Граф коммитов

1150 Коммитов

Автор SHA1 Сообщение Дата
Matthew Parkinson 6cbc50fe2c
Factor out libc code into a header. (#624)
* Factor out libc code into a header.

This pulls the main definitions of the various libc malloc functions
into a header for easier use and inclusion in other projects.

* Clang-tidy fixes.

* Clang-tidy fixes really.

* More code quality changes

* Minor fix

* Clangformat
2023-08-09 07:15:09 +01:00
Matthew Parkinson 9d4466093a
Move to clang-format 15 (#621)
The current version requires clang-format-9.  This now getting hard to get.
This commit moves it to the clang-format-15, which is the latest in 22.04.

Also, updates clang-tidy to 15 as well.
2023-07-18 11:24:07 +01:00
Matthew Parkinson cdfedd8718
Update README.md (#622) 2023-07-17 15:09:36 +01:00
Matthew Parkinson dc1268886a
Improve CMake slightly (#620)
* Prefix build testing flag with SNMALLOC

* Only add clangformat target is testing enabled.
2023-06-28 11:42:19 +01:00
Matthew Parkinson 95bad423a7
Correct order of test based on #618 (#619) 2023-06-20 12:16:45 -04:00
Matthew Parkinson ce489cfffe
Conditional range (#617)
* Make a conditional range

This range allows for a contained range to be disabled at runtime.
This allows for thread local caching to be disabled if the initial fixed
size heap is below a threshold.
2023-06-20 12:00:34 -04:00
David CARLIER d9f5bd0500
pass through enable malloc build for dragonflybsd. (#614) 2023-05-30 21:25:59 +01:00
Matthew Parkinson 55376aa006
Move key_global into RemoteAllocator (#608)
There was a mis-compilation in a Verona configuration that lead to
two instances of key_global existing.  This change moves it inside
a struct that seems to fix the issue.

The rest of the changes are limiting the use of key_global as both
RemoteCache and RemoteAllocator must use the same configuration,
so there is no need to take the key_global as a parameter.
2023-04-26 17:24:16 +01:00
Matthew Parkinson 7b3a2b3fc1
Made pool reuse a queue (#612)
So allocator churn will cause remote queues to be visited.
2023-04-26 15:08:30 +01:00
Matthew Parkinson 365553e67f
Remove 18.04 (#613) 2023-04-25 21:08:04 +01:00
Julien Maffre e3f636544f
Update BUILDING.md (#611) 2023-04-19 17:06:55 +01:00
Axel PASCON 7f368bd6da
Fix broken link in PORTING.md (#610) 2023-04-07 20:08:37 +01:00
Matthew Parkinson 1077be0e50
Update GuardedMemcpy.md 2023-03-27 10:51:34 +01:00
Matthew Parkinson d8f174c717
Minor perf (#607)
* Prefetch on traversing remote queue

* Make pointer function fast path

* Only try to form blocks of MIN_BITS
2023-03-24 10:54:54 +00:00
Matthew Parkinson 8e3f6c96e8
Optimise buddy allocator to not search too high (#606)
The buddy allocator doesn't need to look at sizes above the current
highest size. This commit tracks the highest block that is stored in the
buddy allocator.
2023-03-24 09:16:09 +00:00
Matthew Parkinson 0620825df7
Add a fast path to ensure_init (#605) 2023-03-24 09:15:45 +00:00
Matthew Parkinson 798f2fa367
Remote stub (#604)
* Alter is_empty

* Use a stub in remoteallocator

Rather than allocating a sizeclass use a stub.  This change adds a
branch on enqueue.
2023-03-24 09:15:28 +00:00
Matthew Parkinson ccca98a709
Factor checks under separate feature flags. (#587)
All the checks and mitigations have been placed under feature flags.
These can be controlled by defining

  SNMALLOC_CHECK_CLIENT_MITIGATIONS

This can take a term that represents the mitigations that should be enabled.
E.g.
  -DSNMALLOC_CHECK_CLIENT_MITIGATIONS=nochecks+random_pagemap

The CMake uses this to build numerous versions of the LD_PRELOAD library and
tests to allow individual features to be benchmarked.

Co-authored-by: Nathaniel Wesley Filardo <nfilardo@microsoft.com>
2023-03-23 13:41:02 +00:00
David CARLIER 848db74cfc
AAL disable __builtin_readcyclecounter on macOs arm64. (#601)
Fix perf-content* tests.
2023-03-13 12:38:18 +00:00
Saar Amar 959531b6e3
Update GuardedMemcpy.md (#602)
Fix the signature of `memcpy`.
2023-03-07 10:32:40 +00:00
Matthew Parkinson 6066cbaafb
Alter glibc override to work with RTL_DEEPBIND (#598)
When using dlopen with RTL_DEEPBIND the LD_PRELOAD used
by the majority of allocators does not work as both libc
and snmallocs allocators can be called by various dso.

This patch uses GLIBC's __malloc_hook to override the allocator
as well as LD_PRELOAD.  This means that all libraries will
call snmalloc when performing allocation.
2023-02-27 14:30:55 +00:00
EAirPeter 8fa861758f
Fix incorrect aligned_size invocations in operator overrides (#597) 2023-02-27 13:46:39 +00:00
Matthew Parkinson c304ddfcdb
Remove OpenBSD from CI (#599) 2023-02-27 13:43:20 +00:00
David CARLIER b357165385
Vm ci fixnetbsd (#592)
* Disable PAL access enforcing on netbsd

* Clangformat

---------

Co-authored-by: Matthew Parkinson <mattpark@microsoft.com>
2023-02-20 15:06:26 +00:00
Nathaniel Filardo 50cb8b88fe
Update Morello CI (#590)
* Move Morello CI to track default release

- Log some details of the build environment

- Remove workarounds overcome by events

* Morello CI: parameterize run queue and boot env

* Morello CI to run as a non-root user

For reasons unrelated to snmalloc, it's become more convenient to engage
in a little white lie, as it were, that the CI jobs are not `root` on
the worker nodes.  So I'm testing changes on the cluster orchestration
goo to run the github runner as a non-root user.  However, much as with
GitHub's own runners, the runner user is in the `wheel`, and `root` will
have no password, so we can still `su` up to `root` when needed.

Of course, when we are already root, we can `su` to anyone we like,
including `root`, so these changes are compatible with both the old and
new world order and have been tested with both.
2023-02-20 12:06:51 +00:00
David Chisnall b9b9055bbf
Try vm-actions instead of cross-platform-actions (#589)
This uses VirtualBox instead of xhyve.  It might be slower, but should
be more reliable.

Tests run on FreeBSD, NetBSD, and OpenBSD.  Only the FreeBSD ones are
passing at the moment, the others will keep running but aren't added as
dependencies for the action used to guard commits.
2023-02-20 12:05:53 +00:00
David Chisnall cef56c4262 Replace fragile and wrong check for library feature.
Compiler versions do not imply standard library versions, and even where
the compiler and standard library versions were matched, this check was
wrong.
2023-02-13 10:56:18 +00:00
David Chisnall 4370a23f3e Attempt to run *BSD CI in VMs. 2023-02-09 13:53:00 +00:00
Matthew Parkinson 627653afdb
Remove class nesting (#585)
Nesting the class inside a function generates bad code in Debug (#584).
Unnesting seems to fix this.
2023-02-03 14:24:02 +00:00
David CARLIER 6be63b1ea8
aal::aal_arm implements tick for apple 64 bits. (#564) 2023-01-31 10:17:00 +00:00
David CARLIER 6c27b59e13
adding few more c++17 operators override. (#581) 2023-01-31 09:22:50 +00:00
David CARLIER e5d2ac95da
PAL netbsd, the 10th release finally supports getrandom syscall. (#583) 2023-01-16 16:47:44 +00:00
David CARLIER f032e3feb0
fix those particular gcc analyzer warning (#582) 2023-01-03 11:22:17 +00:00
Matthew Parkinson 4e88b42621
Towards heap walk (#569)
* Implement tracking full slabs and large allocations

This adds an additional SeqSet that is used to track all the fully
used slabs and large allocations.  This gives more chances to
detect memory leaks, and additionally catch some more UAF failures
where the object is not recycled.

* Make slabmeta track a slab interior pointer

Use the head of the free list builder to track an interior pointer to
the slab. This is unused unless the list contains something.
Hence, we can use this to represent an interior pointer to the slab and
report more accurate leaks.

* clangformat

* clangtidy

* clangtidy

* Clang tidy again.

* Fixing provenance.

* Clangformat

* Clang tidy.

* Add assert for sanity

* Make reinterpret_cast more descriptive.

Add an operation to get a tag free pointer from an address_t, and use it

* Clangformat

* CR

* Fix calculation of number of allocations.

* Fix calculation of number of allocations.

* Fix test
2022-12-20 13:36:10 +00:00
Nathaniel Wesley Filardo 704843d5ff Add BUILD_TESTING cmake option
As with CTest, but without the full machinery thereof.  This facilitates
package builders to use the usual build targets (all, install) without
needing to build the test programs if they're just going to get dropped
on the floor.
2022-12-16 16:43:47 +00:00
Nathaniel Wesley Filardo 74becb8374 StrictProvenance: deorbit metadata mixins 2022-12-14 17:46:53 +00:00
Nathaniel Wesley Filardo 1b825b71a6 StrictProvenance: switch to Authmap amplification 2022-12-14 17:46:53 +00:00
Nathaniel Wesley Filardo 0cd36f4eb2 StrictProvenance: plumb Authmaps through backends
No use of them, yet, though.
2022-12-14 17:46:53 +00:00
Nathaniel Wesley Filardo ca69fe0dd3 StrictProvenance: Add "authority map" implementations 2022-12-14 17:46:53 +00:00
Nathaniel Wesley Filardo e7a3130f79 StrictProvenance: re-introduce capptr_rebound 2022-12-14 17:46:53 +00:00
Nathaniel Wesley Filardo 90ac1ba8d3 BSD StrictProvenance minimum allocation size 16M
This will serve as the granularity with which we store authority
pointers in the (forthcoming) authmap, so 4K is almost surely too small.
16M is, admittedly, chosen out of a hat.
2022-12-14 17:46:53 +00:00
Nathaniel Wesley Filardo 7f3b59eaf9 PagemapRegisterRange: don't presume Pagemap entry type
To date, we've had exactly one kind of Pagemap and it held exactly one
type of thing, a descendant of class MetaEntryBase.

PagemapRegisterRange tacitly assumed that the Pagemap (adapter) it
interacted would therefore store entries that could have .set_boundary()
called on them.  But in general there's no requirement that this be
true; Pagemaps are generic data structures.

To enable reuse of the PagemapRegisterRange machinery more generally,
change the type of Pagemap::register_range() to take a pointer (rather
than an address) and move the MetaEntryBase-specific functionality to
the backend_helpers/pagemap adapter.
2022-12-14 17:46:53 +00:00
Nathaniel Wesley Filardo 06873ac366 pagemap: don't depend on SNMALLOC_CHECK_CLIENT
Instead, take a template parameter for the no-args init() method, so
that randomization can be disabled on StrictProvenance architectures
(CHERI), where we don't expect it to be useful, even when snmalloc is
being built to be otherwise paranoid.

Catch callsites up.
2022-12-14 17:46:53 +00:00
Nathaniel Wesley Filardo 30da31d245 pagemap: assert that entry types match
More directly ensure that a "basic" pagemap's type matches its
"concrete" pagemap parameter's entry type.  Absent this check, getting
this wrong won't be detected until even further along in template code
generation (when considering a method that sees the mismatch).
2022-12-14 17:46:53 +00:00
Nathaniel Wesley Filardo 2936467736 ds/pagemap: expose granularity information 2022-12-14 17:46:53 +00:00
Nathaniel Wesley Filardo 48340faa09 NFC: ds/pagemap: tweak commentary 2022-12-14 17:46:53 +00:00
Nathaniel Wesley Filardo a42c4303e0 NFC: Move FlatPagemap to ds
Separate out the pagemap datastructure (ds/pagemap.h) from the backend
adapter shim (backend_helpers/pagemap.h).
2022-12-14 17:46:53 +00:00
Nathaniel Wesley Filardo 7c35c42eae NFC: move get_entropy64 from mem to ds
These functions depend only on the PAL and so can live lower down the
stack.
2022-12-14 17:46:53 +00:00
Nathaniel Wesley Filardo 20c9e57668 NFC: standard_range: update commentary 2022-12-14 17:46:53 +00:00
Nathaniel Wesley Filardo 8f4cc1b4da NFC: lockrange: add note about ancestor() 2022-12-14 17:46:53 +00:00