1 //===-- tsan_sync.cpp -----------------------------------------------------===//
2 //
3 // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
4 // See https://llvm.org/LICENSE.txt for license information.
5 // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
6 //
7 //===----------------------------------------------------------------------===//
8 //
9 // This file is a part of ThreadSanitizer (TSan), a race detector.
10 //
11 //===----------------------------------------------------------------------===//
12 #include "sanitizer_common/sanitizer_placement_new.h"
13 #include "tsan_sync.h"
14 #include "tsan_rtl.h"
15 #include "tsan_mman.h"
16
17 namespace __tsan {
18
19 void DDMutexInit(ThreadState *thr, uptr pc, SyncVar *s);
20
SyncVar()21 SyncVar::SyncVar()
22 : mtx(MutexTypeSyncVar, StatMtxSyncVar) {
23 Reset(0);
24 }
25
Init(ThreadState * thr,uptr pc,uptr addr,u64 uid)26 void SyncVar::Init(ThreadState *thr, uptr pc, uptr addr, u64 uid) {
27 this->addr = addr;
28 this->uid = uid;
29 this->next = 0;
30
31 creation_stack_id = 0;
32 if (!SANITIZER_GO) // Go does not use them
33 creation_stack_id = CurrentStackId(thr, pc);
34 if (common_flags()->detect_deadlocks)
35 DDMutexInit(thr, pc, this);
36 }
37
Reset(Processor * proc)38 void SyncVar::Reset(Processor *proc) {
39 uid = 0;
40 creation_stack_id = 0;
41 owner_tid = kInvalidTid;
42 last_lock = 0;
43 recursion = 0;
44 atomic_store_relaxed(&flags, 0);
45
46 if (proc == 0) {
47 CHECK_EQ(clock.size(), 0);
48 CHECK_EQ(read_clock.size(), 0);
49 } else {
50 clock.Reset(&proc->clock_cache);
51 read_clock.Reset(&proc->clock_cache);
52 }
53 }
54
MetaMap()55 MetaMap::MetaMap()
56 : block_alloc_("heap block allocator")
57 , sync_alloc_("sync allocator") {
58 atomic_store(&uid_gen_, 0, memory_order_relaxed);
59 }
60
AllocBlock(ThreadState * thr,uptr pc,uptr p,uptr sz)61 void MetaMap::AllocBlock(ThreadState *thr, uptr pc, uptr p, uptr sz) {
62 u32 idx = block_alloc_.Alloc(&thr->proc()->block_cache);
63 MBlock *b = block_alloc_.Map(idx);
64 b->siz = sz;
65 b->tag = 0;
66 b->tid = thr->tid;
67 b->stk = CurrentStackId(thr, pc);
68 u32 *meta = MemToMeta(p);
69 DCHECK_EQ(*meta, 0);
70 *meta = idx | kFlagBlock;
71 }
72
FreeBlock(Processor * proc,uptr p)73 uptr MetaMap::FreeBlock(Processor *proc, uptr p) {
74 MBlock* b = GetBlock(p);
75 if (b == 0)
76 return 0;
77 uptr sz = RoundUpTo(b->siz, kMetaShadowCell);
78 FreeRange(proc, p, sz);
79 return sz;
80 }
81
FreeRange(Processor * proc,uptr p,uptr sz)82 bool MetaMap::FreeRange(Processor *proc, uptr p, uptr sz) {
83 bool has_something = false;
84 u32 *meta = MemToMeta(p);
85 u32 *end = MemToMeta(p + sz);
86 if (end == meta)
87 end++;
88 for (; meta < end; meta++) {
89 u32 idx = *meta;
90 if (idx == 0) {
91 // Note: don't write to meta in this case -- the block can be huge.
92 continue;
93 }
94 *meta = 0;
95 has_something = true;
96 while (idx != 0) {
97 if (idx & kFlagBlock) {
98 block_alloc_.Free(&proc->block_cache, idx & ~kFlagMask);
99 break;
100 } else if (idx & kFlagSync) {
101 DCHECK(idx & kFlagSync);
102 SyncVar *s = sync_alloc_.Map(idx & ~kFlagMask);
103 u32 next = s->next;
104 s->Reset(proc);
105 sync_alloc_.Free(&proc->sync_cache, idx & ~kFlagMask);
106 idx = next;
107 } else {
108 CHECK(0);
109 }
110 }
111 }
112 return has_something;
113 }
114
115 // ResetRange removes all meta objects from the range.
116 // It is called for large mmap-ed regions. The function is best-effort wrt
117 // freeing of meta objects, because we don't want to page in the whole range
118 // which can be huge. The function probes pages one-by-one until it finds a page
119 // without meta objects, at this point it stops freeing meta objects. Because
120 // thread stacks grow top-down, we do the same starting from end as well.
ResetRange(Processor * proc,uptr p,uptr sz)121 void MetaMap::ResetRange(Processor *proc, uptr p, uptr sz) {
122 if (SANITIZER_GO) {
123 // UnmapOrDie/MmapFixedNoReserve does not work on Windows,
124 // so we do the optimization only for C/C++.
125 FreeRange(proc, p, sz);
126 return;
127 }
128 const uptr kMetaRatio = kMetaShadowCell / kMetaShadowSize;
129 const uptr kPageSize = GetPageSizeCached() * kMetaRatio;
130 if (sz <= 4 * kPageSize) {
131 // If the range is small, just do the normal free procedure.
132 FreeRange(proc, p, sz);
133 return;
134 }
135 // First, round both ends of the range to page size.
136 uptr diff = RoundUp(p, kPageSize) - p;
137 if (diff != 0) {
138 FreeRange(proc, p, diff);
139 p += diff;
140 sz -= diff;
141 }
142 diff = p + sz - RoundDown(p + sz, kPageSize);
143 if (diff != 0) {
144 FreeRange(proc, p + sz - diff, diff);
145 sz -= diff;
146 }
147 // Now we must have a non-empty page-aligned range.
148 CHECK_GT(sz, 0);
149 CHECK_EQ(p, RoundUp(p, kPageSize));
150 CHECK_EQ(sz, RoundUp(sz, kPageSize));
151 const uptr p0 = p;
152 const uptr sz0 = sz;
153 // Probe start of the range.
154 for (uptr checked = 0; sz > 0; checked += kPageSize) {
155 bool has_something = FreeRange(proc, p, kPageSize);
156 p += kPageSize;
157 sz -= kPageSize;
158 if (!has_something && checked > (128 << 10))
159 break;
160 }
161 // Probe end of the range.
162 for (uptr checked = 0; sz > 0; checked += kPageSize) {
163 bool has_something = FreeRange(proc, p + sz - kPageSize, kPageSize);
164 sz -= kPageSize;
165 // Stacks grow down, so sync object are most likely at the end of the region
166 // (if it is a stack). The very end of the stack is TLS and tsan increases
167 // TLS by at least 256K, so check at least 512K.
168 if (!has_something && checked > (512 << 10))
169 break;
170 }
171 // Finally, page out the whole range (including the parts that we've just
172 // freed). Note: we can't simply madvise, because we need to leave a zeroed
173 // range (otherwise __tsan_java_move can crash if it encounters a left-over
174 // meta objects in java heap).
175 uptr metap = (uptr)MemToMeta(p0);
176 uptr metasz = sz0 / kMetaRatio;
177 UnmapOrDie((void*)metap, metasz);
178 if (!MmapFixedSuperNoReserve(metap, metasz))
179 Die();
180 }
181
GetBlock(uptr p)182 MBlock* MetaMap::GetBlock(uptr p) {
183 u32 *meta = MemToMeta(p);
184 u32 idx = *meta;
185 for (;;) {
186 if (idx == 0)
187 return 0;
188 if (idx & kFlagBlock)
189 return block_alloc_.Map(idx & ~kFlagMask);
190 DCHECK(idx & kFlagSync);
191 SyncVar * s = sync_alloc_.Map(idx & ~kFlagMask);
192 idx = s->next;
193 }
194 }
195
GetOrCreateAndLock(ThreadState * thr,uptr pc,uptr addr,bool write_lock)196 SyncVar* MetaMap::GetOrCreateAndLock(ThreadState *thr, uptr pc,
197 uptr addr, bool write_lock) {
198 return GetAndLock(thr, pc, addr, write_lock, true);
199 }
200
GetIfExistsAndLock(uptr addr,bool write_lock)201 SyncVar* MetaMap::GetIfExistsAndLock(uptr addr, bool write_lock) {
202 return GetAndLock(0, 0, addr, write_lock, false);
203 }
204
GetAndLock(ThreadState * thr,uptr pc,uptr addr,bool write_lock,bool create)205 SyncVar* MetaMap::GetAndLock(ThreadState *thr, uptr pc,
206 uptr addr, bool write_lock, bool create) {
207 u32 *meta = MemToMeta(addr);
208 u32 idx0 = *meta;
209 u32 myidx = 0;
210 SyncVar *mys = 0;
211 for (;;) {
212 u32 idx = idx0;
213 for (;;) {
214 if (idx == 0)
215 break;
216 if (idx & kFlagBlock)
217 break;
218 DCHECK(idx & kFlagSync);
219 SyncVar * s = sync_alloc_.Map(idx & ~kFlagMask);
220 if (s->addr == addr) {
221 if (myidx != 0) {
222 mys->Reset(thr->proc());
223 sync_alloc_.Free(&thr->proc()->sync_cache, myidx);
224 }
225 if (write_lock)
226 s->mtx.Lock();
227 else
228 s->mtx.ReadLock();
229 return s;
230 }
231 idx = s->next;
232 }
233 if (!create)
234 return 0;
235 if (*meta != idx0) {
236 idx0 = *meta;
237 continue;
238 }
239
240 if (myidx == 0) {
241 const u64 uid = atomic_fetch_add(&uid_gen_, 1, memory_order_relaxed);
242 myidx = sync_alloc_.Alloc(&thr->proc()->sync_cache);
243 mys = sync_alloc_.Map(myidx);
244 mys->Init(thr, pc, addr, uid);
245 }
246 mys->next = idx0;
247 if (atomic_compare_exchange_strong((atomic_uint32_t*)meta, &idx0,
248 myidx | kFlagSync, memory_order_release)) {
249 if (write_lock)
250 mys->mtx.Lock();
251 else
252 mys->mtx.ReadLock();
253 return mys;
254 }
255 }
256 }
257
MoveMemory(uptr src,uptr dst,uptr sz)258 void MetaMap::MoveMemory(uptr src, uptr dst, uptr sz) {
259 // src and dst can overlap,
260 // there are no concurrent accesses to the regions (e.g. stop-the-world).
261 CHECK_NE(src, dst);
262 CHECK_NE(sz, 0);
263 uptr diff = dst - src;
264 u32 *src_meta = MemToMeta(src);
265 u32 *dst_meta = MemToMeta(dst);
266 u32 *src_meta_end = MemToMeta(src + sz);
267 uptr inc = 1;
268 if (dst > src) {
269 src_meta = MemToMeta(src + sz) - 1;
270 dst_meta = MemToMeta(dst + sz) - 1;
271 src_meta_end = MemToMeta(src) - 1;
272 inc = -1;
273 }
274 for (; src_meta != src_meta_end; src_meta += inc, dst_meta += inc) {
275 CHECK_EQ(*dst_meta, 0);
276 u32 idx = *src_meta;
277 *src_meta = 0;
278 *dst_meta = idx;
279 // Patch the addresses in sync objects.
280 while (idx != 0) {
281 if (idx & kFlagBlock)
282 break;
283 CHECK(idx & kFlagSync);
284 SyncVar *s = sync_alloc_.Map(idx & ~kFlagMask);
285 s->addr += diff;
286 idx = s->next;
287 }
288 }
289 }
290
OnProcIdle(Processor * proc)291 void MetaMap::OnProcIdle(Processor *proc) {
292 block_alloc_.FlushCache(&proc->block_cache);
293 sync_alloc_.FlushCache(&proc->sync_cache);
294 }
295
296 } // namespace __tsan
297