Dyntopo sculpt: add support for asan to mempool

2021-06-25 15:04:09 -07:00 · 2021-06-25 15:04:09 -07:00 · 5a7b9adef1
parent d293de425f
commit 5a7b9adef1
5 changed files with 111 additions and 21 deletions
--- a/intern/guardedalloc/CMakeLists.txt
+++ b/intern/guardedalloc/CMakeLists.txt
@ -21,6 +21,7 @@
 set(INC
  .
  ../atomic
+  ../../source/blender/blenlib
 )

 set(INC_SYS
--- a/intern/guardedalloc/intern/mallocn_lockfree_impl.c
+++ b/intern/guardedalloc/intern/mallocn_lockfree_impl.c
@ -30,6 +30,7 @@

 /* to ensure strict conversions */
 #include "../../source/blender/blenlib/BLI_strict_flags.h"
+#include "../../source/blender/blenlib/BLI_asan.h"

 #include "atomic_ops.h"
 #include "mallocn_intern.h"
@ -59,6 +60,9 @@ enum {
 #define MEMHEAD_ALIGNED_FROM_PTR(ptr) (((MemHeadAligned *)ptr) - 1)
 #define MEMHEAD_IS_ALIGNED(memhead) ((memhead)->len & (size_t)MEMHEAD_ALIGN_FLAG)

+#define MEM_POISON_MEMHEAD(vmemh) BLI_asan_poison(MEMHEAD_FROM_PTR(vmemh), sizeof(MemHead))
+#define MEM_UNPOISON_MEMHEAD(vmemh) BLI_asan_unpoison(MEMHEAD_FROM_PTR(vmemh), sizeof(MemHead))
+
 /* Uncomment this to have proper peak counter. */
 #define USE_ATOMIC_MAX

@ -93,7 +97,13 @@ print_error(const char *str, ...)
 size_t MEM_lockfree_allocN_len(const void *vmemh)
 {
  if (vmemh) {
-    return MEMHEAD_FROM_PTR(vmemh)->len & ~((size_t)(MEMHEAD_ALIGN_FLAG));
+    size_t ret;
+
+    MEM_UNPOISON_MEMHEAD(vmemh);
+    ret = MEMHEAD_FROM_PTR(vmemh)->len & ~((size_t)(MEMHEAD_ALIGN_FLAG));
+    MEM_POISON_MEMHEAD(vmemh);
+
+    return ret;
  }

  return 0;
@ -119,6 +129,8 @@ void MEM_lockfree_freeN(void *vmemh)
  atomic_sub_and_fetch_u(&totblock, 1);
  atomic_sub_and_fetch_z(&mem_in_use, len);

+  MEM_UNPOISON_MEMHEAD(vmemh);
+
  if (UNLIKELY(malloc_debug_memset && len)) {
    memset(memh + 1, 255, len);
  }
@ -137,6 +149,9 @@ void *MEM_lockfree_dupallocN(const void *vmemh)
  if (vmemh) {
    MemHead *memh = MEMHEAD_FROM_PTR(vmemh);
    const size_t prev_size = MEM_lockfree_allocN_len(vmemh);
+
+    MEM_UNPOISON_MEMHEAD(vmemh);
+
    if (UNLIKELY(MEMHEAD_IS_ALIGNED(memh))) {
      MemHeadAligned *memh_aligned = MEMHEAD_ALIGNED_FROM_PTR(vmemh);
      newp = MEM_lockfree_mallocN_aligned(
@ -145,6 +160,8 @@ void *MEM_lockfree_dupallocN(const void *vmemh)
    else {
      newp = MEM_lockfree_mallocN(prev_size, "dupli_malloc");
    }
+
+    MEM_POISON_MEMHEAD(vmemh);
    memcpy(newp, vmemh, prev_size);
  }
  return newp;
@ -158,6 +175,8 @@ void *MEM_lockfree_reallocN_id(void *vmemh, size_t len, const char *str)
    MemHead *memh = MEMHEAD_FROM_PTR(vmemh);
    size_t old_len = MEM_lockfree_allocN_len(vmemh);

+    MEM_UNPOISON_MEMHEAD(vmemh);
+
    if (LIKELY(!MEMHEAD_IS_ALIGNED(memh))) {
      newp = MEM_lockfree_mallocN(len, "realloc");
    }
@ -166,6 +185,8 @@ void *MEM_lockfree_reallocN_id(void *vmemh, size_t len, const char *str)
      newp = MEM_lockfree_mallocN_aligned(len, (size_t)memh_aligned->alignment, "realloc");
    }

+    MEM_POISON_MEMHEAD(vmemh);
+
    if (newp) {
      if (len < old_len) {
        /* shrink */
@ -194,6 +215,8 @@ void *MEM_lockfree_recallocN_id(void *vmemh, size_t len, const char *str)
    MemHead *memh = MEMHEAD_FROM_PTR(vmemh);
    size_t old_len = MEM_lockfree_allocN_len(vmemh);

+    MEM_UNPOISON_MEMHEAD(vmemh);
+
    if (LIKELY(!MEMHEAD_IS_ALIGNED(memh))) {
      newp = MEM_lockfree_mallocN(len, "recalloc");
    }
@ -201,6 +224,7 @@ void *MEM_lockfree_recallocN_id(void *vmemh, size_t len, const char *str)
      MemHeadAligned *memh_aligned = MEMHEAD_ALIGNED_FROM_PTR(vmemh);
      newp = MEM_lockfree_mallocN_aligned(len, (size_t)memh_aligned->alignment, "recalloc");
    }
+    MEM_POISON_MEMHEAD(vmemh);

    if (newp) {
      if (len < old_len) {
@ -241,6 +265,7 @@ void *MEM_lockfree_callocN(size_t len, const char *str)
    atomic_add_and_fetch_z(&mem_in_use, len);
    update_maximum(&peak_mem, mem_in_use);

+    MEM_POISON_MEMHEAD(PTR_FROM_MEMHEAD(memh));
    return PTR_FROM_MEMHEAD(memh);
  }
  print_error("Calloc returns null: len=" SIZET_FORMAT " in %s, total %u\n",
@ -286,6 +311,8 @@ void *MEM_lockfree_mallocN(size_t len, const char *str)
    atomic_add_and_fetch_z(&mem_in_use, len);
    update_maximum(&peak_mem, mem_in_use);

+    MEM_POISON_MEMHEAD(PTR_FROM_MEMHEAD(memh));
+
    return PTR_FROM_MEMHEAD(memh);
  }
  print_error("Malloc returns null: len=" SIZET_FORMAT " in %s, total %u\n",
@ -357,6 +384,8 @@ void *MEM_lockfree_mallocN_aligned(size_t len, size_t alignment, const char *str
    atomic_add_and_fetch_z(&mem_in_use, len);
    update_maximum(&peak_mem, mem_in_use);

+    MEM_POISON_MEMHEAD(PTR_FROM_MEMHEAD(memh));
+
    return PTR_FROM_MEMHEAD(memh);
  }
  print_error("Malloc returns null: len=" SIZET_FORMAT " in %s, total %u\n",
--- a/source/blender/blenlib/BLI_asan.h
+++ b/source/blender/blenlib/BLI_asan.h
@ -21,8 +21,8 @@
 #  define __has_feature(x) 0
 #endif

-#if (defined(__SANITIZE_ADDRESS__) || __has_feature(address_sanitizer)) && !defined(_MSC_VER)
-#  include "sanitizer/asan_interface.h"
+#if (defined(__SANITIZE_ADDRESS__) || __has_feature(address_sanitizer))
+#    include "sanitizer/asan_interface.h"
 #else
 /* Ensure return value is used. Just using UNUSED_VARS results in a warning. */
 #  define ASAN_POISON_MEMORY_REGION(addr, size) (void)(0 && ((size) != 0 && (addr) != NULL))
--- a/source/blender/blenlib/intern/BLI_mempool.c
+++ b/source/blender/blenlib/intern/BLI_mempool.c
@ -36,6 +36,7 @@

 #include "BLI_utildefines.h"

+#include "BLI_asan.h"
 #include "BLI_mempool.h"         /* own include */
 #include "BLI_mempool_private.h" /* own include */

@ -222,22 +223,42 @@ static BLI_freenode *mempool_chunk_add(BLI_mempool *pool,
  j = pool->pchunk;
  if (pool->flag & BLI_MEMPOOL_ALLOW_ITER) {
    while (j--) {
-      curnode->next = NODE_STEP_NEXT(curnode);
+      BLI_freenode *next;
+
+      BLI_asan_unpoison(curnode, pool->esize);
+
+      curnode->next = next = NODE_STEP_NEXT(curnode);
      curnode->freeword = FREEWORD;
-      curnode = curnode->next;
+
+      BLI_asan_poison(curnode, pool->esize);
+
+      curnode = next;
    }
  }
  else {
    while (j--) {
-      curnode->next = NODE_STEP_NEXT(curnode);
-      curnode = curnode->next;
+      BLI_freenode *next;
+
+      BLI_asan_unpoison(curnode, pool->esize);
+      curnode->next = next = NODE_STEP_NEXT(curnode);
+      BLI_asan_poison(curnode, pool->esize);
+
+      curnode = next;
    }
  }

  /* terminate the list (rewind one)
   * will be overwritten if 'curnode' gets passed in again as 'last_tail' */
+
+  BLI_asan_unpoison(curnode, pool->esize);
+  BLI_freenode *prev = NODE_STEP_PREV(curnode);
+  BLI_asan_poison(curnode, pool->esize);
+
  curnode = NODE_STEP_PREV(curnode);
+
+  BLI_asan_unpoison(curnode, pool->esize);
  curnode->next = NULL;
+  BLI_asan_poison(curnode, pool->esize);

 #ifdef USE_TOTALLOC
  pool->totalloc += pool->pchunk;
@ -245,7 +266,9 @@ static BLI_freenode *mempool_chunk_add(BLI_mempool *pool,

  /* final pointer in the previously allocated chunk is wrong */
  if (last_tail) {
+    BLI_asan_unpoison(last_tail, pool->esize);
    last_tail->next = CHUNK_DATA(mpchunk);
+    BLI_asan_poison(last_tail, pool->esize);
  }

  return curnode;
@ -352,18 +375,19 @@ BLI_mempool *BLI_mempool_create_for_tasks(const unsigned int esize,
  return pool;
 }

-static void mempool_chunk_free(BLI_mempool_chunk *mpchunk)
+static void mempool_chunk_free(BLI_mempool_chunk *mpchunk, BLI_mempool *pool)
 {
+  BLI_asan_unpoison(mpchunk, sizeof(BLI_mempool_chunk) + pool->esize * pool->csize);
  MEM_freeN(mpchunk);
 }

-static void mempool_chunk_free_all(BLI_mempool_chunk *mpchunk)
+static void mempool_chunk_free_all(BLI_mempool_chunk *mpchunk, BLI_mempool *pool)
 {
  BLI_mempool_chunk *mpchunk_next;

  for (; mpchunk; mpchunk = mpchunk_next) {
    mpchunk_next = mpchunk->next;
-    mempool_chunk_free(mpchunk);
+    mempool_chunk_free(mpchunk, pool);
  }
 }

@ -445,6 +469,8 @@ void *BLI_mempool_alloc(BLI_mempool *pool)

  free_pop = pool->free;

+  BLI_asan_unpoison(free_pop, pool->esize);
+
  BLI_assert(pool->chunk_tail->next == NULL);

  if (pool->flag & BLI_MEMPOOL_ALLOW_ITER) {
@ -509,6 +535,8 @@ void BLI_mempool_free(BLI_mempool *pool, void *addr)
  newhead->next = pool->free;
  pool->free = newhead;

+  BLI_asan_poison(newhead, pool->esize);
+
  pool->totused--;

 #ifdef WITH_MEM_VALGRIND
@ -523,7 +551,7 @@ void BLI_mempool_free(BLI_mempool *pool, void *addr)
    BLI_mempool_chunk *first;

    first = pool->chunks;
-    mempool_chunk_free_all(first->next);
+    mempool_chunk_free_all(first->next, pool);
    first->next = NULL;
    pool->chunk_tail = first;

@ -541,11 +569,21 @@ void BLI_mempool_free(BLI_mempool *pool, void *addr)

    j = pool->pchunk;
    while (j--) {
-      curnode->next = NODE_STEP_NEXT(curnode);
-      curnode = curnode->next;
+      BLI_asan_unpoison(curnode, pool->esize);
+      BLI_freenode *next = curnode->next = NODE_STEP_NEXT(curnode);
+      BLI_asan_poison(curnode, pool->esize);
+      curnode = next;
    }
-    curnode = NODE_STEP_PREV(curnode);
+
+    BLI_asan_unpoison(curnode, pool->esize);
+    BLI_freenode *prev = NODE_STEP_PREV(curnode);
+    BLI_asan_poison(curnode, pool->esize);
+
+    curnode = prev;
+
+    BLI_asan_unpoison(curnode, pool->esize);
    curnode->next = NULL; /* terminate the list */
+    BLI_asan_poison(curnode, pool->esize);

 #ifdef WITH_MEM_VALGRIND
    VALGRIND_MEMPOOL_FREE(pool, CHUNK_DATA(first));
@ -739,12 +777,16 @@ void *BLI_mempool_iterstep(BLI_mempool_iter *iter)
    return NULL;
  }

+  intptr_t freeword = 0;
+
  const uint esize = iter->pool->esize;
  BLI_freenode *curnode = POINTER_OFFSET(CHUNK_DATA(iter->curchunk), (esize * iter->curindex));
  BLI_freenode *ret;
  do {
    ret = curnode;

+    BLI_asan_unpoison(ret, iter->pool->esize);
+
    if (++iter->curindex != iter->pool->pchunk) {
      curnode = POINTER_OFFSET(curnode, esize);
    }
@ -752,7 +794,13 @@ void *BLI_mempool_iterstep(BLI_mempool_iter *iter)
      iter->curindex = 0;
      iter->curchunk = iter->curchunk->next;
      if (UNLIKELY(iter->curchunk == NULL)) {
-        return (ret->freeword == FREEWORD) ? NULL : ret;
+        BLI_asan_unpoison(ret, iter->pool->esize);
+        void *ret2 = (ret->freeword == FREEWORD) ? NULL : ret;
+
+        if (ret->freeword == FREEWORD) {
+          BLI_asan_poison(ret, iter->pool->esize);
+        }
+        return ret2;
      }
      curnode = CHUNK_DATA(iter->curchunk);
    }
@ -800,10 +848,22 @@ void *mempool_iter_threadsafe_step(BLI_mempool_threadsafe_iter *ts_iter)

      iter->curchunk = iter->curchunk->next;
      if (UNLIKELY(iter->curchunk == NULL)) {
-        return (ret->freeword == FREEWORD) ? NULL : ret;
+        BLI_asan_unpoison(ret, iter->pool->esize);
+
+        void *ret2 = (ret->freeword == FREEWORD) ? NULL : ret;
+
+        if (ret->freeword == FREEWORD) {
+          BLI_asan_poison(ret, iter->pool->esize);
+        }
+
+        return ret2;
      }
      curnode = CHUNK_DATA(iter->curchunk);
    }
+
+    if (ret->freeword == FREEWORD) {
+      BLI_asan_poison(ret, iter->pool->esize);
+    }
  } while (ret->freeword == FREEWORD);

  return ret;
@ -848,7 +908,7 @@ void BLI_mempool_clear_ex(BLI_mempool *pool, const int totelem_reserve)

    do {
      mpchunk_next = mpchunk->next;
-      mempool_chunk_free(mpchunk);
+      mempool_chunk_free(mpchunk, pool);
    } while ((mpchunk = mpchunk_next));
  }

@ -882,7 +942,7 @@ void BLI_mempool_clear(BLI_mempool *pool)
 */
 void BLI_mempool_destroy(BLI_mempool *pool)
 {
-  mempool_chunk_free_all(pool->chunks);
+  mempool_chunk_free_all(pool->chunks, pool);

 #ifdef WITH_MEM_VALGRIND
  VALGRIND_DESTROY_MEMPOOL(pool);
--- a/source/blender/bmesh/intern/bmesh_mesh_convert_threaded.c
+++ b/source/blender/bmesh/intern/bmesh_mesh_convert_threaded.c
@ -394,9 +394,9 @@ BMesh *BM_mesh_bm_from_me_threaded(BMesh *bm,
  MLoop *mloop;
  MPoly *mp;
  KeyBlock *actkey, *block;
-  BMVert *v, **vtable = NULL;
-  BMEdge *e, **etable = NULL;
-  BMFace *f, **ftable = NULL;
+  BMVert *v;
+  BMEdge *e;
+  BMFace *f;
  float(*keyco)[3] = NULL;
  int totloops, i;
  CustomData_MeshMasks mask = CD_MASK_BMESH;