[compiler-rt] [scudo] [MTE] resize stack depot for allocation ring buffer (PR #74515)
Florian Mayer via llvm-commits
llvm-commits at lists.llvm.org
Mon Feb 5 15:10:10 PST 2024
https://github.com/fmayer updated https://github.com/llvm/llvm-project/pull/74515
>From 7806419b3120f49af182c06b46f8d0875ad9f8e6 Mon Sep 17 00:00:00 2001
From: Florian Mayer <fmayer at google.com>
Date: Fri, 1 Dec 2023 16:46:29 -0800
Subject: [PATCH 01/17] [scudo] resize stack depot for allocation ring buffer
---
compiler-rt/lib/scudo/standalone/combined.h | 101 +++++++++++----
.../standalone/fuzz/get_error_info_fuzzer.cpp | 14 +--
compiler-rt/lib/scudo/standalone/platform.h | 10 --
.../lib/scudo/standalone/stack_depot.h | 118 +++++++++++++-----
.../scudo/standalone/wrappers_c_bionic.cpp | 9 +-
5 files changed, 173 insertions(+), 79 deletions(-)
diff --git a/compiler-rt/lib/scudo/standalone/combined.h b/compiler-rt/lib/scudo/standalone/combined.h
index 80774073522a7..11eaeb8042d8c 100644
--- a/compiler-rt/lib/scudo/standalone/combined.h
+++ b/compiler-rt/lib/scudo/standalone/combined.h
@@ -290,7 +290,9 @@ class Allocator {
uptr Size =
android_unsafe_frame_pointer_chase(Stack, MaxTraceSize + DiscardFrames);
Size = Min<uptr>(Size, MaxTraceSize + DiscardFrames);
- return Depot.insert(Stack + Min<uptr>(DiscardFrames, Size), Stack + Size);
+ return reinterpret_cast<StackDepot *>(RawStackDepot)
+ ->insert(RawStackDepot, Stack + Min<uptr>(DiscardFrames, Size),
+ Stack + Size);
#else
return 0;
#endif
@@ -919,8 +921,14 @@ class Allocator {
Primary.Options.clear(OptionBit::AddLargeAllocationSlack);
}
- const char *getStackDepotAddress() const {
- return reinterpret_cast<const char *>(&Depot);
+ const char *getStackDepotAddress() {
+ initThreadMaybe();
+ return RawStackDepot;
+ }
+
+ uptr getStackDepotSize() {
+ initThreadMaybe();
+ return StackDepotSize;
}
const char *getRegionInfoArrayAddress() const {
@@ -943,45 +951,54 @@ class Allocator {
static const uptr MaxTraceSize = 64;
- static void collectTraceMaybe(const StackDepot *Depot,
+ static void collectTraceMaybe(const char *RawStackDepot,
uintptr_t (&Trace)[MaxTraceSize], u32 Hash) {
+ auto *Depot = reinterpret_cast<const StackDepot *>(RawStackDepot);
uptr RingPos, Size;
- if (!Depot->find(Hash, &RingPos, &Size))
+ if (!Depot->find(RawStackDepot, Hash, &RingPos, &Size))
return;
for (unsigned I = 0; I != Size && I != MaxTraceSize; ++I)
- Trace[I] = static_cast<uintptr_t>((*Depot)[RingPos + I]);
+ Trace[I] = static_cast<uintptr_t>(Depot->at(RawStackDepot, RingPos + I));
}
static void getErrorInfo(struct scudo_error_info *ErrorInfo,
uintptr_t FaultAddr, const char *DepotPtr,
- const char *RegionInfoPtr, const char *RingBufferPtr,
- size_t RingBufferSize, const char *Memory,
- const char *MemoryTags, uintptr_t MemoryAddr,
- size_t MemorySize) {
+ size_t DepotSize, const char *RegionInfoPtr,
+ const char *RingBufferPtr, size_t RingBufferSize,
+ const char *Memory, const char *MemoryTags,
+ uintptr_t MemoryAddr, size_t MemorySize) {
*ErrorInfo = {};
if (!allocatorSupportsMemoryTagging<Config>() ||
MemoryAddr + MemorySize < MemoryAddr)
return;
- auto *Depot = reinterpret_cast<const StackDepot *>(DepotPtr);
+ if (DepotPtr && DepotSize < sizeof(StackDepot)) {
+ return;
+ }
+ if (DepotPtr &&
+ !reinterpret_cast<const StackDepot *>(DepotPtr)->isValid(DepotSize)) {
+ // corrupted stack depot.
+ return;
+ }
+
size_t NextErrorReport = 0;
// Check for OOB in the current block and the two surrounding blocks. Beyond
// that, UAF is more likely.
if (extractTag(FaultAddr) != 0)
- getInlineErrorInfo(ErrorInfo, NextErrorReport, FaultAddr, Depot,
+ getInlineErrorInfo(ErrorInfo, NextErrorReport, FaultAddr, DepotPtr,
RegionInfoPtr, Memory, MemoryTags, MemoryAddr,
MemorySize, 0, 2);
// Check the ring buffer. For primary allocations this will only find UAF;
// for secondary allocations we can find either UAF or OOB.
- getRingBufferErrorInfo(ErrorInfo, NextErrorReport, FaultAddr, Depot,
+ getRingBufferErrorInfo(ErrorInfo, NextErrorReport, FaultAddr, DepotPtr,
RingBufferPtr, RingBufferSize);
// Check for OOB in the 28 blocks surrounding the 3 we checked earlier.
// Beyond that we are likely to hit false positives.
if (extractTag(FaultAddr) != 0)
- getInlineErrorInfo(ErrorInfo, NextErrorReport, FaultAddr, Depot,
+ getInlineErrorInfo(ErrorInfo, NextErrorReport, FaultAddr, DepotPtr,
RegionInfoPtr, Memory, MemoryTags, MemoryAddr,
MemorySize, 2, 16);
}
@@ -1029,7 +1046,9 @@ class Allocator {
uptr GuardedAllocSlotSize = 0;
#endif // GWP_ASAN_HOOKS
- StackDepot Depot;
+ char *RawStackDepot = nullptr;
+ uptr StackDepotSize = 0;
+ MemMapT RawStackDepotMap;
struct AllocationRingBuffer {
struct Entry {
@@ -1245,7 +1264,8 @@ class Allocator {
}
void storePrimaryAllocationStackMaybe(const Options &Options, void *Ptr) {
- if (!UNLIKELY(Options.get(OptionBit::TrackAllocationStacks)))
+ if (!UNLIKELY(Options.get(OptionBit::TrackAllocationStacks)) ||
+ !RawRingBuffer)
return;
auto *Ptr32 = reinterpret_cast<u32 *>(Ptr);
Ptr32[MemTagAllocationTraceIndex] = collectStackTrace();
@@ -1278,7 +1298,8 @@ class Allocator {
void storeSecondaryAllocationStackMaybe(const Options &Options, void *Ptr,
uptr Size) {
- if (!UNLIKELY(Options.get(OptionBit::TrackAllocationStacks)))
+ if (!UNLIKELY(Options.get(OptionBit::TrackAllocationStacks)) ||
+ !RawRingBuffer)
return;
u32 Trace = collectStackTrace();
@@ -1293,7 +1314,8 @@ class Allocator {
void storeDeallocationStackMaybe(const Options &Options, void *Ptr,
u8 PrevTag, uptr Size) {
- if (!UNLIKELY(Options.get(OptionBit::TrackAllocationStacks)))
+ if (!UNLIKELY(Options.get(OptionBit::TrackAllocationStacks)) ||
+ !RawRingBuffer)
return;
auto *Ptr32 = reinterpret_cast<u32 *>(Ptr);
@@ -1314,7 +1336,7 @@ class Allocator {
static void getInlineErrorInfo(struct scudo_error_info *ErrorInfo,
size_t &NextErrorReport, uintptr_t FaultAddr,
- const StackDepot *Depot,
+ const char *RawStackDepot,
const char *RegionInfoPtr, const char *Memory,
const char *MemoryTags, uintptr_t MemoryAddr,
size_t MemorySize, size_t MinDistance,
@@ -1379,8 +1401,10 @@ class Allocator {
UntaggedFaultAddr < ChunkAddr ? BUFFER_UNDERFLOW : BUFFER_OVERFLOW;
R->allocation_address = ChunkAddr;
R->allocation_size = Header.SizeOrUnusedBytes;
- collectTraceMaybe(Depot, R->allocation_trace,
- Data[MemTagAllocationTraceIndex]);
+ if (RawStackDepot) {
+ collectTraceMaybe(RawStackDepot, R->allocation_trace,
+ Data[MemTagAllocationTraceIndex]);
+ }
R->allocation_tid = Data[MemTagAllocationTidIndex];
return NextErrorReport == NumErrorReports;
};
@@ -1397,13 +1421,13 @@ class Allocator {
static void getRingBufferErrorInfo(struct scudo_error_info *ErrorInfo,
size_t &NextErrorReport,
uintptr_t FaultAddr,
- const StackDepot *Depot,
+ const char *RawStackDepot,
const char *RingBufferPtr,
size_t RingBufferSize) {
auto *RingBuffer =
reinterpret_cast<const AllocationRingBuffer *>(RingBufferPtr);
size_t RingBufferElements = ringBufferElementsFromBytes(RingBufferSize);
- if (!RingBuffer || RingBufferElements == 0)
+ if (!RingBuffer || RingBufferElements == 0 || !RawStackDepot)
return;
uptr Pos = atomic_load_relaxed(&RingBuffer->Pos);
@@ -1462,9 +1486,10 @@ class Allocator {
R->allocation_address = UntaggedEntryPtr;
R->allocation_size = EntrySize;
- collectTraceMaybe(Depot, R->allocation_trace, AllocationTrace);
+ collectTraceMaybe(RawStackDepot, R->allocation_trace, AllocationTrace);
R->allocation_tid = AllocationTid;
- collectTraceMaybe(Depot, R->deallocation_trace, DeallocationTrace);
+ collectTraceMaybe(RawStackDepot, R->deallocation_trace,
+ DeallocationTrace);
R->deallocation_tid = DeallocationTid;
}
}
@@ -1493,6 +1518,28 @@ class Allocator {
return;
u32 AllocationRingBufferSize =
static_cast<u32>(getFlags()->allocation_ring_buffer_size);
+ // We store alloc and free stacks for each entry.
+ constexpr auto kStacksPerRingBufferEntry = 2;
+ u32 TabSize = static_cast<u32>(roundUpPowerOfTwo(kStacksPerRingBufferEntry *
+ AllocationRingBufferSize));
+ constexpr auto kFramesPerStack = 8;
+ static_assert(isPowerOfTwo(kFramesPerStack));
+ u32 RingSize = static_cast<u32>(TabSize * kFramesPerStack);
+ DCHECK(isPowerOfTwo(RingSize));
+ static_assert(sizeof(StackDepot) % alignof(atomic_u64) == 0);
+
+ StackDepotSize = sizeof(StackDepot) + sizeof(atomic_u64) * RingSize +
+ sizeof(atomic_u32) * TabSize;
+ MemMapT DepotMap;
+ DepotMap.map(
+ /*Addr=*/0U, roundUp(StackDepotSize, getPageSizeCached()),
+ "scudo:stack_depot");
+ RawStackDepot = reinterpret_cast<char *>(DepotMap.getBase());
+ auto *Depot = reinterpret_cast<StackDepot *>(DepotMap.getBase());
+ Depot->init(RingSize, TabSize);
+ DCHECK(Depot->isValid(StackDepotSize));
+ RawStackDepotMap = DepotMap;
+
MemMapT MemMap;
MemMap.map(
/*Addr=*/0U,
@@ -1515,6 +1562,10 @@ class Allocator {
RawRingBufferMap.getCapacity());
}
RawRingBuffer = nullptr;
+ if (RawStackDepot) {
+ RawStackDepotMap.unmap(RawStackDepotMap.getBase(),
+ RawStackDepotMap.getCapacity());
+ }
}
static constexpr size_t ringBufferSizeInBytes(u32 RingBufferElements) {
diff --git a/compiler-rt/lib/scudo/standalone/fuzz/get_error_info_fuzzer.cpp b/compiler-rt/lib/scudo/standalone/fuzz/get_error_info_fuzzer.cpp
index 5b01ebe11c095..2cef1c44fadc9 100644
--- a/compiler-rt/lib/scudo/standalone/fuzz/get_error_info_fuzzer.cpp
+++ b/compiler-rt/lib/scudo/standalone/fuzz/get_error_info_fuzzer.cpp
@@ -9,6 +9,7 @@
#define SCUDO_FUZZ
#include "allocator_config.h"
#include "combined.h"
+#include "common.h"
#include <fuzzer/FuzzedDataProvider.h>
@@ -31,11 +32,6 @@ extern "C" int LLVMFuzzerTestOneInput(uint8_t *Data, size_t Size) {
std::string StackDepotBytes =
FDP.ConsumeRandomLengthString(FDP.remaining_bytes());
- std::vector<char> StackDepot(sizeof(scudo::StackDepot), 0);
- for (size_t i = 0; i < StackDepotBytes.length() && i < StackDepot.size();
- ++i) {
- StackDepot[i] = StackDepotBytes[i];
- }
std::string RegionInfoBytes =
FDP.ConsumeRandomLengthString(FDP.remaining_bytes());
@@ -48,9 +44,9 @@ extern "C" int LLVMFuzzerTestOneInput(uint8_t *Data, size_t Size) {
std::string RingBufferBytes = FDP.ConsumeRemainingBytesAsString();
scudo_error_info ErrorInfo;
- AllocatorT::getErrorInfo(&ErrorInfo, FaultAddr, StackDepot.data(),
- RegionInfo.data(), RingBufferBytes.data(),
- RingBufferBytes.size(), Memory, MemoryTags,
- MemoryAddr, MemorySize);
+ AllocatorT::getErrorInfo(&ErrorInfo, FaultAddr, StackDepotBytes.data(),
+ StackDepotBytes.size(), RegionInfo.data(),
+ RingBufferBytes.data(), RingBufferBytes.size(),
+ Memory, MemoryTags, MemoryAddr, MemorySize);
return 0;
}
diff --git a/compiler-rt/lib/scudo/standalone/platform.h b/compiler-rt/lib/scudo/standalone/platform.h
index b71a86be7669f..5af1275e32d2b 100644
--- a/compiler-rt/lib/scudo/standalone/platform.h
+++ b/compiler-rt/lib/scudo/standalone/platform.h
@@ -63,16 +63,6 @@
#define SCUDO_CAN_USE_MTE (SCUDO_LINUX || SCUDO_TRUSTY)
#endif
-// Use smaller table sizes for fuzzing in order to reduce input size.
-// Trusty just has less available memory.
-#ifndef SCUDO_SMALL_STACK_DEPOT
-#if defined(SCUDO_FUZZ) || SCUDO_TRUSTY
-#define SCUDO_SMALL_STACK_DEPOT 1
-#else
-#define SCUDO_SMALL_STACK_DEPOT 0
-#endif
-#endif
-
#ifndef SCUDO_ENABLE_HOOKS
#define SCUDO_ENABLE_HOOKS 0
#endif
diff --git a/compiler-rt/lib/scudo/standalone/stack_depot.h b/compiler-rt/lib/scudo/standalone/stack_depot.h
index e887d1b43a7cf..92d18a7ad1f2f 100644
--- a/compiler-rt/lib/scudo/standalone/stack_depot.h
+++ b/compiler-rt/lib/scudo/standalone/stack_depot.h
@@ -10,6 +10,7 @@
#define SCUDO_STACK_DEPOT_H_
#include "atomic_helpers.h"
+#include "common.h"
#include "mutex.h"
namespace scudo {
@@ -38,7 +39,7 @@ class MurMur2HashBuilder {
}
};
-class StackDepot {
+class alignas(16) StackDepot {
HybridMutex RingEndMu;
u32 RingEnd = 0;
@@ -62,47 +63,103 @@ class StackDepot {
// This is achieved by re-checking the hash of the stack trace before
// returning the trace.
-#if SCUDO_SMALL_STACK_DEPOT
- static const uptr TabBits = 4;
-#else
- static const uptr TabBits = 16;
-#endif
- static const uptr TabSize = 1 << TabBits;
- static const uptr TabMask = TabSize - 1;
- atomic_u32 Tab[TabSize] = {};
-
-#if SCUDO_SMALL_STACK_DEPOT
- static const uptr RingBits = 4;
-#else
- static const uptr RingBits = 19;
-#endif
- static const uptr RingSize = 1 << RingBits;
- static const uptr RingMask = RingSize - 1;
- atomic_u64 Ring[RingSize] = {};
+ uptr RingSize = 0;
+ uptr RingMask = 0;
+ uptr TabMask = 0;
+ // This is immediately followed by RingSize atomic_u64 and
+ // (TabMask + 1) atomic_u32.
+
+ atomic_u64 *Ring(char *RawStackDepot) {
+ return reinterpret_cast<atomic_u64 *>(RawStackDepot + sizeof(StackDepot));
+ }
+
+ atomic_u32 *Tab(char *RawStackDepot) {
+ return reinterpret_cast<atomic_u32 *>(RawStackDepot + sizeof(StackDepot) +
+ sizeof(atomic_u64) * RingSize);
+ }
+
+ const atomic_u64 *Ring(const char *RawStackDepot) const {
+ return reinterpret_cast<const atomic_u64 *>(RawStackDepot +
+ sizeof(StackDepot));
+ }
+
+ const atomic_u32 *Tab(const char *RawStackDepot) const {
+ return reinterpret_cast<const atomic_u32 *>(
+ RawStackDepot + sizeof(StackDepot) + sizeof(atomic_u64) * RingSize);
+ }
public:
+ void init(uptr RingSz, uptr TabSz) {
+ DCHECK(isPowerOfTwo(RingSz));
+ DCHECK(isPowerOfTwo(TabSz));
+ RingSize = RingSz;
+ RingMask = RingSz - 1;
+ TabMask = TabSz - 1;
+ }
+
+ // Ensure that RingSize, RingMask and TabMask are set up in a way that
+ // all accesses are within range of BufSize.
+ bool isValid(uptr BufSize) const {
+ if (RingSize > UINTPTR_MAX / sizeof(atomic_u64)) {
+ return false;
+ }
+ if (RingSize == 0 || !isPowerOfTwo(RingSize)) {
+ return false;
+ }
+ uptr RingBytes = sizeof(atomic_u64) * RingSize;
+ if (RingMask + 1 != RingSize) {
+ return false;
+ }
+
+ if (TabMask == 0) {
+ return false;
+ }
+ if ((TabMask - 1) > UINTPTR_MAX / sizeof(atomic_u32)) {
+ return false;
+ }
+ uptr TabSize = TabMask + 1;
+ if (!isPowerOfTwo(TabSize)) {
+ return false;
+ }
+ uptr TabBytes = sizeof(atomic_u32) * TabSize;
+
+ // Subtract and detect underflow.
+ if (BufSize < sizeof(StackDepot)) {
+ return false;
+ }
+ BufSize -= sizeof(StackDepot);
+ if (BufSize < TabBytes) {
+ return false;
+ }
+ BufSize = TabBytes;
+ if (BufSize < RingBytes) {
+ return false;
+ }
+ return BufSize == 0;
+ }
+
// Insert hash of the stack trace [Begin, End) into the stack depot, and
// return the hash.
- u32 insert(uptr *Begin, uptr *End) {
+ u32 insert(char *RawStackDepot, uptr *Begin, uptr *End) {
MurMur2HashBuilder B;
for (uptr *I = Begin; I != End; ++I)
B.add(u32(*I) >> 2);
u32 Hash = B.get();
u32 Pos = Hash & TabMask;
- u32 RingPos = atomic_load_relaxed(&Tab[Pos]);
- u64 Entry = atomic_load_relaxed(&Ring[RingPos]);
+ u32 RingPos = atomic_load_relaxed(&Tab(RawStackDepot)[Pos]);
+ u64 Entry = atomic_load_relaxed(&Ring(RawStackDepot)[RingPos]);
u64 Id = (u64(End - Begin) << 33) | (u64(Hash) << 1) | 1;
if (Entry == Id)
return Hash;
ScopedLock Lock(RingEndMu);
RingPos = RingEnd;
- atomic_store_relaxed(&Tab[Pos], RingPos);
- atomic_store_relaxed(&Ring[RingPos], Id);
+ atomic_store_relaxed(&Tab(RawStackDepot)[Pos], RingPos);
+ atomic_store_relaxed(&Ring(RawStackDepot)[RingPos], Id);
for (uptr *I = Begin; I != End; ++I) {
RingPos = (RingPos + 1) & RingMask;
- atomic_store_relaxed(&Ring[RingPos], *I);
+ atomic_store_relaxed(&Ring(RawStackDepot)[RingPos], *I);
}
RingEnd = (RingPos + 1) & RingMask;
return Hash;
@@ -111,12 +168,13 @@ class StackDepot {
// Look up a stack trace by hash. Returns true if successful. The trace may be
// accessed via operator[] passing indexes between *RingPosPtr and
// *RingPosPtr + *SizePtr.
- bool find(u32 Hash, uptr *RingPosPtr, uptr *SizePtr) const {
+ bool find(const char *RawStackDepot, u32 Hash, uptr *RingPosPtr,
+ uptr *SizePtr) const {
u32 Pos = Hash & TabMask;
- u32 RingPos = atomic_load_relaxed(&Tab[Pos]);
+ u32 RingPos = atomic_load_relaxed(&Tab(RawStackDepot)[Pos]);
if (RingPos >= RingSize)
return false;
- u64 Entry = atomic_load_relaxed(&Ring[RingPos]);
+ u64 Entry = atomic_load_relaxed(&Ring(RawStackDepot)[RingPos]);
u64 HashWithTagBit = (u64(Hash) << 1) | 1;
if ((Entry & 0x1ffffffff) != HashWithTagBit)
return false;
@@ -128,13 +186,13 @@ class StackDepot {
MurMur2HashBuilder B;
for (uptr I = 0; I != Size; ++I) {
RingPos = (RingPos + 1) & RingMask;
- B.add(u32(atomic_load_relaxed(&Ring[RingPos])) >> 2);
+ B.add(u32(atomic_load_relaxed(&Ring(RawStackDepot)[RingPos])) >> 2);
}
return B.get() == Hash;
}
- u64 operator[](uptr RingPos) const {
- return atomic_load_relaxed(&Ring[RingPos & RingMask]);
+ u64 at(const char *RawStackDepot, uptr RingPos) const {
+ return atomic_load_relaxed(&Ring(RawStackDepot)[RingPos & RingMask]);
}
// This is done for the purpose of fork safety in multithreaded programs and
diff --git a/compiler-rt/lib/scudo/standalone/wrappers_c_bionic.cpp b/compiler-rt/lib/scudo/standalone/wrappers_c_bionic.cpp
index 21694c3f17fe5..e9d8c1e8d3db2 100644
--- a/compiler-rt/lib/scudo/standalone/wrappers_c_bionic.cpp
+++ b/compiler-rt/lib/scudo/standalone/wrappers_c_bionic.cpp
@@ -43,10 +43,9 @@ INTERFACE void __scudo_get_error_info(
const char *stack_depot, size_t stack_depot_size, const char *region_info,
const char *ring_buffer, size_t ring_buffer_size, const char *memory,
const char *memory_tags, uintptr_t memory_addr, size_t memory_size) {
- (void)(stack_depot_size);
- Allocator.getErrorInfo(error_info, fault_addr, stack_depot, region_info,
- ring_buffer, ring_buffer_size, memory, memory_tags,
- memory_addr, memory_size);
+ Allocator.getErrorInfo(error_info, fault_addr, stack_depot, stack_depot_size,
+ region_info, ring_buffer, ring_buffer_size, memory,
+ memory_tags, memory_addr, memory_size);
}
INTERFACE const char *__scudo_get_stack_depot_addr() {
@@ -54,7 +53,7 @@ INTERFACE const char *__scudo_get_stack_depot_addr() {
}
INTERFACE size_t __scudo_get_stack_depot_size() {
- return sizeof(scudo::StackDepot);
+ return Allocator.getStackDepotSize();
}
INTERFACE const char *__scudo_get_region_info_addr() {
>From ff6d32a5eca8b8a6e29cc85b1fd31a40834fba2c Mon Sep 17 00:00:00 2001
From: Florian Mayer <fmayer at google.com>
Date: Wed, 13 Dec 2023 13:00:15 -0800
Subject: [PATCH 02/17] comments
---
compiler-rt/lib/scudo/standalone/combined.h | 27 +++++++++----
.../lib/scudo/standalone/stack_depot.h | 31 ++++++---------
.../scudo/standalone/tests/combined_test.cpp | 38 ++++++++++++++++++-
3 files changed, 67 insertions(+), 29 deletions(-)
diff --git a/compiler-rt/lib/scudo/standalone/combined.h b/compiler-rt/lib/scudo/standalone/combined.h
index 11eaeb8042d8c..165b9597a7aec 100644
--- a/compiler-rt/lib/scudo/standalone/combined.h
+++ b/compiler-rt/lib/scudo/standalone/combined.h
@@ -9,6 +9,7 @@
#ifndef SCUDO_COMBINED_H_
#define SCUDO_COMBINED_H_
+#include "atomic_helpers.h"
#include "chunk.h"
#include "common.h"
#include "flags.h"
@@ -967,18 +968,21 @@ class Allocator {
const char *RingBufferPtr, size_t RingBufferSize,
const char *Memory, const char *MemoryTags,
uintptr_t MemoryAddr, size_t MemorySize) {
+ // N.B. we need to support corrupted data in any of the buffers here. We get
+ // this information from an external process (the crashing process) that
+ // shouldn't be able to crash crash_dump.
*ErrorInfo = {};
if (!allocatorSupportsMemoryTagging<Config>() ||
MemoryAddr + MemorySize < MemoryAddr)
return;
- if (DepotPtr && DepotSize < sizeof(StackDepot)) {
- return;
- }
- if (DepotPtr &&
- !reinterpret_cast<const StackDepot *>(DepotPtr)->isValid(DepotSize)) {
- // corrupted stack depot.
- return;
+ if (DepotPtr) {
+ // check for corrupted StackDepot. First we need to check whether we can
+ // read the metadata, then whether the metadata matches the size.
+ if (DepotSize < sizeof(StackDepot))
+ return;
+ if (!reinterpret_cast<const StackDepot *>(DepotPtr)->isValid(DepotSize))
+ return;
}
size_t NextErrorReport = 0;
@@ -1520,14 +1524,23 @@ class Allocator {
static_cast<u32>(getFlags()->allocation_ring_buffer_size);
// We store alloc and free stacks for each entry.
constexpr auto kStacksPerRingBufferEntry = 2;
+ constexpr auto kMaxU32Pow2 = ~(UINT32_MAX >> 1);
+ static_assert(isPowerOfTwo(kMaxU32Pow2));
+ if (AllocationRingBufferSize > kMaxU32Pow2 / kStacksPerRingBufferEntry)
+ return;
u32 TabSize = static_cast<u32>(roundUpPowerOfTwo(kStacksPerRingBufferEntry *
AllocationRingBufferSize));
constexpr auto kFramesPerStack = 8;
static_assert(isPowerOfTwo(kFramesPerStack));
+ if (TabSize > UINT32_MAX / kFramesPerStack)
+ return;
u32 RingSize = static_cast<u32>(TabSize * kFramesPerStack);
DCHECK(isPowerOfTwo(RingSize));
static_assert(sizeof(StackDepot) % alignof(atomic_u64) == 0);
+ static_assert(sizeof(StackDepot) + UINT32_MAX * sizeof(atomic_u64) *
+ UINT32_MAX * sizeof(atomic_u32) <
+ UINTPTR_MAX);
StackDepotSize = sizeof(StackDepot) + sizeof(atomic_u64) * RingSize +
sizeof(atomic_u32) * TabSize;
MemMapT DepotMap;
diff --git a/compiler-rt/lib/scudo/standalone/stack_depot.h b/compiler-rt/lib/scudo/standalone/stack_depot.h
index 92d18a7ad1f2f..5eded109ccd09 100644
--- a/compiler-rt/lib/scudo/standalone/stack_depot.h
+++ b/compiler-rt/lib/scudo/standalone/stack_depot.h
@@ -100,42 +100,33 @@ class alignas(16) StackDepot {
// Ensure that RingSize, RingMask and TabMask are set up in a way that
// all accesses are within range of BufSize.
bool isValid(uptr BufSize) const {
- if (RingSize > UINTPTR_MAX / sizeof(atomic_u64)) {
+ if (RingSize > UINTPTR_MAX / sizeof(atomic_u64))
return false;
- }
- if (RingSize == 0 || !isPowerOfTwo(RingSize)) {
+ if (RingSize == 0 || !isPowerOfTwo(RingSize))
return false;
- }
uptr RingBytes = sizeof(atomic_u64) * RingSize;
- if (RingMask + 1 != RingSize) {
+ if (RingMask + 1 != RingSize)
return false;
- }
- if (TabMask == 0) {
+ if (TabMask == 0)
return false;
- }
- if ((TabMask - 1) > UINTPTR_MAX / sizeof(atomic_u32)) {
+ if ((TabMask - 1) > UINTPTR_MAX / sizeof(atomic_u32))
return false;
- }
uptr TabSize = TabMask + 1;
- if (!isPowerOfTwo(TabSize)) {
+ if (!isPowerOfTwo(TabSize))
return false;
- }
uptr TabBytes = sizeof(atomic_u32) * TabSize;
// Subtract and detect underflow.
- if (BufSize < sizeof(StackDepot)) {
+ if (BufSize < sizeof(StackDepot))
return false;
- }
BufSize -= sizeof(StackDepot);
- if (BufSize < TabBytes) {
+ if (BufSize < TabBytes)
return false;
- }
- BufSize = TabBytes;
- if (BufSize < RingBytes) {
+ BufSize -= TabBytes;
+ if (BufSize < RingBytes)
return false;
- }
- return BufSize == 0;
+ return BufSize == RingBytes;
}
// Insert hash of the stack trace [Begin, End) into the stack depot, and
diff --git a/compiler-rt/lib/scudo/standalone/tests/combined_test.cpp b/compiler-rt/lib/scudo/standalone/tests/combined_test.cpp
index 3dbd93cacefd6..80898e5a10083 100644
--- a/compiler-rt/lib/scudo/standalone/tests/combined_test.cpp
+++ b/compiler-rt/lib/scudo/standalone/tests/combined_test.cpp
@@ -7,6 +7,7 @@
//===----------------------------------------------------------------------===//
#include "memtag.h"
+#include "stack_depot.h"
#include "tests/scudo_unit_test.h"
#include "allocator_config.h"
@@ -860,8 +861,8 @@ SCUDO_TYPED_TEST(ScudoCombinedTest, ReallocateInPlaceStress) {
SCUDO_TYPED_TEST(ScudoCombinedTest, RingBufferSize) {
auto *Allocator = this->Allocator.get();
auto Size = Allocator->getRingBufferSize();
- if (Size > 0)
- EXPECT_EQ(Allocator->getRingBufferAddress()[Size - 1], '\0');
+ ASSERT_GT(Size, 0);
+ EXPECT_EQ(Allocator->getRingBufferAddress()[Size - 1], '\0');
}
SCUDO_TYPED_TEST(ScudoCombinedTest, RingBufferAddress) {
@@ -871,6 +872,39 @@ SCUDO_TYPED_TEST(ScudoCombinedTest, RingBufferAddress) {
EXPECT_EQ(Addr, Allocator->getRingBufferAddress());
}
+SCUDO_TYPED_TEST(ScudoCombinedTest, StackDepotSize) {
+ auto *Allocator = this->Allocator.get();
+ auto Size = Allocator->getStackDepotSize();
+ ASSERT_GT(Size, 0);
+ EXPECT_EQ(Allocator->getStackDepotAddress()[Size - 1], '\0');
+}
+
+SCUDO_TYPED_TEST(ScudoCombinedTest, StackDepotAddress) {
+ auto *Allocator = this->Allocator.get();
+ auto *Addr = Allocator->getStackDepotAddress();
+ EXPECT_NE(Addr, nullptr);
+ EXPECT_EQ(Addr, Allocator->getStackDepotAddress());
+}
+
+SCUDO_TYPED_TEST(ScudoCombinedTest, StackDepot) {
+ alignas(scudo::StackDepot) char Buf[sizeof(scudo::StackDepot) +
+ 1024 * sizeof(scudo::atomic_u64) +
+ 1024 * sizeof(scudo::atomic_u32)] = {};
+ auto *Depot = reinterpret_cast<scudo::StackDepot *>(Buf);
+ Depot->init(1024, 1024);
+ ASSERT_TRUE(Depot->isValid(sizeof(Buf)));
+ ASSERT_FALSE(Depot->isValid(sizeof(Buf) - 1));
+ scudo::uptr Stack[] = {1, 2, 3};
+ scudo::u32 Elem = Depot->insert(Buf, &Stack[0], &Stack[3]);
+ scudo::uptr RingPosPtr = 0;
+ scudo::uptr SizePtr = 0;
+ ASSERT_TRUE(Depot->find(Buf, Elem, &RingPosPtr, &SizePtr));
+ ASSERT_EQ(SizePtr, 3);
+ EXPECT_EQ(Depot->at(Buf, RingPosPtr), 1);
+ EXPECT_EQ(Depot->at(Buf, RingPosPtr + 1), 2);
+ EXPECT_EQ(Depot->at(Buf, RingPosPtr + 2), 3);
+}
+
#if SCUDO_CAN_USE_PRIMARY64
#if SCUDO_TRUSTY
>From 2306048f6787e1bd7a0bd6071d32740da6637c17 Mon Sep 17 00:00:00 2001
From: Florian Mayer <florian.mayer at bitsrc.org>
Date: Wed, 13 Dec 2023 15:49:47 -0800
Subject: [PATCH 03/17] Update compiler-rt/lib/scudo/standalone/stack_depot.h
Co-authored-by: ChiaHungDuan <f103119 at gmail.com>
---
compiler-rt/lib/scudo/standalone/stack_depot.h | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/compiler-rt/lib/scudo/standalone/stack_depot.h b/compiler-rt/lib/scudo/standalone/stack_depot.h
index 5eded109ccd09..a71b373959e9a 100644
--- a/compiler-rt/lib/scudo/standalone/stack_depot.h
+++ b/compiler-rt/lib/scudo/standalone/stack_depot.h
@@ -138,8 +138,12 @@ class alignas(16) StackDepot {
u32 Hash = B.get();
u32 Pos = Hash & TabMask;
- u32 RingPos = atomic_load_relaxed(&Tab(RawStackDepot)[Pos]);
- u64 Entry = atomic_load_relaxed(&Ring(RawStackDepot)[RingPos]);
+ atomic_u32 *Tab = getTab(RawStackDepot);
+ atomic_u64 *Ring = getRing(RawStackDepot);
+ u32 RingPos = atomic_load_relaxed(&Tab[Pos]);
+ u64 Entry = atomic_load_relaxed(&Ring[RingPos]);
+
+ // And the following uses of Tab/Ring
u64 Id = (u64(End - Begin) << 33) | (u64(Hash) << 1) | 1;
if (Entry == Id)
return Hash;
>From e2742c7916cb8ccc2ac9fedc74713907f93623d1 Mon Sep 17 00:00:00 2001
From: Florian Mayer <fmayer at google.com>
Date: Wed, 13 Dec 2023 15:53:52 -0800
Subject: [PATCH 04/17] fmt suggestion
---
compiler-rt/lib/scudo/standalone/stack_depot.h | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/compiler-rt/lib/scudo/standalone/stack_depot.h b/compiler-rt/lib/scudo/standalone/stack_depot.h
index a71b373959e9a..d114e21b2bce1 100644
--- a/compiler-rt/lib/scudo/standalone/stack_depot.h
+++ b/compiler-rt/lib/scudo/standalone/stack_depot.h
@@ -138,12 +138,12 @@ class alignas(16) StackDepot {
u32 Hash = B.get();
u32 Pos = Hash & TabMask;
- atomic_u32 *Tab = getTab(RawStackDepot);
- atomic_u64 *Ring = getRing(RawStackDepot);
- u32 RingPos = atomic_load_relaxed(&Tab[Pos]);
- u64 Entry = atomic_load_relaxed(&Ring[RingPos]);
-
- // And the following uses of Tab/Ring
+ atomic_u32 *Tab = getTab(RawStackDepot);
+ atomic_u64 *Ring = getRing(RawStackDepot);
+ u32 RingPos = atomic_load_relaxed(&Tab[Pos]);
+ u64 Entry = atomic_load_relaxed(&Ring[RingPos]);
+
+ // And the following uses of Tab/Ring
u64 Id = (u64(End - Begin) << 33) | (u64(Hash) << 1) | 1;
if (Entry == Id)
return Hash;
>From 9b0f845c3fe27603c6dfc4b4ef78d1c5c46ff7fb Mon Sep 17 00:00:00 2001
From: Florian Mayer <fmayer at google.com>
Date: Wed, 13 Dec 2023 15:59:47 -0800
Subject: [PATCH 05/17] Revert "fmt suggestion"
This reverts commit 86963399a908e4317a4fa8a47b9e7bb51ee7d7a5.
---
compiler-rt/lib/scudo/standalone/stack_depot.h | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/compiler-rt/lib/scudo/standalone/stack_depot.h b/compiler-rt/lib/scudo/standalone/stack_depot.h
index d114e21b2bce1..a71b373959e9a 100644
--- a/compiler-rt/lib/scudo/standalone/stack_depot.h
+++ b/compiler-rt/lib/scudo/standalone/stack_depot.h
@@ -138,12 +138,12 @@ class alignas(16) StackDepot {
u32 Hash = B.get();
u32 Pos = Hash & TabMask;
- atomic_u32 *Tab = getTab(RawStackDepot);
- atomic_u64 *Ring = getRing(RawStackDepot);
- u32 RingPos = atomic_load_relaxed(&Tab[Pos]);
- u64 Entry = atomic_load_relaxed(&Ring[RingPos]);
-
- // And the following uses of Tab/Ring
+ atomic_u32 *Tab = getTab(RawStackDepot);
+ atomic_u64 *Ring = getRing(RawStackDepot);
+ u32 RingPos = atomic_load_relaxed(&Tab[Pos]);
+ u64 Entry = atomic_load_relaxed(&Ring[RingPos]);
+
+ // And the following uses of Tab/Ring
u64 Id = (u64(End - Begin) << 33) | (u64(Hash) << 1) | 1;
if (Entry == Id)
return Hash;
>From 6963f9169f619268c07b554eaa8c380d2450a557 Mon Sep 17 00:00:00 2001
From: Florian Mayer <fmayer at google.com>
Date: Wed, 13 Dec 2023 15:59:54 -0800
Subject: [PATCH 06/17] Revert "Update
compiler-rt/lib/scudo/standalone/stack_depot.h"
This reverts commit 3ff01eacd0fe13da16b83c86abe216cdb423caef.
---
compiler-rt/lib/scudo/standalone/stack_depot.h | 8 ++------
1 file changed, 2 insertions(+), 6 deletions(-)
diff --git a/compiler-rt/lib/scudo/standalone/stack_depot.h b/compiler-rt/lib/scudo/standalone/stack_depot.h
index a71b373959e9a..5eded109ccd09 100644
--- a/compiler-rt/lib/scudo/standalone/stack_depot.h
+++ b/compiler-rt/lib/scudo/standalone/stack_depot.h
@@ -138,12 +138,8 @@ class alignas(16) StackDepot {
u32 Hash = B.get();
u32 Pos = Hash & TabMask;
- atomic_u32 *Tab = getTab(RawStackDepot);
- atomic_u64 *Ring = getRing(RawStackDepot);
- u32 RingPos = atomic_load_relaxed(&Tab[Pos]);
- u64 Entry = atomic_load_relaxed(&Ring[RingPos]);
-
- // And the following uses of Tab/Ring
+ u32 RingPos = atomic_load_relaxed(&Tab(RawStackDepot)[Pos]);
+ u64 Entry = atomic_load_relaxed(&Ring(RawStackDepot)[RingPos]);
u64 Id = (u64(End - Begin) << 33) | (u64(Hash) << 1) | 1;
if (Entry == Id)
return Hash;
>From 1f3b255967e02d1c1aa6835e79401b1df7c372ee Mon Sep 17 00:00:00 2001
From: Florian Mayer <fmayer at google.com>
Date: Tue, 23 Jan 2024 15:40:38 -0800
Subject: [PATCH 07/17] review
---
.../lib/scudo/standalone/stack_depot.h | 33 +++++++++++--------
1 file changed, 20 insertions(+), 13 deletions(-)
diff --git a/compiler-rt/lib/scudo/standalone/stack_depot.h b/compiler-rt/lib/scudo/standalone/stack_depot.h
index 5eded109ccd09..6c0d693f67ae7 100644
--- a/compiler-rt/lib/scudo/standalone/stack_depot.h
+++ b/compiler-rt/lib/scudo/standalone/stack_depot.h
@@ -69,21 +69,21 @@ class alignas(16) StackDepot {
// This is immediately followed by RingSize atomic_u64 and
// (TabMask + 1) atomic_u32.
- atomic_u64 *Ring(char *RawStackDepot) {
+ atomic_u64 *getRing(char *RawStackDepot) {
return reinterpret_cast<atomic_u64 *>(RawStackDepot + sizeof(StackDepot));
}
- atomic_u32 *Tab(char *RawStackDepot) {
+ atomic_u32 *getTab(char *RawStackDepot) {
return reinterpret_cast<atomic_u32 *>(RawStackDepot + sizeof(StackDepot) +
sizeof(atomic_u64) * RingSize);
}
- const atomic_u64 *Ring(const char *RawStackDepot) const {
+ const atomic_u64 *getRing(const char *RawStackDepot) const {
return reinterpret_cast<const atomic_u64 *>(RawStackDepot +
sizeof(StackDepot));
}
- const atomic_u32 *Tab(const char *RawStackDepot) const {
+ const atomic_u32 *getTab(const char *RawStackDepot) const {
return reinterpret_cast<const atomic_u32 *>(
RawStackDepot + sizeof(StackDepot) + sizeof(atomic_u64) * RingSize);
}
@@ -132,25 +132,28 @@ class alignas(16) StackDepot {
// Insert hash of the stack trace [Begin, End) into the stack depot, and
// return the hash.
u32 insert(char *RawStackDepot, uptr *Begin, uptr *End) {
+ auto *Tab = getTab(RawStackDepot);
+ auto *Ring = getRing(RawStackDepot);
+
MurMur2HashBuilder B;
for (uptr *I = Begin; I != End; ++I)
B.add(u32(*I) >> 2);
u32 Hash = B.get();
u32 Pos = Hash & TabMask;
- u32 RingPos = atomic_load_relaxed(&Tab(RawStackDepot)[Pos]);
- u64 Entry = atomic_load_relaxed(&Ring(RawStackDepot)[RingPos]);
+ u32 RingPos = atomic_load_relaxed(&Tab[Pos]);
+ u64 Entry = atomic_load_relaxed(&Ring[RingPos]);
u64 Id = (u64(End - Begin) << 33) | (u64(Hash) << 1) | 1;
if (Entry == Id)
return Hash;
ScopedLock Lock(RingEndMu);
RingPos = RingEnd;
- atomic_store_relaxed(&Tab(RawStackDepot)[Pos], RingPos);
- atomic_store_relaxed(&Ring(RawStackDepot)[RingPos], Id);
+ atomic_store_relaxed(&Tab[Pos], RingPos);
+ atomic_store_relaxed(&Ring[RingPos], Id);
for (uptr *I = Begin; I != End; ++I) {
RingPos = (RingPos + 1) & RingMask;
- atomic_store_relaxed(&Ring(RawStackDepot)[RingPos], *I);
+ atomic_store_relaxed(&Ring[RingPos], *I);
}
RingEnd = (RingPos + 1) & RingMask;
return Hash;
@@ -161,11 +164,14 @@ class alignas(16) StackDepot {
// *RingPosPtr + *SizePtr.
bool find(const char *RawStackDepot, u32 Hash, uptr *RingPosPtr,
uptr *SizePtr) const {
+ auto *Tab = getTab(RawStackDepot);
+ auto *Ring = getRing(RawStackDepot);
+
u32 Pos = Hash & TabMask;
- u32 RingPos = atomic_load_relaxed(&Tab(RawStackDepot)[Pos]);
+ u32 RingPos = atomic_load_relaxed(&Tab[Pos]);
if (RingPos >= RingSize)
return false;
- u64 Entry = atomic_load_relaxed(&Ring(RawStackDepot)[RingPos]);
+ u64 Entry = atomic_load_relaxed(&Ring[RingPos]);
u64 HashWithTagBit = (u64(Hash) << 1) | 1;
if ((Entry & 0x1ffffffff) != HashWithTagBit)
return false;
@@ -177,13 +183,14 @@ class alignas(16) StackDepot {
MurMur2HashBuilder B;
for (uptr I = 0; I != Size; ++I) {
RingPos = (RingPos + 1) & RingMask;
- B.add(u32(atomic_load_relaxed(&Ring(RawStackDepot)[RingPos])) >> 2);
+ B.add(u32(atomic_load_relaxed(&Ring[RingPos])) >> 2);
}
return B.get() == Hash;
}
u64 at(const char *RawStackDepot, uptr RingPos) const {
- return atomic_load_relaxed(&Ring(RawStackDepot)[RingPos & RingMask]);
+ auto *Ring = getRing(RawStackDepot);
+ return atomic_load_relaxed(&Ring[RingPos & RingMask]);
}
// This is done for the purpose of fork safety in multithreaded programs and
>From d1726b17a2ed3c4e6c8168435c3ee45e4646b468 Mon Sep 17 00:00:00 2001
From: Florian Mayer <fmayer at google.com>
Date: Tue, 23 Jan 2024 16:20:33 -0800
Subject: [PATCH 08/17] rearrange
---
compiler-rt/lib/scudo/standalone/combined.h | 20 ++++++++++++++------
1 file changed, 14 insertions(+), 6 deletions(-)
diff --git a/compiler-rt/lib/scudo/standalone/combined.h b/compiler-rt/lib/scudo/standalone/combined.h
index 165b9597a7aec..d7fcc06f43258 100644
--- a/compiler-rt/lib/scudo/standalone/combined.h
+++ b/compiler-rt/lib/scudo/standalone/combined.h
@@ -1522,25 +1522,33 @@ class Allocator {
return;
u32 AllocationRingBufferSize =
static_cast<u32>(getFlags()->allocation_ring_buffer_size);
+
// We store alloc and free stacks for each entry.
constexpr auto kStacksPerRingBufferEntry = 2;
constexpr auto kMaxU32Pow2 = ~(UINT32_MAX >> 1);
static_assert(isPowerOfTwo(kMaxU32Pow2));
+ constexpr auto kFramesPerStack = 8;
+ static_assert(isPowerOfTwo(kFramesPerStack));
+
+ // We need StackDepot to be aligned to 8-bytes so the ring we st ore after
+ // is correctly assigned.
+ static_assert(sizeof(StackDepot) % alignof(atomic_u64) == 0);
+
+ // Make sure the maximum sized StackDepot fits withint a uintptr_t to
+ // simplify the overflow checking.
+ static_assert(sizeof(StackDepot) + UINT32_MAX * sizeof(atomic_u64) *
+ UINT32_MAX * sizeof(atomic_u32) <
+ UINTPTR_MAX);
+
if (AllocationRingBufferSize > kMaxU32Pow2 / kStacksPerRingBufferEntry)
return;
u32 TabSize = static_cast<u32>(roundUpPowerOfTwo(kStacksPerRingBufferEntry *
AllocationRingBufferSize));
- constexpr auto kFramesPerStack = 8;
- static_assert(isPowerOfTwo(kFramesPerStack));
if (TabSize > UINT32_MAX / kFramesPerStack)
return;
u32 RingSize = static_cast<u32>(TabSize * kFramesPerStack);
DCHECK(isPowerOfTwo(RingSize));
- static_assert(sizeof(StackDepot) % alignof(atomic_u64) == 0);
- static_assert(sizeof(StackDepot) + UINT32_MAX * sizeof(atomic_u64) *
- UINT32_MAX * sizeof(atomic_u32) <
- UINTPTR_MAX);
StackDepotSize = sizeof(StackDepot) + sizeof(atomic_u64) * RingSize +
sizeof(atomic_u32) * TabSize;
MemMapT DepotMap;
>From 5d1fef98f04e5c7366614070ed57dbb709a21a8e Mon Sep 17 00:00:00 2001
From: Florian Mayer <fmayer at google.com>
Date: Tue, 23 Jan 2024 16:41:12 -0800
Subject: [PATCH 09/17] typo
---
compiler-rt/lib/scudo/standalone/combined.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/compiler-rt/lib/scudo/standalone/combined.h b/compiler-rt/lib/scudo/standalone/combined.h
index d7fcc06f43258..c500e44ff714c 100644
--- a/compiler-rt/lib/scudo/standalone/combined.h
+++ b/compiler-rt/lib/scudo/standalone/combined.h
@@ -1530,7 +1530,7 @@ class Allocator {
constexpr auto kFramesPerStack = 8;
static_assert(isPowerOfTwo(kFramesPerStack));
- // We need StackDepot to be aligned to 8-bytes so the ring we st ore after
+ // We need StackDepot to be aligned to 8-bytes so the ring we store after
// is correctly assigned.
static_assert(sizeof(StackDepot) % alignof(atomic_u64) == 0);
>From 0941ea6dd27c15287c7c113781750e2310393a62 Mon Sep 17 00:00:00 2001
From: Florian Mayer <fmayer at google.com>
Date: Tue, 23 Jan 2024 17:15:02 -0800
Subject: [PATCH 10/17] review
---
compiler-rt/lib/scudo/standalone/combined.h | 27 +++++++------
.../lib/scudo/standalone/stack_depot.h | 38 ++++++++++---------
.../scudo/standalone/tests/combined_test.cpp | 10 ++---
3 files changed, 38 insertions(+), 37 deletions(-)
diff --git a/compiler-rt/lib/scudo/standalone/combined.h b/compiler-rt/lib/scudo/standalone/combined.h
index c500e44ff714c..d2d788060d9da 100644
--- a/compiler-rt/lib/scudo/standalone/combined.h
+++ b/compiler-rt/lib/scudo/standalone/combined.h
@@ -291,9 +291,8 @@ class Allocator {
uptr Size =
android_unsafe_frame_pointer_chase(Stack, MaxTraceSize + DiscardFrames);
Size = Min<uptr>(Size, MaxTraceSize + DiscardFrames);
- return reinterpret_cast<StackDepot *>(RawStackDepot)
- ->insert(RawStackDepot, Stack + Min<uptr>(DiscardFrames, Size),
- Stack + Size);
+ return StackDepot->insert(Stack + Min<uptr>(DiscardFrames, Size),
+ Stack + Size);
#else
return 0;
#endif
@@ -924,7 +923,7 @@ class Allocator {
const char *getStackDepotAddress() {
initThreadMaybe();
- return RawStackDepot;
+ return reinterpret_cast<char *>(StackDepot);
}
uptr getStackDepotSize() {
@@ -954,12 +953,12 @@ class Allocator {
static void collectTraceMaybe(const char *RawStackDepot,
uintptr_t (&Trace)[MaxTraceSize], u32 Hash) {
- auto *Depot = reinterpret_cast<const StackDepot *>(RawStackDepot);
+ auto *Depot = reinterpret_cast<const class StackDepot *>(RawStackDepot);
uptr RingPos, Size;
- if (!Depot->find(RawStackDepot, Hash, &RingPos, &Size))
+ if (!Depot->find(Hash, &RingPos, &Size))
return;
for (unsigned I = 0; I != Size && I != MaxTraceSize; ++I)
- Trace[I] = static_cast<uintptr_t>(Depot->at(RawStackDepot, RingPos + I));
+ Trace[I] = static_cast<uintptr_t>(Depot->at(RingPos + I));
}
static void getErrorInfo(struct scudo_error_info *ErrorInfo,
@@ -981,7 +980,8 @@ class Allocator {
// read the metadata, then whether the metadata matches the size.
if (DepotSize < sizeof(StackDepot))
return;
- if (!reinterpret_cast<const StackDepot *>(DepotPtr)->isValid(DepotSize))
+ if (!reinterpret_cast<const class StackDepot *>(DepotPtr)->isValid(
+ DepotSize))
return;
}
@@ -1050,7 +1050,7 @@ class Allocator {
uptr GuardedAllocSlotSize = 0;
#endif // GWP_ASAN_HOOKS
- char *RawStackDepot = nullptr;
+ StackDepot *StackDepot = nullptr;
uptr StackDepotSize = 0;
MemMapT RawStackDepotMap;
@@ -1555,10 +1555,9 @@ class Allocator {
DepotMap.map(
/*Addr=*/0U, roundUp(StackDepotSize, getPageSizeCached()),
"scudo:stack_depot");
- RawStackDepot = reinterpret_cast<char *>(DepotMap.getBase());
- auto *Depot = reinterpret_cast<StackDepot *>(DepotMap.getBase());
- Depot->init(RingSize, TabSize);
- DCHECK(Depot->isValid(StackDepotSize));
+ StackDepot = reinterpret_cast<class StackDepot *>(DepotMap.getBase());
+ StackDepot->init(RingSize, TabSize);
+ DCHECK(StackDepot->isValid(StackDepotSize));
RawStackDepotMap = DepotMap;
MemMapT MemMap;
@@ -1583,7 +1582,7 @@ class Allocator {
RawRingBufferMap.getCapacity());
}
RawRingBuffer = nullptr;
- if (RawStackDepot) {
+ if (StackDepot) {
RawStackDepotMap.unmap(RawStackDepotMap.getBase(),
RawStackDepotMap.getCapacity());
}
diff --git a/compiler-rt/lib/scudo/standalone/stack_depot.h b/compiler-rt/lib/scudo/standalone/stack_depot.h
index 6c0d693f67ae7..8fe67ec0d54c4 100644
--- a/compiler-rt/lib/scudo/standalone/stack_depot.h
+++ b/compiler-rt/lib/scudo/standalone/stack_depot.h
@@ -69,23 +69,26 @@ class alignas(16) StackDepot {
// This is immediately followed by RingSize atomic_u64 and
// (TabMask + 1) atomic_u32.
- atomic_u64 *getRing(char *RawStackDepot) {
- return reinterpret_cast<atomic_u64 *>(RawStackDepot + sizeof(StackDepot));
+ atomic_u64 *getRing() {
+ return reinterpret_cast<atomic_u64 *>(reinterpret_cast<char *>(this) +
+ sizeof(StackDepot));
}
- atomic_u32 *getTab(char *RawStackDepot) {
- return reinterpret_cast<atomic_u32 *>(RawStackDepot + sizeof(StackDepot) +
+ atomic_u32 *getTab() {
+ return reinterpret_cast<atomic_u32 *>(reinterpret_cast<char *>(this) +
+ sizeof(StackDepot) +
sizeof(atomic_u64) * RingSize);
}
- const atomic_u64 *getRing(const char *RawStackDepot) const {
- return reinterpret_cast<const atomic_u64 *>(RawStackDepot +
- sizeof(StackDepot));
+ const atomic_u64 *getRing() const {
+ return reinterpret_cast<const atomic_u64 *>(
+ reinterpret_cast<const char *>(this) + sizeof(StackDepot));
}
- const atomic_u32 *getTab(const char *RawStackDepot) const {
+ const atomic_u32 *getTab() const {
return reinterpret_cast<const atomic_u32 *>(
- RawStackDepot + sizeof(StackDepot) + sizeof(atomic_u64) * RingSize);
+ reinterpret_cast<const char *>(this) + sizeof(StackDepot) +
+ sizeof(atomic_u64) * RingSize);
}
public:
@@ -131,9 +134,9 @@ class alignas(16) StackDepot {
// Insert hash of the stack trace [Begin, End) into the stack depot, and
// return the hash.
- u32 insert(char *RawStackDepot, uptr *Begin, uptr *End) {
- auto *Tab = getTab(RawStackDepot);
- auto *Ring = getRing(RawStackDepot);
+ u32 insert(uptr *Begin, uptr *End) {
+ auto *Tab = getTab();
+ auto *Ring = getRing();
MurMur2HashBuilder B;
for (uptr *I = Begin; I != End; ++I)
@@ -162,10 +165,9 @@ class alignas(16) StackDepot {
// Look up a stack trace by hash. Returns true if successful. The trace may be
// accessed via operator[] passing indexes between *RingPosPtr and
// *RingPosPtr + *SizePtr.
- bool find(const char *RawStackDepot, u32 Hash, uptr *RingPosPtr,
- uptr *SizePtr) const {
- auto *Tab = getTab(RawStackDepot);
- auto *Ring = getRing(RawStackDepot);
+ bool find(u32 Hash, uptr *RingPosPtr, uptr *SizePtr) const {
+ auto *Tab = getTab();
+ auto *Ring = getRing();
u32 Pos = Hash & TabMask;
u32 RingPos = atomic_load_relaxed(&Tab[Pos]);
@@ -188,8 +190,8 @@ class alignas(16) StackDepot {
return B.get() == Hash;
}
- u64 at(const char *RawStackDepot, uptr RingPos) const {
- auto *Ring = getRing(RawStackDepot);
+ u64 at(uptr RingPos) const {
+ auto *Ring = getRing();
return atomic_load_relaxed(&Ring[RingPos & RingMask]);
}
diff --git a/compiler-rt/lib/scudo/standalone/tests/combined_test.cpp b/compiler-rt/lib/scudo/standalone/tests/combined_test.cpp
index 80898e5a10083..cd9200793754a 100644
--- a/compiler-rt/lib/scudo/standalone/tests/combined_test.cpp
+++ b/compiler-rt/lib/scudo/standalone/tests/combined_test.cpp
@@ -895,14 +895,14 @@ SCUDO_TYPED_TEST(ScudoCombinedTest, StackDepot) {
ASSERT_TRUE(Depot->isValid(sizeof(Buf)));
ASSERT_FALSE(Depot->isValid(sizeof(Buf) - 1));
scudo::uptr Stack[] = {1, 2, 3};
- scudo::u32 Elem = Depot->insert(Buf, &Stack[0], &Stack[3]);
+ scudo::u32 Elem = Depot->insert(&Stack[0], &Stack[3]);
scudo::uptr RingPosPtr = 0;
scudo::uptr SizePtr = 0;
- ASSERT_TRUE(Depot->find(Buf, Elem, &RingPosPtr, &SizePtr));
+ ASSERT_TRUE(Depot->find(Elem, &RingPosPtr, &SizePtr));
ASSERT_EQ(SizePtr, 3);
- EXPECT_EQ(Depot->at(Buf, RingPosPtr), 1);
- EXPECT_EQ(Depot->at(Buf, RingPosPtr + 1), 2);
- EXPECT_EQ(Depot->at(Buf, RingPosPtr + 2), 3);
+ EXPECT_EQ(Depot->at(RingPosPtr), 1);
+ EXPECT_EQ(Depot->at(RingPosPtr + 1), 2);
+ EXPECT_EQ(Depot->at(RingPosPtr + 2), 3);
}
#if SCUDO_CAN_USE_PRIMARY64
>From 560e91a710804feeca75b6df9670143e8644f155 Mon Sep 17 00:00:00 2001
From: Florian Mayer <fmayer at google.com>
Date: Tue, 23 Jan 2024 17:17:30 -0800
Subject: [PATCH 11/17] simplify
---
compiler-rt/lib/scudo/standalone/combined.h | 27 ++++++++++-----------
1 file changed, 13 insertions(+), 14 deletions(-)
diff --git a/compiler-rt/lib/scudo/standalone/combined.h b/compiler-rt/lib/scudo/standalone/combined.h
index d2d788060d9da..3b6fb4340f33f 100644
--- a/compiler-rt/lib/scudo/standalone/combined.h
+++ b/compiler-rt/lib/scudo/standalone/combined.h
@@ -923,7 +923,7 @@ class Allocator {
const char *getStackDepotAddress() {
initThreadMaybe();
- return reinterpret_cast<char *>(StackDepot);
+ return reinterpret_cast<char *>(Depot);
}
uptr getStackDepotSize() {
@@ -953,7 +953,7 @@ class Allocator {
static void collectTraceMaybe(const char *RawStackDepot,
uintptr_t (&Trace)[MaxTraceSize], u32 Hash) {
- auto *Depot = reinterpret_cast<const class StackDepot *>(RawStackDepot);
+ auto *Depot = reinterpret_cast<const StackDepot *>(RawStackDepot);
uptr RingPos, Size;
if (!Depot->find(Hash, &RingPos, &Size))
return;
@@ -978,10 +978,9 @@ class Allocator {
if (DepotPtr) {
// check for corrupted StackDepot. First we need to check whether we can
// read the metadata, then whether the metadata matches the size.
- if (DepotSize < sizeof(StackDepot))
+ if (DepotSize < sizeof(Depot))
return;
- if (!reinterpret_cast<const class StackDepot *>(DepotPtr)->isValid(
- DepotSize))
+ if (!reinterpret_cast<const StackDepot *>(DepotPtr)->isValid(DepotSize))
return;
}
@@ -1050,7 +1049,7 @@ class Allocator {
uptr GuardedAllocSlotSize = 0;
#endif // GWP_ASAN_HOOKS
- StackDepot *StackDepot = nullptr;
+ StackDepot *Depot = nullptr;
uptr StackDepotSize = 0;
MemMapT RawStackDepotMap;
@@ -1532,12 +1531,12 @@ class Allocator {
// We need StackDepot to be aligned to 8-bytes so the ring we store after
// is correctly assigned.
- static_assert(sizeof(StackDepot) % alignof(atomic_u64) == 0);
+ static_assert(sizeof(Depot) % alignof(atomic_u64) == 0);
// Make sure the maximum sized StackDepot fits withint a uintptr_t to
// simplify the overflow checking.
- static_assert(sizeof(StackDepot) + UINT32_MAX * sizeof(atomic_u64) *
- UINT32_MAX * sizeof(atomic_u32) <
+ static_assert(sizeof(Depot) + UINT32_MAX * sizeof(atomic_u64) * UINT32_MAX *
+ sizeof(atomic_u32) <
UINTPTR_MAX);
if (AllocationRingBufferSize > kMaxU32Pow2 / kStacksPerRingBufferEntry)
@@ -1549,15 +1548,15 @@ class Allocator {
u32 RingSize = static_cast<u32>(TabSize * kFramesPerStack);
DCHECK(isPowerOfTwo(RingSize));
- StackDepotSize = sizeof(StackDepot) + sizeof(atomic_u64) * RingSize +
+ StackDepotSize = sizeof(Depot) + sizeof(atomic_u64) * RingSize +
sizeof(atomic_u32) * TabSize;
MemMapT DepotMap;
DepotMap.map(
/*Addr=*/0U, roundUp(StackDepotSize, getPageSizeCached()),
"scudo:stack_depot");
- StackDepot = reinterpret_cast<class StackDepot *>(DepotMap.getBase());
- StackDepot->init(RingSize, TabSize);
- DCHECK(StackDepot->isValid(StackDepotSize));
+ Depot = reinterpret_cast<StackDepot *>(DepotMap.getBase());
+ Depot->init(RingSize, TabSize);
+ DCHECK(Depot->isValid(StackDepotSize));
RawStackDepotMap = DepotMap;
MemMapT MemMap;
@@ -1582,7 +1581,7 @@ class Allocator {
RawRingBufferMap.getCapacity());
}
RawRingBuffer = nullptr;
- if (StackDepot) {
+ if (Depot) {
RawStackDepotMap.unmap(RawStackDepotMap.getBase(),
RawStackDepotMap.getCapacity());
}
>From 5962e7df4413044427a00a4798553c5f6bd12da8 Mon Sep 17 00:00:00 2001
From: Florian Mayer <fmayer at google.com>
Date: Tue, 23 Jan 2024 17:22:30 -0800
Subject: [PATCH 12/17] fix
---
compiler-rt/lib/scudo/standalone/combined.h | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/compiler-rt/lib/scudo/standalone/combined.h b/compiler-rt/lib/scudo/standalone/combined.h
index 3b6fb4340f33f..98958450921df 100644
--- a/compiler-rt/lib/scudo/standalone/combined.h
+++ b/compiler-rt/lib/scudo/standalone/combined.h
@@ -291,8 +291,8 @@ class Allocator {
uptr Size =
android_unsafe_frame_pointer_chase(Stack, MaxTraceSize + DiscardFrames);
Size = Min<uptr>(Size, MaxTraceSize + DiscardFrames);
- return StackDepot->insert(Stack + Min<uptr>(DiscardFrames, Size),
- Stack + Size);
+ return Depot->insert(Stack + Min<uptr>(DiscardFrames, Size),
+ Stack + Size);
#else
return 0;
#endif
>From 2b902f8a178627b38b0838e000463ed4b48cb4a8 Mon Sep 17 00:00:00 2001
From: Florian Mayer <fmayer at google.com>
Date: Tue, 23 Jan 2024 17:25:27 -0800
Subject: [PATCH 13/17] comment
---
compiler-rt/lib/scudo/standalone/combined.h | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/compiler-rt/lib/scudo/standalone/combined.h b/compiler-rt/lib/scudo/standalone/combined.h
index 98958450921df..0d6f25d4a004e 100644
--- a/compiler-rt/lib/scudo/standalone/combined.h
+++ b/compiler-rt/lib/scudo/standalone/combined.h
@@ -969,7 +969,8 @@ class Allocator {
uintptr_t MemoryAddr, size_t MemorySize) {
// N.B. we need to support corrupted data in any of the buffers here. We get
// this information from an external process (the crashing process) that
- // shouldn't be able to crash crash_dump.
+ // should not be able to crash the crash dumper (crash_dump on Android).
+ // See also the get_error_info_fuzzer.
*ErrorInfo = {};
if (!allocatorSupportsMemoryTagging<Config>() ||
MemoryAddr + MemorySize < MemoryAddr)
>From 02c7cb094b8117e5e42626f1513107102e229d80 Mon Sep 17 00:00:00 2001
From: Florian Mayer <fmayer at google.com>
Date: Tue, 23 Jan 2024 17:31:41 -0800
Subject: [PATCH 14/17] fix
---
compiler-rt/lib/scudo/standalone/combined.h | 30 ++++++++++-----------
1 file changed, 15 insertions(+), 15 deletions(-)
diff --git a/compiler-rt/lib/scudo/standalone/combined.h b/compiler-rt/lib/scudo/standalone/combined.h
index 0d6f25d4a004e..5b9b5d1442637 100644
--- a/compiler-rt/lib/scudo/standalone/combined.h
+++ b/compiler-rt/lib/scudo/standalone/combined.h
@@ -951,9 +951,8 @@ class Allocator {
static const uptr MaxTraceSize = 64;
- static void collectTraceMaybe(const char *RawStackDepot,
+ static void collectTraceMaybe(const StackDepot *Depot,
uintptr_t (&Trace)[MaxTraceSize], u32 Hash) {
- auto *Depot = reinterpret_cast<const StackDepot *>(RawStackDepot);
uptr RingPos, Size;
if (!Depot->find(Hash, &RingPos, &Size))
return;
@@ -976,12 +975,14 @@ class Allocator {
MemoryAddr + MemorySize < MemoryAddr)
return;
+ const StackDepot *Depot = nullptr;
if (DepotPtr) {
// check for corrupted StackDepot. First we need to check whether we can
// read the metadata, then whether the metadata matches the size.
- if (DepotSize < sizeof(Depot))
+ if (DepotSize < sizeof(*Depot))
return;
- if (!reinterpret_cast<const StackDepot *>(DepotPtr)->isValid(DepotSize))
+ Depot = reinterpret_cast<const StackDepot *>(DepotPtr);
+ if (!Depot->isValid(DepotSize))
return;
}
@@ -990,19 +991,19 @@ class Allocator {
// Check for OOB in the current block and the two surrounding blocks. Beyond
// that, UAF is more likely.
if (extractTag(FaultAddr) != 0)
- getInlineErrorInfo(ErrorInfo, NextErrorReport, FaultAddr, DepotPtr,
+ getInlineErrorInfo(ErrorInfo, NextErrorReport, FaultAddr, Depot,
RegionInfoPtr, Memory, MemoryTags, MemoryAddr,
MemorySize, 0, 2);
// Check the ring buffer. For primary allocations this will only find UAF;
// for secondary allocations we can find either UAF or OOB.
- getRingBufferErrorInfo(ErrorInfo, NextErrorReport, FaultAddr, DepotPtr,
+ getRingBufferErrorInfo(ErrorInfo, NextErrorReport, FaultAddr, Depot,
RingBufferPtr, RingBufferSize);
// Check for OOB in the 28 blocks surrounding the 3 we checked earlier.
// Beyond that we are likely to hit false positives.
if (extractTag(FaultAddr) != 0)
- getInlineErrorInfo(ErrorInfo, NextErrorReport, FaultAddr, DepotPtr,
+ getInlineErrorInfo(ErrorInfo, NextErrorReport, FaultAddr, Depot,
RegionInfoPtr, Memory, MemoryTags, MemoryAddr,
MemorySize, 2, 16);
}
@@ -1340,7 +1341,7 @@ class Allocator {
static void getInlineErrorInfo(struct scudo_error_info *ErrorInfo,
size_t &NextErrorReport, uintptr_t FaultAddr,
- const char *RawStackDepot,
+ const StackDepot *Depot,
const char *RegionInfoPtr, const char *Memory,
const char *MemoryTags, uintptr_t MemoryAddr,
size_t MemorySize, size_t MinDistance,
@@ -1405,8 +1406,8 @@ class Allocator {
UntaggedFaultAddr < ChunkAddr ? BUFFER_UNDERFLOW : BUFFER_OVERFLOW;
R->allocation_address = ChunkAddr;
R->allocation_size = Header.SizeOrUnusedBytes;
- if (RawStackDepot) {
- collectTraceMaybe(RawStackDepot, R->allocation_trace,
+ if (Depot) {
+ collectTraceMaybe(Depot, R->allocation_trace,
Data[MemTagAllocationTraceIndex]);
}
R->allocation_tid = Data[MemTagAllocationTidIndex];
@@ -1425,13 +1426,13 @@ class Allocator {
static void getRingBufferErrorInfo(struct scudo_error_info *ErrorInfo,
size_t &NextErrorReport,
uintptr_t FaultAddr,
- const char *RawStackDepot,
+ const StackDepot *Depot,
const char *RingBufferPtr,
size_t RingBufferSize) {
auto *RingBuffer =
reinterpret_cast<const AllocationRingBuffer *>(RingBufferPtr);
size_t RingBufferElements = ringBufferElementsFromBytes(RingBufferSize);
- if (!RingBuffer || RingBufferElements == 0 || !RawStackDepot)
+ if (!RingBuffer || RingBufferElements == 0 || !Depot)
return;
uptr Pos = atomic_load_relaxed(&RingBuffer->Pos);
@@ -1490,10 +1491,9 @@ class Allocator {
R->allocation_address = UntaggedEntryPtr;
R->allocation_size = EntrySize;
- collectTraceMaybe(RawStackDepot, R->allocation_trace, AllocationTrace);
+ collectTraceMaybe(Depot, R->allocation_trace, AllocationTrace);
R->allocation_tid = AllocationTid;
- collectTraceMaybe(RawStackDepot, R->deallocation_trace,
- DeallocationTrace);
+ collectTraceMaybe(Depot, R->deallocation_trace, DeallocationTrace);
R->deallocation_tid = DeallocationTid;
}
}
>From cdeefa9d98c76da046401dd95533ebb703bab8a0 Mon Sep 17 00:00:00 2001
From: Florian Mayer <fmayer at google.com>
Date: Tue, 23 Jan 2024 17:33:59 -0800
Subject: [PATCH 15/17] fmt
---
compiler-rt/lib/scudo/standalone/combined.h | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/compiler-rt/lib/scudo/standalone/combined.h b/compiler-rt/lib/scudo/standalone/combined.h
index 5b9b5d1442637..392d9a7d8b8b7 100644
--- a/compiler-rt/lib/scudo/standalone/combined.h
+++ b/compiler-rt/lib/scudo/standalone/combined.h
@@ -291,8 +291,7 @@ class Allocator {
uptr Size =
android_unsafe_frame_pointer_chase(Stack, MaxTraceSize + DiscardFrames);
Size = Min<uptr>(Size, MaxTraceSize + DiscardFrames);
- return Depot->insert(Stack + Min<uptr>(DiscardFrames, Size),
- Stack + Size);
+ return Depot->insert(Stack + Min<uptr>(DiscardFrames, Size), Stack + Size);
#else
return 0;
#endif
>From c5b09455b10322a16abcca6351cb8d6cfe12577c Mon Sep 17 00:00:00 2001
From: Florian Mayer <fmayer at google.com>
Date: Thu, 25 Jan 2024 12:08:33 -0800
Subject: [PATCH 16/17] depotcheck
---
compiler-rt/lib/scudo/standalone/combined.h | 29 ++++++++++++---------
1 file changed, 17 insertions(+), 12 deletions(-)
diff --git a/compiler-rt/lib/scudo/standalone/combined.h b/compiler-rt/lib/scudo/standalone/combined.h
index 392d9a7d8b8b7..d5848711977a7 100644
--- a/compiler-rt/lib/scudo/standalone/combined.h
+++ b/compiler-rt/lib/scudo/standalone/combined.h
@@ -283,7 +283,7 @@ class Allocator {
return reinterpret_cast<void *>(addHeaderTag(reinterpret_cast<uptr>(Ptr)));
}
- NOINLINE u32 collectStackTrace() {
+ NOINLINE u32 collectStackTrace(StackDepot *Depot) {
#ifdef HAVE_ANDROID_UNSAFE_FRAME_POINTER_CHASE
// Discard collectStackTrace() frame and allocator function frame.
constexpr uptr DiscardFrames = 2;
@@ -293,6 +293,7 @@ class Allocator {
Size = Min<uptr>(Size, MaxTraceSize + DiscardFrames);
return Depot->insert(Stack + Min<uptr>(DiscardFrames, Size), Stack + Size);
#else
+ (void)(Depot);
return 0;
#endif
}
@@ -1267,12 +1268,18 @@ class Allocator {
storeEndMarker(RoundNewPtr, NewSize, BlockEnd);
}
+ StackDepot *getDepotIfEnabled(const Options &Options) {
+ if (!UNLIKELY(Options.get(OptionBit::TrackAllocationStacks)))
+ return nullptr;
+ return Depot;
+ }
+
void storePrimaryAllocationStackMaybe(const Options &Options, void *Ptr) {
- if (!UNLIKELY(Options.get(OptionBit::TrackAllocationStacks)) ||
- !RawRingBuffer)
+ auto *Depot = getDepotIfEnabled(Options);
+ if (!Depot)
return;
auto *Ptr32 = reinterpret_cast<u32 *>(Ptr);
- Ptr32[MemTagAllocationTraceIndex] = collectStackTrace();
+ Ptr32[MemTagAllocationTraceIndex] = collectStackTrace(Depot);
Ptr32[MemTagAllocationTidIndex] = getThreadID();
}
@@ -1302,11 +1309,10 @@ class Allocator {
void storeSecondaryAllocationStackMaybe(const Options &Options, void *Ptr,
uptr Size) {
- if (!UNLIKELY(Options.get(OptionBit::TrackAllocationStacks)) ||
- !RawRingBuffer)
+ auto *Depot = getDepotIfEnabled(Options);
+ if (!Depot)
return;
-
- u32 Trace = collectStackTrace();
+ u32 Trace = collectStackTrace(Depot);
u32 Tid = getThreadID();
auto *Ptr32 = reinterpret_cast<u32 *>(Ptr);
@@ -1318,15 +1324,14 @@ class Allocator {
void storeDeallocationStackMaybe(const Options &Options, void *Ptr,
u8 PrevTag, uptr Size) {
- if (!UNLIKELY(Options.get(OptionBit::TrackAllocationStacks)) ||
- !RawRingBuffer)
+ auto *Depot = getDepotIfEnabled(Options);
+ if (!Depot)
return;
-
auto *Ptr32 = reinterpret_cast<u32 *>(Ptr);
u32 AllocationTrace = Ptr32[MemTagAllocationTraceIndex];
u32 AllocationTid = Ptr32[MemTagAllocationTidIndex];
- u32 DeallocationTrace = collectStackTrace();
+ u32 DeallocationTrace = collectStackTrace(Depot);
u32 DeallocationTid = getThreadID();
storeRingBufferEntry(addFixedTag(untagPointer(Ptr), PrevTag),
>From 353169f783053e187edc3e63d0474c067976521e Mon Sep 17 00:00:00 2001
From: Florian Mayer <fmayer at google.com>
Date: Mon, 5 Feb 2024 15:09:40 -0800
Subject: [PATCH 17/17] comments + rebase
---
compiler-rt/lib/scudo/standalone/combined.h | 14 ++++++--------
1 file changed, 6 insertions(+), 8 deletions(-)
diff --git a/compiler-rt/lib/scudo/standalone/combined.h b/compiler-rt/lib/scudo/standalone/combined.h
index d5848711977a7..2c435bedaba6f 100644
--- a/compiler-rt/lib/scudo/standalone/combined.h
+++ b/compiler-rt/lib/scudo/standalone/combined.h
@@ -283,7 +283,7 @@ class Allocator {
return reinterpret_cast<void *>(addHeaderTag(reinterpret_cast<uptr>(Ptr)));
}
- NOINLINE u32 collectStackTrace(StackDepot *Depot) {
+ NOINLINE u32 collectStackTrace(UNUSED StackDepot *Depot) {
#ifdef HAVE_ANDROID_UNSAFE_FRAME_POINTER_CHASE
// Discard collectStackTrace() frame and allocator function frame.
constexpr uptr DiscardFrames = 2;
@@ -293,7 +293,6 @@ class Allocator {
Size = Min<uptr>(Size, MaxTraceSize + DiscardFrames);
return Depot->insert(Stack + Min<uptr>(DiscardFrames, Size), Stack + Size);
#else
- (void)(Depot);
return 0;
#endif
}
@@ -693,12 +692,12 @@ class Allocator {
Quarantine.disable();
Primary.disable();
Secondary.disable();
- Depot.disable();
+ Depot->disable();
}
void enable() NO_THREAD_SAFETY_ANALYSIS {
initThreadMaybe();
- Depot.enable();
+ Depot->enable();
Secondary.enable();
Primary.enable();
Quarantine.enable();
@@ -1528,10 +1527,10 @@ class Allocator {
static_cast<u32>(getFlags()->allocation_ring_buffer_size);
// We store alloc and free stacks for each entry.
- constexpr auto kStacksPerRingBufferEntry = 2;
- constexpr auto kMaxU32Pow2 = ~(UINT32_MAX >> 1);
+ constexpr u32 kStacksPerRingBufferEntry = 2;
+ constexpr u32 kMaxU32Pow2 = ~(UINT32_MAX >> 1);
static_assert(isPowerOfTwo(kMaxU32Pow2));
- constexpr auto kFramesPerStack = 8;
+ constexpr u32 kFramesPerStack = 8;
static_assert(isPowerOfTwo(kFramesPerStack));
// We need StackDepot to be aligned to 8-bytes so the ring we store after
@@ -1561,7 +1560,6 @@ class Allocator {
"scudo:stack_depot");
Depot = reinterpret_cast<StackDepot *>(DepotMap.getBase());
Depot->init(RingSize, TabSize);
- DCHECK(Depot->isValid(StackDepotSize));
RawStackDepotMap = DepotMap;
MemMapT MemMap;
More information about the llvm-commits
mailing list