Граф коммитов

1150 Коммитов

Автор SHA1 Сообщение Дата
Nathaniel Wesley Filardo 6ca39403bf backend_concept: fix typo in IsWritablePagemapWithRegister 2022-12-14 17:46:53 +00:00
Nathaniel Wesley Filardo c084157cc9 CI: parallelize cross-run tests 2022-12-14 14:10:17 +00:00
Nathaniel Wesley Filardo 9207f3d8a0 CI: bring non-power qemu cross CI to ubuntu-latest 2022-12-14 14:10:17 +00:00
Nathaniel Wesley Filardo a396c2d4de CI: workaround qemu's dense memory map 2022-12-14 14:10:17 +00:00
Nathaniel Wesley Filardo c39861f806 CI: fix crossbuild matrix
Sorry, failed to notice that I broke this in the last PR. :(
2022-12-14 14:10:17 +00:00
Nathaniel Wesley Filardo 455cdd8c6d CI: Further fallout from ubuntu 22.04
- Copy and shift our clang-10-specific variant tests onto the latest

- Additionally add 20.04 as a test point, along-side 18.04
2022-12-13 13:56:04 +00:00
Nathaniel Wesley Filardo 939a7f7eae Move std::atomic_flag to std::atomic<bool>
C++20 accidentally deprecated ATOMIC_FLAG_INIT, but in C++17 this is the
only way to reliably initialize an atomic_flag to a known value.
See https://en.cppreference.com/w/cpp/atomic/ATOMIC_FLAG_INIT
2022-12-13 13:56:04 +00:00
Nathaniel Wesley Filardo 524579eea1 CI: push ppc64 cross-run to ubuntu-20.04 host
Work around https://github.com/microsoft/snmalloc/issues/576
2022-12-13 13:56:04 +00:00
Nathaniel Wesley Filardo f23cba0abf CI: move clang-10 tests to ubuntu-20.04
ubuntu-latest no longer has clang-10 available as of
https://github.blog/changelog/2022-11-09-github-actions-ubuntu-latest-workflows-will-use-ubuntu-22-04/

FIXES https://github.com/microsoft/snmalloc/issues/575
2022-12-13 13:56:04 +00:00
David CARLIER 5bb5701b45
LTO support proposal. (#573)
* LTO support proposal.

* giving choice
2022-12-09 20:30:56 +00:00
David CARLIER dd3f4a9037
fatal error making less C for C++20. (#574) 2022-12-09 20:29:00 +00:00
Matthew Parkinson 0a5eb403ad
Change representation of the SeqSet (#568)
This changes the representation of SeqSet to be doubly linked.  This is
required to enable tracking fully used slabs.
2022-10-28 13:13:56 +01:00
Matthew Parkinson ddc5703cc8
Expose pool sort. (#565) 2022-10-10 17:13:10 +01:00
David CARLIER a060462ff6
annotate `alloc` on unixes. (#548)
* annotate `alloc` on unixes.

* changes from feedback
2022-09-25 07:26:59 +01:00
Matthew Parkinson 591dc4c77f
Add indirect range (#562)
* Add indirect range

The ranges currently either completely own the parent range, or it is
a static and thus completely shared.

The indirect range allows sharing without it being global.

Co-authored-by: Nathaniel Filardo <nfilardo@microsoft.com>
2022-09-21 11:15:44 +01:00
Matthew Parkinson fb85216386
Add assertion for initialisation to the pagemap (#560) 2022-09-21 11:14:41 +01:00
Matthew Parkinson 38d4483b27
[NFC] Simplify static constexpr inline (#563)
* [NFC] Simplify static constexpr inline

  `constexpr` => `inline`
and when not in a class scope
  `constexpr` => `static`

This PR removes the redundant use of `inline` and `static`.  It also
prefers
  `static constexpr`
over
  `constexpr static`
2022-09-21 11:14:14 +01:00
Matthew Parkinson 2f8f376db8
Pagemap Rounding (#558)
* Extend pagemap test

Check for possible overlap between heap and pagemap, but writing and
reading the heap.

* Return unalign memory from the pagemap

This commit allows the pagemap to return unaligned range of memory. This
means that bump allocation of multiple pagemaps doesn't
waste as much space.
2022-09-17 14:30:13 +01:00
Matthew Parkinson 15e5a842f5
Update Mac Version. (#559)
* Update Mac Version.

* Update Mac Version.
2022-09-16 20:14:36 +01:00
Matthew Parkinson 11c18082d6
Make smallbuddy handle larger requests correctly (#556)
* Fail more abruptly if the bounds are not exact.

* Move bounding from Pool into Backend.

This commit makes the rounding and the bounding occur in the same
function.

* Enable smallbuddyrange to handle larger requests

The smallbuddy can now pass the larger requests up the range chain if
it cannot satisfy it itself.

* Test larger requests for meta-data.
2022-09-14 12:12:06 +01:00
Nathaniel Wesley Filardo 0ea12d9725 test/func/cheri: verify representability of sizeclasses 2022-09-14 10:10:14 +01:00
Nathaniel Wesley Filardo 50c7500536 AAL: introduce capptr_size_round, use w/ metadata 2022-09-14 10:10:14 +01:00
Matthew Parkinson 2ee522cd22
TSAN CI changes (#555)
* Drop TSAN debug build

* Require TSAN to pass
2022-09-08 11:00:39 +01:00
Matthew Parkinson a118c9b7d8
Separate locking from static range (#540)
Pull a part the locking from the static range. This enables
locking to be added to a range directly, and does not require
it to be made static.  This is useful in cases where the source
of memory is shared between threads, but not static.  I.e. there
are multiple instances of the same type.
2022-09-08 10:40:04 +01:00
Matthew Parkinson 8f8dbd83b5
Missing pragma once. (#554) 2022-09-08 09:54:53 +01:00
Nathaniel Wesley Filardo ad9967b5a4 test/perf/memcpy: also emit snmalloc-checked times 2022-09-07 13:05:49 +01:00
Nathaniel Wesley Filardo c4311b4a41 func/cheri: probe memcpy correctness
Fling some misaligned cases at our memcpy and check the results
2022-09-07 13:05:49 +01:00
Nathaniel Wesley Filardo 2b3897e767 memcpy vs. StrictProvenance
StrictProvenance architectures are likely to impose additional alignment
requirements on their pointer-sized loads and stores.  On the other
hand, we must use pointer-sized loads and stores wherever possible to
ensure achieve copy.  Add a StrictProvenance-aware memcpy architecture
implementation.

Thanks to Matt for suggesting the trick of avoiding even thinking about
capability operations in the too-misaligned 16-31 byte cases as well as
other helpful suggestions.

Co-authored-by: Matthew Parkinson <mattpark@microsoft.com>
2022-09-07 13:05:49 +01:00
Matthew Parkinson 88a2740fe3
Add stricter double free checking on large allocs (#550)
Although, double frees are generally caught on large allocs.  This is
done very late in the process after many operations more operations have
occurred.

This change brings that check much earlier in the process.
2022-09-02 16:53:20 +01:00
Matthew Parkinson f8efcb7f10 Use a more portable way to access the configuration. 2022-08-23 11:09:21 +01:00
Matthew Parkinson a19ad550e7
Update BUILDING.md (#549) 2022-08-23 11:08:51 +01:00
Nathaniel Wesley Filardo 09bc0c6be7 NFC: external_pointer address_cast earlier
Make it easier to justify our avoidance of capptr_from_client and
capptr_reveal in external_pointer by performing address_cast earlier.
In particular, with this change, we can see that the pointer (and so its
authority, in CHERI) is not passed to any called function other than
address_cast and pointer_offset, and so authority is merely propagated
and neither exercised nor amplified.

Remove the long-disused capptr_reveal_wild, which was added for earlier
versions of external_pointer.
2022-07-07 16:57:47 +01:00
Nathaniel Wesley Filardo db3ae1c8e3 NFC: Rename ConceptPAL to IsPAL 2022-07-07 16:57:47 +01:00
Nathaniel Wesley Filardo 9e0fefc3b0 NFC: Rename ConceptAAL to IsAAL 2022-07-07 16:57:47 +01:00
Nathaniel Wesley Filardo b2c75dffb7 NFC: rename ConceptBound to IsBound 2022-07-07 16:57:47 +01:00
Nathaniel Wesley Filardo df1dbc997f Add Morello CI 2022-06-21 15:08:52 +01:00
Nathaniel Wesley Filardo 467c28b2d3 Add buffer append method for {,u}intptr_t
Otherwise, on platforms for which {,u}intptr_t aren't just typedef-s of
other scalar types, it's ambiguous which way an implicit cast should go.
2022-06-21 13:57:53 +01:00
Matthias Wahl c560a9aa27
Fix wrong ifdef in pal_linux.h (#546) 2022-06-17 10:48:27 +01:00
Matthias Wahl 6b0bda01c7
Support older linux systems (#545)
* Fix pal_linux.h for older linux systems

Where MADV_FREE is not defined - replaced with MADV_DONTNEED
Where GRND_NONBLOCK is not defined in <sys/random.h> but in <linux/random.h>

* Check for linux/random.h in CMake

as __has_include seems to not be reliable

* Use CMake module CheckIncludeFilesCXX

as C language isn't enabled by default everywhere

* Move madvise flag ifdefs into constexpr for cleaner code
2022-06-17 06:16:32 +01:00
Nathaniel Wesley Filardo 3e72ef63ad NFC: cmake: add SNMALLOC_LINK_ICF, default on
ICF currently breaks building on Morello, so allow cmake to notch it out.
2022-06-09 14:20:36 +01:00
Nathaniel Wesley Filardo da19291d4e RFC: Add tests for some CHERI-specific behaviors 2022-06-09 01:05:04 +01:00
Nathaniel Wesley Filardo 095e8f13db func-malloc: expand CHERI tests to check no-VMEM 2022-06-09 01:05:04 +01:00
Nathaniel Wesley Filardo 3fce61eafb docs: Update StrictProvenance 2022-06-09 01:05:04 +01:00
Nathaniel Wesley Filardo 1f79c7638a mem/pool: Alloc-bound pooled things
These pieces of metadata (specifically, the Allocator structures) are never
deallocated at the moment, so we need not consider how we might amplify these
bounded pointers back to higher authority.
2022-06-09 01:05:04 +01:00
Nathaniel Wesley Filardo 94957f0f72 StrictProvenance support in Backend
Wrap the FrontendSlabMetadata with a struct that holds the Arena-bounded
authority for Chunks that the Backend ships out to the Frontend or, for
non-StrictProvenance architecture, encapsulates the sleight of hand that turns
Chunk-bounded CapPtr-s to Arena-bounded ones.
2022-06-09 01:05:04 +01:00
Nathaniel Wesley Filardo 86124ba26c backend ranges: use Arena bounds throughout
Update the backend concept so that metadata allocations are Arena-bounded.
2022-06-09 01:05:04 +01:00
Nathaniel Wesley Filardo a78a16e637 smallbuddy ranges are only for small things
Now that we've split the range Pipe-line externally, the small-buddy ranges
should never be seeing large requests.
2022-06-09 01:05:04 +01:00
Nathaniel Wesley Filardo 83ac7c691e backend ranges: hide object_range behind accessor
This allows us to have a single Pipe-line of ranges where we can, nevertheless,
jump over the small buddy allocator when making large allocations.  This, in
turn, will let us differentiate the types coming from the small end and the
large "tap" on this Pipe-line.
2022-06-09 01:05:04 +01:00
Nathaniel Wesley Filardo aa61b59a8f NFC: Generalize smallbuddyrange bounds annotations
Make these generic, with the SmallBuddyRange taking its cue from the parent
Range, since we're about to change them anyway and might want to vary them again
in the future.
2022-06-09 01:05:04 +01:00
Nathaniel Wesley Filardo f41bb321f7 RFC: Hide CapPtr constructor
Expose a static CapPtr<T,B>::unsafe_from() and use that everywhere instead
(though continue to allow implicit and explicit construction of CapPtr from
nullptr).
2022-06-09 01:05:04 +01:00