo_view(&foo_object);
//
// // Create view into the `a_field` member variable
// // using a member pointer to `a_field`.
// LocalObjectView<int> a_field_view = foo_view.MakeSliceView(&Foo::a_field);
// ```
template <
typename OtherObjectTy, typename Q = ObjectTy,
typename std::enable_if<std::is_class<Q>::value>::type* dummy = nullptr>
ALWAYS_INLINE LocalObjectView<OtherObjectTy> MakeSliceView(
OtherObjectTy Q::*member_ptr) const {
const OtherObjectTy* ptr = &(GetLocalAddress()->*member_ptr);
return LocalObjectView<OtherObjectTy>(reinterpret_cast<uptr>(ptr), nullptr);
}
};
}; // namespace __sanitizer
#endif

lib/sanitizer_common/sanitizer_remote_object_view.h

  • This file was added.
//===-- sanitizer_remote_object_view.h --------------------------*- C++ -*-===//
//
// The LLVM Compiler Infrastructure
//
// This file is distributed under the University of Illinois Open Source
// License. See LICENSE.TXT for details.
//
//===----------------------------------------------------------------------===//
//
// The "remote" (i.e. out-of-process) implementation of the `ObjectView`
// abstraction.
//
//===----------------------------------------------------------------------===//
#ifndef SANITIZER_REMOTE_OBJECT_VIEW_H
#define SANITIZER_REMOTE_OBJECT_VIEW_H
#include <type_traits>
#include <utility> // For std::move
#include "sanitizer_internal_defs.h"
#include "sanitizer_local_object_view.h"
#include "sanitizer_vm_read_context.h"
namespace __sanitizer {
// Implements stack-based storage for an object of type `ObjectTy`.
template <typename ObjectTy>
struct StackStorage {
private:
u8 storage[sizeof(ObjectTy)];
uptr target_address = 0;
public:
StackStorage() {}
~StackStorage() {}
// Prevent copying.
StackStorage(const StackStorage&) = delete;
StackStorage(const StackStorage&&) = delete;
StackStorage& operator=(const StackStorage&) = delete;
StackStorage& operator=(const StackStorage&&) = delete;
bool DoRead(uptr target_address, VMReadContext* read_context) {
static_assert(sizeof(storage) == sizeof(ObjectTy), "Size mismatch");
bool success = read_context->Read(target_address, sizeof(ObjectTy));
if (!success)
return false;
this->target_address = target_address;
// Copy into our own storage.
internal_memcpy(storage, read_context->GetLocalAddress(), sizeof(storage));
return true;
}
ObjectTy* GetLocalAddress() { return reinterpret_cast<ObjectTy*>(storage); }
uptr GetTargetAddress() { return target_address; }
};
// Implements mmap-based storage for an object of type `ObjectTy`.
template <typename ObjectTy>
struct MmapStorage {
private:
void* storage_ptr = 0;
uptr target_address = 0;
uptr storage_size = 0;
public:
MmapStorage() {
// Should we zero our storage? Mmap might guarantee this?
storage_size = RoundUpTo(sizeof(ObjectTy), GetPageSizeCached());
CHECK_GE(storage_size, sizeof(ObjectTy));
storage_ptr = MmapOrDie(storage_size, "MmapStorage", /*raw_report=*/false);
}
~MmapStorage() { UnmapOrDie(storage_ptr, storage_size); }
// Prevent copying.
MmapStorage(const MmapStorage&) = delete;
MmapStorage(const MmapStorage&&) = delete;
MmapStorage& operator=(const MmapStorage&) = delete;
MmapStorage& operator=(const MmapStorage&&) = delete;
bool DoRead(uptr target_address, VMReadContext* read_context) {
if (!storage_ptr)
return false;
bool success = read_context->Read(target_address, sizeof(ObjectTy));
if (!success)
return false;
this->target_address = target_address;
// Copy into our own storage.
internal_memcpy(storage_ptr, read_context->GetLocalAddress(),
sizeof(ObjectTy));
return true;
}
ObjectTy* GetLocalAddress() {
return reinterpret_cast<ObjectTy*>(storage_ptr);
}
uptr GetTargetAddress() { return target_address; }
};
// Forward decl
template <typename ObjectTy>
struct SliceStorage;
// Provides the implementation of the `ObjectView` abstraction
// for view on out-of-process objects of type `ObjectTy`.
//
// This implementation takes a `StorageTy` template parameter
// which specifies what type of storage should be used to hold
// the copy of an object from another process. This should
// be `StackStorage`, `MmapStorage`, or `SliceStorage`.
//
// Despite being called `RemoteObjectView` it is possible to use
// this abstraction to provide a view into in-process objects.
// However this might perform allocation and copy operations.
// To avoid this it is advised to use `LocalObjectView` when
// doing in-process operations.
//
// Generic in/out-of-process code should only use the subset of the interface
// shared between `LocalObjectView` and `RemoteObjectView`.
template <typename ObjectTy, template <typename> class StorageTy>
struct RemoteObjectView : ObjectViewBase<ObjectTy> {
template <typename, template <typename> class>
friend struct RemoteObjectView;
private:
StorageTy<ObjectTy> storage;
VMReadContext* read_context;
bool is_valid = false;
public:
using ObjectType = ObjectTy;
RemoteObjectView(uptr target_address, VMReadContext* ctx)
: read_context(ctx) {
// Note: Storage has to perform read because the SliceStorage is fake
// storage
is_valid = storage.DoRead(target_address, ctx);
}
~RemoteObjectView() {}
// Forbid copying in most cases.
RemoteObjectView(const RemoteObjectView&) = delete;
// We implement the move constructor so that `MakeSliceView(...)` works.
// Calling this deliberately doesn't work when `StorageTy` is `StackStorage`
// or `MmapStorage` due to these classes having deleted move constructors.
RemoteObjectView(const RemoteObjectView&& other)
: storage(std::move(other.storage)),
read_context(other.read_context),
is_valid(other.is_valid) {}
RemoteObjectView& operator=(const RemoteObjectView&) = delete;
RemoteObjectView& operator=(const RemoteObjectView&&) = delete;
bool IsLocal() const { return read_context->IsLocal(); }
bool IsValid() const { return is_valid; }
VMReadContext* GetReadContext() { return read_context; }
// Can't be `const ObjectTy*` because on some paths
// we may need to modify the object.
ObjectTy* GetLocalAddress() { return storage.GetLocalAddress(); }
uptr GetTargetAddress() { return storage.GetTargetAddress(); }
// These types are intended for use from generic in/out-of-process
// code to make decisions on the type of allocation required.
// `SmallAllocTy` is intended for use on small objects that can
// be allocated on the stack.
//
template <typename OtherObjectTy>
using SmallAllocTy = RemoteObjectView<OtherObjectTy, StackStorage>;
// `LargeAllocTy` is intended for large objects that cannot be
// allocated on the stack.
template <typename OtherObjectTy>
using LargeAllocTy = RemoteObjectView<OtherObjectTy, MmapStorage>;
// Provides a type-safe and convenient way of creating a `RemoteObjectView` of
// a field of a struct or class from an existing `LocalObjectView`.
//
// Example:
// ```
// class Foo {
// public:
// int a_field;
// };
//
// uptr remote_foo_ptr = ... ; // get from somewhere
// VMReadContext read_ctx(/* config */, /* process);
// RemoteObjectView<Foo, StackStorage> foo_view(remote_foo_ptr, &read_ctx);
//
// // Create view into the `a_field` member variable
// // using a member pointer to `a_field`.
// RemoteObjectView<int, SliceStorage> a_field_view =
// foo_view.MakeSliceView(&Foo::a_field);
// ```
template <
typename OtherObjectTy, typename Q = ObjectTy,
typename std::enable_if<std::is_class<Q>::value>::type* dummy = nullptr>
RemoteObjectView<OtherObjectTy, SliceStorage> MakeSliceView(
OtherObjectTy Q::*member_ptr) {
const OtherObjectTy* ptr = &(GetLocalAddress()->*member_ptr);
uptr slice_target_address =
GetTargetAddress() + (reinterpret_cast<uptr>(ptr) -
reinterpret_cast<uptr>(GetLocalAddress()));
CHECK_GE(slice_target_address, GetTargetAddress());
RemoteObjectView<OtherObjectTy, SliceStorage> sv(slice_target_address,
read_context);
// Now update with a pointer into existing storage.
sv.storage.ptr_into_slice = reinterpret_cast<uptr>(ptr);
return sv;
}
};
// Implements fake storage that for provides a slice view into
// existing storage.
//
// Users of this storage type need to be careful that the lifetime of the
// underlying storage that the `SliceStorage` uses is a supserset of the
// `SliceStorage` lifetime. This is because `SliceStorage` does not own its own
// storage and no compile-time or run-time checks are implemented to ensure
// this.
//
// Clients should not use this type directly and instead should use the
// `RemoteObjectView::MakeSliceView(...)` method instead.
template <typename ObjectTy>
struct SliceStorage {
// SliceStorage doesn't really own its own storage.
// This means clients need to make sure the scope of the true
// storage out lives
template <typename, template <typename> class>
friend struct RemoteObjectView;
private:
uptr ptr_into_slice = 0; // Only RemoteObjectView should modify this.
uptr target_address = 0;
public:
SliceStorage() {}
~SliceStorage() {}
// Forbid copying in most cases.
SliceStorage(const SliceStorage&) = delete;
// We implement the move constructor so that
// `RemoteObjectView::MakeSliceView()` works.
SliceStorage(const SliceStorage&& other)
: ptr_into_slice(other.ptr_into_slice),
target_address(other.target_address) {}
SliceStorage& operator=(const SliceStorage&) = delete;
SliceStorage& operator=(const SliceStorage&&) = delete;
bool DoRead(uptr target_address, VMReadContext* read_context) {
// Don't do anything. Instead let RemoteObjectView initialise
// us.
this->target_address = target_address;
return true;
}
ObjectTy* GetLocalAddress() {
return reinterpret_cast<ObjectTy*>(ptr_into_slice);
}
uptr GetTargetAddress() { return target_address; }
};
} // namespace __sanitizer
#endif

lib/sanitizer_common/sanitizer_vm_read_context.h

  • This file was added.
//===-- sanitizer_vm_read_context.h -----------------------------*- C++ -*-===//
//
// The LLVM Compiler Infrastructure
//
// This file is distributed under the University of Illinois Open Source
// License. See LICENSE.TXT for details.
//
//===----------------------------------------------------------------------===//
//
// `VMReadContext` is a low-level abstraction the allows clients to read the
// memory of a target process.
//
// `RemoteObjectView` should be used in preference to `VMReadContext`.
//
//===----------------------------------------------------------------------===//
#ifndef SANITIZER_VM_READ_CONTEXT_H
#define SANITIZER_VM_READ_CONTEXT_H
#include "sanitizer_internal_defs.h"
#include "sanitizer_platform.h"
namespace __sanitizer {
class VMReadContext {
public:
typedef __sanitizer::process_vm_read_handle_t ProcessHandle;
private:
uptr local_address;
uptr target_address;
u64 size;
void* config;
ProcessHandle target_process;
bool is_local;
public:
// Out-of-process mode constructor
VMReadContext(void* config, ProcessHandle target_process);
// In-process mode constructor
VMReadContext();
VMReadContext(const VMReadContext&) = delete;
// Return the address to memory in the current process that
// is a copy of memory from the target process.
//
// Returns `nullptr` if no successful read has been performed.
void* GetLocalAddress() const { return (void*)local_address; }
// Return the address provided to the last successful
// `Read()` call.
//
// Returns `0` if no successful read has been performed.
uptr GetTargetAddress() const { return target_address; }
// Return the size of the memory chunk requested in the last
// successful `Read()` call.
//
// Returns `0` if no successful read has been performed.
u64 GetSize() { return size; }
// Reset the state of `VMReadContext` to the state it was in
// after calling the `VMReadContext` constructor.
//
// The state of the memory returned by previous calls
// to `GetLocalAddress()` should be assumed to be invalid.
void Reset();
// Returns true iff `VMReadContext` is set up to read memory from the same
// process in which it is being called from.
bool IsLocal() const { return is_local; }
ProcessHandle GetTargetProcess() { return target_process; }
// Read memory from a remote process. The memory will accessible at the
// address pointed to by `GetLocalAddress()`.
//
// The lifetime of the memory allocated by the `Read()` is valid until the
// next call to `Read()` or `Reset()`.
//
// Returns `true` on a sucessful read and `false` otherwise.
bool Read(uptr target_address, u64 size);
};
} // namespace __sanitizer
#endif

lib/sanitizer_common/sanitizer_vm_read_context_common.cc

  • This file was added.
//===-- sanitizer_vm_read_context_common.cc ---------------------*- C++ -*-===//
//
// The LLVM Compiler Infrastructure
//
// This file is distributed under the University of Illinois Open Source
// License. See LICENSE.TXT for details.
//
//===----------------------------------------------------------------------===//
//
// Implementation of `VMReadContext` methods common to all
// platforms.
//
//===----------------------------------------------------------------------===//
#include "sanitizer_common.h"
#include "sanitizer_platform.h"
#include "sanitizer_vm_read_context.h"
namespace __sanitizer {
void VMReadContext::Reset() {
local_address = 0;
target_address = 0;
size = 0;
}
} // namespace __sanitizer

lib/sanitizer_common/sanitizer_vm_read_context_mac.cc

  • This file was added.
//===-- sanitizer_vm_read_context_mac.cc ------------------------*- C++ -*-===//
//
// The LLVM Compiler Infrastructure
//
// This file is distributed under the University of Illinois Open Source
// License. See LICENSE.TXT for details.
//
//===----------------------------------------------------------------------===//
//
// Implementation of `VMReadContext` for Apple platforms.
//
//===----------------------------------------------------------------------===//
#include "sanitizer_platform.h"
#if SANITIZER_MAC
#include <mach/mach_init.h>
#include "sanitizer_common.h"
#include "sanitizer_libc.h"
#include "sanitizer_vm_read_context.h"
// Taken from <malloc/malloc.h>
typedef kern_return_t memory_reader_t(task_t remote_task,
vm_address_t remote_address,
vm_size_t size, void** local_memory);
namespace __sanitizer {
VMReadContext::VMReadContext(void* config, ProcessHandle target_process)
: local_address(0),
target_address(0),
size(0),
config(config),
target_process(target_process),
is_local(false) {
if (config == nullptr || mach_task_self() == target_process) {
is_local = true;
}
}
VMReadContext::VMReadContext() : VMReadContext(nullptr, mach_task_self()) {}
bool VMReadContext::Read(uptr target_address, u64 size) {
if (is_local) {
// The remote is the current process, copy isn't necessary.
local_address = target_address;
this->size = size;
return true;
}
CHECK_NE(config, nullptr);
CHECK_GT(size, 0);
memory_reader_t* native_reader = (memory_reader_t*)config;
kern_return_t result = native_reader(target_process, target_address, size,
(void**)(&(local_address)));
if (result == KERN_SUCCESS) {
this->target_address = target_address;
this->size = size;
return true;
}
Report("Failed to read %p of size %d from remote process. Error code: %d\n",
target_address, size, result);
// Reset the fields.
Reset();
return false;
}
} // namespace __sanitizer
#endif

lib/sanitizer_common/sanitizer_vm_read_context_stubs.cc

  • This file was added.
//===-- sanitizer_vm_read_context_stubs.cc --------------------*- C++ -*-===//
//
// The LLVM Compiler Infrastructure
//
// This file is distributed under the University of Illinois Open Source
// License. See LICENSE.TXT for details.
//
//===----------------------------------------------------------------------===//
//
// Stub implementation of `VMReadContext` for non-Apple
// platforms.
//
//===----------------------------------------------------------------------===//
#include "sanitizer_platform.h"
#if !SANITIZER_MAC
#include "sanitizer_common.h"
#include "sanitizer_vm_read_context.h"
namespace __sanitizer {
VMReadContext::VMReadContext(void* config, ProcessHandle target_process)
: target_address(0),
local_address(0),
size(0),
config(0),
target_process(0),
is_local(true) {
// Only in-process reading is allowed in
// stub implementation.
CHECK_EQ(config, nullptr);
CHECK_EQ(target_process, 0);
}
VMReadContext::VMReadContext() : VMReadContext(nullptr, 0) {}
bool VMReadContext::Read(uptr target_address, u64 size) {
// Stub implementation should only ever
// do in-process read.
CHECK_EQ(reader, nullptr);
CHECK_EQ(remote, 0);
this->local_address = target_address;
this->target_address = target_address;
this->size = size;
return true;
}
} // namespace __sanitizer
#endif

lib/sanitizer_common/tests/sanitizer_allocator_test.cc

//===-- sanitizer_allocator_test.cc ---------------------------------------===// //===-- sanitizer_allocator_test.cc ---------------------------------------===//
// //
// The LLVM Compiler Infrastructure // The LLVM Compiler Infrastructure
// //
// This file is distributed under the University of Illinois Open Source // This file is distributed under the University of Illinois Open Source
// License. See LICENSE.TXT for details. // License. See LICENSE.TXT for details.
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// //
// This file is a part of ThreadSanitizer/AddressSanitizer runtime. // This file is a part of ThreadSanitizer/AddressSanitizer runtime.
// Tests for sanitizer_allocator.h. // Tests for sanitizer_allocator.h.
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
#include "sanitizer_common/sanitizer_allocator.h" #include "sanitizer_common/sanitizer_allocator.h"
#include "sanitizer_common/sanitizer_allocator_internal.h" #include "sanitizer_common/sanitizer_allocator_internal.h"
#include "sanitizer_common/sanitizer_common.h" #include "sanitizer_common/sanitizer_common.h"
#include "sanitizer_common/sanitizer_remote_object_view.h"
#include "sanitizer_test_utils.h" #include "sanitizer_test_utils.h"
#include "sanitizer_pthread_wrappers.h" #include "sanitizer_pthread_wrappers.h"
#include "gtest/gtest.h" #include "gtest/gtest.h"
#include <stdio.h> #include <stdio.h>
#include <stdlib.h> #include <stdlib.h>
#include <algorithm> #include <algorithm>
#include <vector> #include <vector>
#include <random> #include <random>
#include <set> #include <set>
using namespace __sanitizer; using namespace __sanitizer;
// Too slow for debug build
#if !SANITIZER_DEBUG
#if SANITIZER_CAN_USE_ALLOCATOR64 #if SANITIZER_CAN_USE_ALLOCATOR64
#if SANITIZER_WINDOWS #if SANITIZER_WINDOWS
// On Windows 64-bit there is no easy way to find a large enough fixed address // On Windows 64-bit there is no easy way to find a large enough fixed address
// space that is always available. Thus, a dynamically allocated address space // space that is always available. Thus, a dynamically allocated address space
// is used instead (i.e. ~(uptr)0). // is used instead (i.e. ~(uptr)0).
static const uptr kAllocatorSpace = ~(uptr)0; static const uptr kAllocatorSpace = ~(uptr)0;
static const uptr kAllocatorSize = 0x8000000000ULL; // 500G static const uptr kAllocatorSize = 0x8000000000ULL; // 500G
โ–ฒ Show 20 Lines โ€ข Show All 827 Lines โ€ข โ–ผ Show 20 Lines for (uptr s = 0; s < ARRAY_SIZE(sizes); s++) {
for (uptr j = 0; j < n_iter; j++) { for (uptr j = 0; j < n_iter; j++) {
uptr class_id0 = Allocator::SizeClassMapT::ClassID(size); uptr class_id0 = Allocator::SizeClassMapT::ClassID(size);
void *x = cache.Allocate(a, class_id0); void *x = cache.Allocate(a, class_id0);
allocated.push_back(x); allocated.push_back(x);
} }
} }
std::set<uptr> reported_chunks; std::set<uptr> reported_chunks;
std::set<uptr> reported_chunks_oop;
VMReadContext read_context; // In-process read interface
RemoteObjectView<Allocator, MmapStorage> remote_view(
reinterpret_cast<uptr>(a), &read_context);
ASSERT_TRUE(remote_view.IsValid());
a->ForceLock(); a->ForceLock();
a->ForEachChunk(IterationTestCallback, &reported_chunks); a->ForEachChunk(IterationTestCallback, &reported_chunks);
// Test RemoteObjectView interface.
Allocator::ForEachChunkOOP(IterationTestCallback, &reported_chunks_oop,
&remote_view);
a->ForceUnlock(); a->ForceUnlock();
ASSERT_EQ(reported_chunks, reported_chunks_oop);
for (uptr i = 0; i < allocated.size(); i++) { for (uptr i = 0; i < allocated.size(); i++) {
// Don't use EXPECT_NE. Reporting the first mismatch is enough. // Don't use EXPECT_NE. Reporting the first mismatch is enough.
ASSERT_NE(reported_chunks.find(reinterpret_cast<uptr>(allocated[i])), ASSERT_NE(reported_chunks.find(reinterpret_cast<uptr>(allocated[i])),
reported_chunks.end()); reported_chunks.end());
ASSERT_NE(reported_chunks_oop.find(reinterpret_cast<uptr>(allocated[i])),
reported_chunks_oop.end());
} }
a->TestOnlyUnmap(); a->TestOnlyUnmap();
delete a; delete a;
} }
#if SANITIZER_CAN_USE_ALLOCATOR64 #if SANITIZER_CAN_USE_ALLOCATOR64
// These tests can fail on Windows if memory is somewhat full and lit happens // These tests can fail on Windows if memory is somewhat full and lit happens
Show All 21 LinesTEST(SanitizerCommon, LargeMmapAllocatorIteration) {
static const uptr kNumAllocs = 1000; static const uptr kNumAllocs = 1000;
char *allocated[kNumAllocs]; char *allocated[kNumAllocs];
static const uptr size = 40; static const uptr size = 40;
// Allocate some. // Allocate some.
for (uptr i = 0; i < kNumAllocs; i++) for (uptr i = 0; i < kNumAllocs; i++)
allocated[i] = (char *)a.Allocate(&stats, size, 1); allocated[i] = (char *)a.Allocate(&stats, size, 1);
std::set<uptr> reported_chunks; std::set<uptr> reported_chunks;
std::set<uptr> reported_chunks_oop;
VMReadContext read_context; // In-process read interface
RemoteObjectView<decltype(a), MmapStorage> remote_view(
reinterpret_cast<uptr>(&a), &read_context);
a.ForceLock(); a.ForceLock();
a.ForEachChunk(IterationTestCallback, &reported_chunks); a.ForEachChunk(IterationTestCallback, &reported_chunks);
decltype(a)::ForEachChunkOOP(IterationTestCallback, &reported_chunks_oop,
&remote_view);
a.ForceUnlock(); a.ForceUnlock();
ASSERT_EQ(reported_chunks, reported_chunks_oop);
ASSERT_EQ(reported_chunks_oop.size(), reported_chunks.size());
ASSERT_EQ(reported_chunks.size(), kNumAllocs);
for (uptr i = 0; i < kNumAllocs; i++) { for (uptr i = 0; i < kNumAllocs; i++) {
// Don't use EXPECT_NE. Reporting the first mismatch is enough. // Don't use EXPECT_NE. Reporting the first mismatch is enough.
ASSERT_NE(reported_chunks.find(reinterpret_cast<uptr>(allocated[i])), ASSERT_NE(reported_chunks.find(reinterpret_cast<uptr>(allocated[i])),
reported_chunks.end()); reported_chunks.end());
ASSERT_NE(reported_chunks_oop.find(reinterpret_cast<uptr>(allocated[i])),
reported_chunks_oop.end());
} }
for (uptr i = 0; i < kNumAllocs; i++) for (uptr i = 0; i < kNumAllocs; i++)
a.Deallocate(&stats, allocated[i]); a.Deallocate(&stats, allocated[i]);
} }
TEST(SanitizerCommon, LargeMmapAllocatorBlockBegin) { TEST(SanitizerCommon, LargeMmapAllocatorBlockBegin) {
LargeMmapAllocator<NoOpMapUnmapCallback> a; LargeMmapAllocator<NoOpMapUnmapCallback> a;
a.Init(); a.Init();
โ–ฒ Show 20 Lines โ€ข Show All 421 Lines โ€ข โ–ผ Show 20 LinesTEST(SanitizerCommon, ThreadedTwoLevelByteMap) {
} }
EXPECT_EQ((uptr)TestMapUnmapCallback::map_count, m.size1()); EXPECT_EQ((uptr)TestMapUnmapCallback::map_count, m.size1());
EXPECT_EQ((uptr)TestMapUnmapCallback::unmap_count, 0UL); EXPECT_EQ((uptr)TestMapUnmapCallback::unmap_count, 0UL);
m.TestOnlyUnmap(); m.TestOnlyUnmap();
EXPECT_EQ((uptr)TestMapUnmapCallback::map_count, m.size1()); EXPECT_EQ((uptr)TestMapUnmapCallback::map_count, m.size1());
EXPECT_EQ((uptr)TestMapUnmapCallback::unmap_count, m.size1()); EXPECT_EQ((uptr)TestMapUnmapCallback::unmap_count, m.size1());
} }
#endif // #if !SANITIZER_DEBUG