This is an archive of the discontinued LLVM Phabricator instance.

Paths

Table of Contentst

-
compiler-rt/lib/scudo/standalone/
-
lib/
-
scudo/
-
standalone/
-
primary32.h
-
primary64.h

Differential D75551

[scudo][standalone] Do not fill 32b regions at once
ClosedPublic

Authored by cryptoad on Mar 3 2020, 11:16 AM.

Download Raw Diff

Details

Reviewers

hctim
pcc
eugenis
cferris

Commits

rGa0e86420ae72: [scudo][standalone] Do not fill 32b regions at once

Summary

For the 32b primary, whenever we created a region, we would fill it
all at once (eg: create all the transfer batches for all the blocks
in that region). This wasn't ideal as all the potential blocks in
a newly created region might not be consummed right away, and it was
using extra memory (and release cycles) to keep all those free
blocks.

So now we keep track of the current region for a given class, and
how filled it is, carving out at most MaxNumBatches worth of
blocks at a time.

Additionally, lower MaxNumBatches on Android from 8 to 4. This
lowers the randomness of blocks, which isn't ideal for security, but
keeps things more clumped up for PSS/RSS accounting purposes.

Diff Detail

Repository: rG LLVM Github Monorepo

Event Timeline

cryptoad created this revision.Mar 3 2020, 11:16 AM

Herald added projects: Restricted Project, Restricted Project. · View Herald TranscriptMar 3 2020, 11:16 AM

Herald added subscribers: llvm-commits, Restricted Project. · View Herald Transcript

For the current region, only release up to the current size.

cryptoad added reviewers: hctim, pcc, eugenis, cferris.Mar 3 2020, 2:52 PM

This all looks reasonable to me, but the code in populateFreeList is dense. It might be useful to have some block-level comments to abstract over the nuance.

This revision is now accepted and ready to land.Mar 4 2020, 8:09 AM

The performance after this change is slightly worse for 32 bit, but not by much. and a lot of time seems to be within the variance However, it dramatically reduces the RSS for dex2oat, where it's much closer to jemalloc. It also reduces some of the traces RSS, but not by a large margin.

Commenting populateFreeList, with some additional white-line
separation for code blocks.

Additionally I removed the update to LastReleaseAtNs in said function,
we check for enough PushedBlocks in releaseToOS anyway, which is
not affected by populateFreeList, so updating the timer didn't add
anything.

Closed by commit rGa0e86420ae72: [scudo][standalone] Do not fill 32b regions at once (authored by cryptoad). · Explain WhyMar 4 2020, 2:41 PM

This revision was automatically updated to reflect the committed changes.

Revision Contents

Path

Size

compiler-rt/

lib/

scudo/

standalone/

primary32.h

78 lines

primary64.h

11 lines

Diff 248323

compiler-rt/lib/scudo/standalone/primary32.h

Show First 20 Lines • Show All 66 Lines • ▼ Show 20 Lines	public:
void initLinkerInitialized(s32 ReleaseToOsInterval) {		void initLinkerInitialized(s32 ReleaseToOsInterval) {
if (SCUDO_FUCHSIA)		if (SCUDO_FUCHSIA)
reportError("SizeClassAllocator32 is not supported on Fuchsia");		reportError("SizeClassAllocator32 is not supported on Fuchsia");

PossibleRegions.initLinkerInitialized();		PossibleRegions.initLinkerInitialized();
MinRegionIndex = NumRegions; // MaxRegionIndex is already initialized to 0.		MinRegionIndex = NumRegions; // MaxRegionIndex is already initialized to 0.

u32 Seed;		u32 Seed;
		const u64 Time = getMonotonicTime();
if (UNLIKELY(!getRandom(reinterpret_cast<void *>(&Seed), sizeof(Seed))))		if (UNLIKELY(!getRandom(reinterpret_cast<void *>(&Seed), sizeof(Seed))))
Seed =		Seed = static_cast<u32>(
static_cast<u32>(getMonotonicTime() ^		Time ^ (reinterpret_cast<uptr>(SizeClassInfoArray) >> 6));
(reinterpret_cast<uptr>(SizeClassInfoArray) >> 6));
const uptr PageSize = getPageSizeCached();		const uptr PageSize = getPageSizeCached();
for (uptr I = 0; I < NumClasses; I++) {		for (uptr I = 0; I < NumClasses; I++) {
SizeClassInfo *Sci = getSizeClassInfo(I);		SizeClassInfo *Sci = getSizeClassInfo(I);
Sci->RandState = getRandomU32(&Seed);		Sci->RandState = getRandomU32(&Seed);
// See comment in the 64-bit primary about releasing smaller size classes.		// See comment in the 64-bit primary about releasing smaller size classes.
Sci->CanRelease = (I != SizeClassMap::BatchClassId) &&		Sci->CanRelease = (I != SizeClassMap::BatchClassId) &&
(getSizeByClassId(I) >= (PageSize / 32));		(getSizeByClassId(I) >= (PageSize / 32));
		if (Sci->CanRelease)
		Sci->ReleaseInfo.LastReleaseAtNs = Time;
}		}
setReleaseToOsIntervalMs(ReleaseToOsInterval);		setReleaseToOsIntervalMs(ReleaseToOsInterval);
}		}
void init(s32 ReleaseToOsInterval) {		void init(s32 ReleaseToOsInterval) {
memset(this, 0, sizeof(*this));		memset(this, 0, sizeof(*this));
initLinkerInitialized(ReleaseToOsInterval);		initLinkerInitialized(ReleaseToOsInterval);
}		}

▲ Show 20 Lines • Show All 109 Lines • ▼ Show 20 Lines	public:

bool useMemoryTagging() { return false; }		bool useMemoryTagging() { return false; }
void disableMemoryTagging() {}		void disableMemoryTagging() {}

private:		private:
static const uptr NumClasses = SizeClassMap::NumClasses;		static const uptr NumClasses = SizeClassMap::NumClasses;
static const uptr RegionSize = 1UL << RegionSizeLog;		static const uptr RegionSize = 1UL << RegionSizeLog;
static const uptr NumRegions = SCUDO_MMAP_RANGE_SIZE >> RegionSizeLog;		static const uptr NumRegions = SCUDO_MMAP_RANGE_SIZE >> RegionSizeLog;
		static const u32 MaxNumBatches = SCUDO_ANDROID ? 4U : 8U;
typedef FlatByteMap<NumRegions> ByteMap;		typedef FlatByteMap<NumRegions> ByteMap;

struct SizeClassStats {		struct SizeClassStats {
uptr PoppedBlocks;		uptr PoppedBlocks;
uptr PushedBlocks;		uptr PushedBlocks;
};		};

struct ReleaseToOsInfo {		struct ReleaseToOsInfo {
uptr PushedBlocksAtLastRelease;		uptr PushedBlocksAtLastRelease;
uptr RangesReleased;		uptr RangesReleased;
uptr LastReleasedBytes;		uptr LastReleasedBytes;
u64 LastReleaseAtNs;		u64 LastReleaseAtNs;
};		};

struct ALIGNED(SCUDO_CACHE_LINE_SIZE) SizeClassInfo {		struct ALIGNED(SCUDO_CACHE_LINE_SIZE) SizeClassInfo {
HybridMutex Mutex;		HybridMutex Mutex;
SinglyLinkedList<TransferBatch> FreeList;		SinglyLinkedList<TransferBatch> FreeList;
		uptr CurrentRegion;
		uptr CurrentRegionAllocated;
SizeClassStats Stats;		SizeClassStats Stats;
bool CanRelease;		bool CanRelease;
u32 RandState;		u32 RandState;
uptr AllocatedUser;		uptr AllocatedUser;
ReleaseToOsInfo ReleaseInfo;		ReleaseToOsInfo ReleaseInfo;
};		};
static_assert(sizeof(SizeClassInfo) % SCUDO_CACHE_LINE_SIZE == 0, "");		static_assert(sizeof(SizeClassInfo) % SCUDO_CACHE_LINE_SIZE == 0, "");

▲ Show 20 Lines • Show All 74 Lines • ▼ Show 20 Lines	for (uptr I = 0; I < Count; I++) {
B->add(PointersArray[I]);		B->add(PointersArray[I]);
}		}
*CurrentBatch = B;		*CurrentBatch = B;
return true;		return true;
}		}

NOINLINE TransferBatch populateFreeList(CacheT C, uptr ClassId,		NOINLINE TransferBatch populateFreeList(CacheT C, uptr ClassId,
SizeClassInfo *Sci) {		SizeClassInfo *Sci) {
const uptr Region = allocateRegion(ClassId);		uptr Region;
		uptr Offset;
		// If the size-class currently has a region associated to it, use it. The
		// newly created blocks will be located after the currently allocated memory
		// for that region (up to RegionSize). Otherwise, create a new region, where
		// the new blocks will be carved from the beginning.
		if (Sci->CurrentRegion) {
		Region = Sci->CurrentRegion;
		DCHECK_GT(Sci->CurrentRegionAllocated, 0U);
		Offset = Sci->CurrentRegionAllocated;
		} else {
		DCHECK_EQ(Sci->CurrentRegionAllocated, 0U);
		Region = allocateRegion(ClassId);
if (UNLIKELY(!Region))		if (UNLIKELY(!Region))
return nullptr;		return nullptr;
C->getStats().add(StatMapped, RegionSize);		C->getStats().add(StatMapped, RegionSize);
		Sci->CurrentRegion = Region;
		Offset = 0;
		}

const uptr Size = getSizeByClassId(ClassId);		const uptr Size = getSizeByClassId(ClassId);
const u32 MaxCount = TransferBatch::getMaxCached(Size);		const u32 MaxCount = TransferBatch::getMaxCached(Size);
DCHECK_GT(MaxCount, 0);		DCHECK_GT(MaxCount, 0U);
const uptr NumberOfBlocks = RegionSize / Size;		// The maximum number of blocks we should carve in the region is dictated
DCHECK_GT(NumberOfBlocks, 0);		// by the maximum number of batches we want to fill, and the amount of
		// memory left in the current region (we use the lowest of the two). This
		// will not be 0 as we ensure that a region can at least hold one block (via
		// static_assert and at the end of this function).
		const u32 NumberOfBlocks =
		Min(MaxNumBatches * MaxCount,
		static_cast<u32>((RegionSize - Offset) / Size));
		DCHECK_GT(NumberOfBlocks, 0U);

TransferBatch *B = nullptr;		TransferBatch *B = nullptr;
constexpr u32 ShuffleArraySize = 8U * TransferBatch::MaxNumCached;		constexpr u32 ShuffleArraySize =
		MaxNumBatches * TransferBatch::MaxNumCached;
		// Fill the transfer batches and put them in the size-class freelist. We
		// need to randomize the blocks for security purposes, so we first fill a
		// local array that we then shuffle before populating the batches.
void *ShuffleArray[ShuffleArraySize];		void *ShuffleArray[ShuffleArraySize];
u32 Count = 0;		u32 Count = 0;
const uptr AllocatedUser = Size * NumberOfBlocks;		const uptr AllocatedUser = Size * NumberOfBlocks;
for (uptr I = Region; I < Region + AllocatedUser; I += Size) {		for (uptr I = Region + Offset; I < Region + Offset + AllocatedUser;
		I += Size) {
ShuffleArray[Count++] = reinterpret_cast<void *>(I);		ShuffleArray[Count++] = reinterpret_cast<void *>(I);
if (Count == ShuffleArraySize) {		if (Count == ShuffleArraySize) {
if (UNLIKELY(!populateBatches(C, Sci, ClassId, &B, MaxCount,		if (UNLIKELY(!populateBatches(C, Sci, ClassId, &B, MaxCount,
ShuffleArray, Count)))		ShuffleArray, Count)))
return nullptr;		return nullptr;
Count = 0;		Count = 0;
}		}
}		}
if (Count) {		if (Count) {
if (UNLIKELY(!populateBatches(C, Sci, ClassId, &B, MaxCount, ShuffleArray,		if (UNLIKELY(!populateBatches(C, Sci, ClassId, &B, MaxCount, ShuffleArray,
Count)))		Count)))
return nullptr;		return nullptr;
}		}
DCHECK(B);		DCHECK(B);
if (!Sci->FreeList.empty()) {		if (!Sci->FreeList.empty()) {
Sci->FreeList.push_back(B);		Sci->FreeList.push_back(B);
B = Sci->FreeList.front();		B = Sci->FreeList.front();
Sci->FreeList.pop_front();		Sci->FreeList.pop_front();
}		}
DCHECK_GT(B->getCount(), 0);		DCHECK_GT(B->getCount(), 0);

C->getStats().add(StatFree, AllocatedUser);		C->getStats().add(StatFree, AllocatedUser);
		DCHECK_LE(Sci->CurrentRegionAllocated + AllocatedUser, RegionSize);
		// If there is not enough room in the region currently associated to fit
		// more blocks, we deassociate the region by resetting CurrentRegion and
		// CurrentRegionAllocated. Otherwise, update the allocated amount.
		if (RegionSize - (Sci->CurrentRegionAllocated + AllocatedUser) < Size) {
		Sci->CurrentRegion = 0;
		Sci->CurrentRegionAllocated = 0;
		} else {
		Sci->CurrentRegionAllocated += AllocatedUser;
		}
Sci->AllocatedUser += AllocatedUser;		Sci->AllocatedUser += AllocatedUser;
if (Sci->CanRelease)
Sci->ReleaseInfo.LastReleaseAtNs = getMonotonicTime();
return B;		return B;
}		}

void getStats(ScopedString *Str, uptr ClassId, uptr Rss) {		void getStats(ScopedString *Str, uptr ClassId, uptr Rss) {
SizeClassInfo *Sci = getSizeClassInfo(ClassId);		SizeClassInfo *Sci = getSizeClassInfo(ClassId);
if (Sci->AllocatedUser == 0)		if (Sci->AllocatedUser == 0)
return;		return;
const uptr InUse = Sci->Stats.PoppedBlocks - Sci->Stats.PushedBlocks;		const uptr InUse = Sci->Stats.PoppedBlocks - Sci->Stats.PushedBlocks;
Show All 36 Lines	if (!Force) {
return 0; // Memory was returned recently.		return 0; // Memory was returned recently.
}		}
}		}

// TODO(kostyak): currently not ideal as we loop over all regions and		// TODO(kostyak): currently not ideal as we loop over all regions and
// iterate multiple times over the same freelist if a ClassId spans multiple		// iterate multiple times over the same freelist if a ClassId spans multiple
// regions. But it will have to do for now.		// regions. But it will have to do for now.
uptr TotalReleasedBytes = 0;		uptr TotalReleasedBytes = 0;
const uptr Size = (RegionSize / BlockSize) * BlockSize;		const uptr MaxSize = (RegionSize / BlockSize) * BlockSize;
for (uptr I = MinRegionIndex; I <= MaxRegionIndex; I++) {		for (uptr I = MinRegionIndex; I <= MaxRegionIndex; I++) {
if (PossibleRegions[I] - 1U == ClassId) {		if (PossibleRegions[I] - 1U == ClassId) {
const uptr Region = I * RegionSize;		const uptr Region = I * RegionSize;
		// If the region is the one currently associated to the size-class, we
		// only need to release up to CurrentRegionAllocated, MaxSize otherwise.
		const uptr Size = (Region == Sci->CurrentRegion)
		? Sci->CurrentRegionAllocated
		: MaxSize;
ReleaseRecorder Recorder(Region);		ReleaseRecorder Recorder(Region);
releaseFreeMemoryToOS(Sci->FreeList, Region, Size, BlockSize,		releaseFreeMemoryToOS(Sci->FreeList, Region, Size, BlockSize,
&Recorder);		&Recorder);
if (Recorder.getReleasedRangesCount() > 0) {		if (Recorder.getReleasedRangesCount() > 0) {
Sci->ReleaseInfo.PushedBlocksAtLastRelease = Sci->Stats.PushedBlocks;		Sci->ReleaseInfo.PushedBlocksAtLastRelease = Sci->Stats.PushedBlocks;
Sci->ReleaseInfo.RangesReleased += Recorder.getReleasedRangesCount();		Sci->ReleaseInfo.RangesReleased += Recorder.getReleasedRangesCount();
Sci->ReleaseInfo.LastReleasedBytes = Recorder.getReleasedBytes();		Sci->ReleaseInfo.LastReleasedBytes = Recorder.getReleasedBytes();
TotalReleasedBytes += Sci->ReleaseInfo.LastReleasedBytes;		TotalReleasedBytes += Sci->ReleaseInfo.LastReleasedBytes;
Show All 27 Lines

compiler-rt/lib/scudo/standalone/primary64.h

Show First 20 Lines • Show All 63 Lines • ▼ Show 20 Lines	public:
static bool canAllocate(uptr Size) { return Size <= SizeClassMap::MaxSize; }		static bool canAllocate(uptr Size) { return Size <= SizeClassMap::MaxSize; }

void initLinkerInitialized(s32 ReleaseToOsInterval) {		void initLinkerInitialized(s32 ReleaseToOsInterval) {
// Reserve the space required for the Primary.		// Reserve the space required for the Primary.
PrimaryBase = reinterpret_cast<uptr>(		PrimaryBase = reinterpret_cast<uptr>(
map(nullptr, PrimarySize, "scudo:primary", MAP_NOACCESS, &Data));		map(nullptr, PrimarySize, "scudo:primary", MAP_NOACCESS, &Data));

u32 Seed;		u32 Seed;
		const u64 Time = getMonotonicTime();
if (UNLIKELY(!getRandom(reinterpret_cast<void *>(&Seed), sizeof(Seed))))		if (UNLIKELY(!getRandom(reinterpret_cast<void *>(&Seed), sizeof(Seed))))
Seed = static_cast<u32>(getMonotonicTime() ^ (PrimaryBase >> 12));		Seed = static_cast<u32>(Time ^ (PrimaryBase >> 12));
const uptr PageSize = getPageSizeCached();		const uptr PageSize = getPageSizeCached();
for (uptr I = 0; I < NumClasses; I++) {		for (uptr I = 0; I < NumClasses; I++) {
RegionInfo *Region = getRegionInfo(I);		RegionInfo *Region = getRegionInfo(I);
// The actual start of a region is offseted by a random number of pages.		// The actual start of a region is offseted by a random number of pages.
Region->RegionBeg =		Region->RegionBeg =
getRegionBaseByClassId(I) + (getRandomModN(&Seed, 16) + 1) * PageSize;		getRegionBaseByClassId(I) + (getRandomModN(&Seed, 16) + 1) * PageSize;
		Region->RandState = getRandomU32(&Seed);
// Releasing smaller size classes doesn't necessarily yield to a		// Releasing smaller size classes doesn't necessarily yield to a
// meaningful RSS impact: there are more blocks per page, they are		// meaningful RSS impact: there are more blocks per page, they are
// randomized around, and thus pages are less likely to be entirely empty.		// randomized around, and thus pages are less likely to be entirely empty.
// On top of this, attempting to release those require more iterations and		// On top of this, attempting to release those require more iterations and
// memory accesses which ends up being fairly costly. The current lower		// memory accesses which ends up being fairly costly. The current lower
// limit is mostly arbitrary and based on empirical observations.		// limit is mostly arbitrary and based on empirical observations.
// TODO(kostyak): make the lower limit a runtime option		// TODO(kostyak): make the lower limit a runtime option
Region->CanRelease = (I != SizeClassMap::BatchClassId) &&		Region->CanRelease = (I != SizeClassMap::BatchClassId) &&
(getSizeByClassId(I) >= (PageSize / 32));		(getSizeByClassId(I) >= (PageSize / 32));
Region->RandState = getRandomU32(&Seed);		if (Region->CanRelease)
		Region->ReleaseInfo.LastReleaseAtNs = Time;
}		}
setReleaseToOsIntervalMs(ReleaseToOsInterval);		setReleaseToOsIntervalMs(ReleaseToOsInterval);

if (SupportsMemoryTagging)		if (SupportsMemoryTagging)
UseMemoryTagging = systemSupportsMemoryTagging();		UseMemoryTagging = systemSupportsMemoryTagging();
}		}
void init(s32 ReleaseToOsInterval) {		void init(s32 ReleaseToOsInterval) {
memset(this, 0, sizeof(*this));		memset(this, 0, sizeof(*this));
▲ Show 20 Lines • Show All 111 Lines • ▼ Show 20 Lines
private:		private:
static const uptr RegionSize = 1UL << RegionSizeLog;		static const uptr RegionSize = 1UL << RegionSizeLog;
static const uptr NumClasses = SizeClassMap::NumClasses;		static const uptr NumClasses = SizeClassMap::NumClasses;
static const uptr PrimarySize = RegionSize * NumClasses;		static const uptr PrimarySize = RegionSize * NumClasses;

// Call map for user memory with at least this size.		// Call map for user memory with at least this size.
static const uptr MapSizeIncrement = 1UL << 18;		static const uptr MapSizeIncrement = 1UL << 18;
// Fill at most this number of batches from the newly map'd memory.		// Fill at most this number of batches from the newly map'd memory.
static const u32 MaxNumBatches = 8U;		static const u32 MaxNumBatches = SCUDO_ANDROID ? 4U : 8U;

struct RegionStats {		struct RegionStats {
uptr PoppedBlocks;		uptr PoppedBlocks;
uptr PushedBlocks;		uptr PushedBlocks;
};		};

struct ReleaseToOsInfo {		struct ReleaseToOsInfo {
uptr PushedBlocksAtLastRelease;		uptr PushedBlocksAtLastRelease;
▲ Show 20 Lines • Show All 126 Lines • ▼ Show 20 Lines	if (!Region->FreeList.empty()) {
B = Region->FreeList.front();		B = Region->FreeList.front();
Region->FreeList.pop_front();		Region->FreeList.pop_front();
}		}
DCHECK_GT(B->getCount(), 0);		DCHECK_GT(B->getCount(), 0);

C->getStats().add(StatFree, AllocatedUser);		C->getStats().add(StatFree, AllocatedUser);
Region->AllocatedUser += AllocatedUser;		Region->AllocatedUser += AllocatedUser;
Region->Exhausted = false;		Region->Exhausted = false;
if (Region->CanRelease)
Region->ReleaseInfo.LastReleaseAtNs = getMonotonicTime();

return B;		return B;
}		}

void getStats(ScopedString *Str, uptr ClassId, uptr Rss) {		void getStats(ScopedString *Str, uptr ClassId, uptr Rss) {
RegionInfo *Region = getRegionInfo(ClassId);		RegionInfo *Region = getRegionInfo(ClassId);
if (Region->MappedUser == 0)		if (Region->MappedUser == 0)
return;		return;
▲ Show 20 Lines • Show All 63 Lines • Show Last 20 Lines