• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 // Copyright 2017 The Chromium Authors
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 #ifndef BASE_ALLOCATOR_PARTITION_ALLOCATOR_SRC_PARTITION_ALLOC_SHIM_MALLOC_ZONE_FUNCTIONS_APPLE_H_
6 #define BASE_ALLOCATOR_PARTITION_ALLOCATOR_SRC_PARTITION_ALLOC_SHIM_MALLOC_ZONE_FUNCTIONS_APPLE_H_
7 
8 #include "partition_alloc/partition_alloc_buildflags.h"
9 
10 #if BUILDFLAG(USE_ALLOCATOR_SHIM)
11 #include <malloc/malloc.h>
12 #include <stddef.h>
13 
14 #include "partition_alloc/partition_alloc_base/component_export.h"
15 #include "partition_alloc/partition_alloc_base/immediate_crash.h"
16 #include "partition_alloc/third_party/apple_apsl/malloc.h"
17 
18 namespace allocator_shim {
19 
20 typedef void* (*malloc_type)(struct _malloc_zone_t* zone, size_t size);
21 typedef void* (*calloc_type)(struct _malloc_zone_t* zone,
22                              size_t num_items,
23                              size_t size);
24 typedef void* (*valloc_type)(struct _malloc_zone_t* zone, size_t size);
25 typedef void (*free_type)(struct _malloc_zone_t* zone, void* ptr);
26 typedef void* (*realloc_type)(struct _malloc_zone_t* zone,
27                               void* ptr,
28                               size_t size);
29 typedef void* (*memalign_type)(struct _malloc_zone_t* zone,
30                                size_t alignment,
31                                size_t size);
32 typedef unsigned (*batch_malloc_type)(struct _malloc_zone_t* zone,
33                                       size_t size,
34                                       void** results,
35                                       unsigned num_requested);
36 typedef void (*batch_free_type)(struct _malloc_zone_t* zone,
37                                 void** to_be_freed,
38                                 unsigned num_to_be_freed);
39 typedef void (*free_definite_size_type)(struct _malloc_zone_t* zone,
40                                         void* ptr,
41                                         size_t size);
42 typedef void (*try_free_default_type)(struct _malloc_zone_t* zone, void* ptr);
43 typedef size_t (*size_fn_type)(struct _malloc_zone_t* zone, const void* ptr);
44 typedef size_t (*good_size_fn_type)(struct _malloc_zone_t* zone, size_t size);
45 typedef boolean_t (*claimed_address_type)(struct _malloc_zone_t* zone,
46                                           void* ptr);
47 
48 struct MallocZoneFunctions {
49   malloc_type malloc;
50   calloc_type calloc;
51   valloc_type valloc;
52   free_type free;
53   realloc_type realloc;
54   memalign_type memalign;
55   batch_malloc_type batch_malloc;
56   batch_free_type batch_free;
57   free_definite_size_type free_definite_size;
58   try_free_default_type try_free_default;
59   size_fn_type size;
60   good_size_fn_type good_size;
61   claimed_address_type claimed_address;
62   const ChromeMallocZone* context;
63 };
64 
65 PA_COMPONENT_EXPORT(ALLOCATOR_SHIM)
66 void StoreZoneFunctions(const ChromeMallocZone* zone,
67                         MallocZoneFunctions* functions);
68 static constexpr int kMaxZoneCount = 30;
69 PA_COMPONENT_EXPORT(ALLOCATOR_SHIM)
70 extern MallocZoneFunctions g_malloc_zones[kMaxZoneCount];
71 
72 // The array g_malloc_zones stores all information about malloc zones before
73 // they are shimmed. This information needs to be accessed during dispatch back
74 // into the zone, and additional zones may be added later in the execution fo
75 // the program, so the array needs to be both thread-safe and high-performance.
76 //
77 // We begin by creating an array of MallocZoneFunctions of fixed size. We will
78 // never modify the container, which provides thread-safety to iterators.  When
79 // we want to add a MallocZoneFunctions to the container, we:
80 //   1. Fill in all the fields.
81 //   2. Update the total zone count.
82 //   3. Insert a memory barrier.
83 //   4. Insert our shim.
84 //
85 // Each MallocZoneFunctions is uniquely identified by |context|, which is a
86 // pointer to the original malloc zone. When we wish to dispatch back to the
87 // original malloc zones, we iterate through the array, looking for a matching
88 // |context|.
89 //
90 // Most allocations go through the default allocator. We will ensure that the
91 // default allocator is stored as the first MallocZoneFunctions.
92 //
93 // Returns whether the zone was successfully stored.
94 PA_COMPONENT_EXPORT(ALLOCATOR_SHIM)
95 bool StoreMallocZone(ChromeMallocZone* zone);
96 PA_COMPONENT_EXPORT(ALLOCATOR_SHIM)
97 bool IsMallocZoneAlreadyStored(ChromeMallocZone* zone);
98 PA_COMPONENT_EXPORT(ALLOCATOR_SHIM)
99 bool DoesMallocZoneNeedReplacing(ChromeMallocZone* zone,
100                                  const MallocZoneFunctions* functions);
101 
102 PA_COMPONENT_EXPORT(ALLOCATOR_SHIM) int GetMallocZoneCountForTesting();
103 PA_COMPONENT_EXPORT(ALLOCATOR_SHIM) void ClearAllMallocZonesForTesting();
104 
GetFunctionsForZone(void * zone)105 inline MallocZoneFunctions& GetFunctionsForZone(void* zone) {
106   for (unsigned int i = 0; i < kMaxZoneCount; ++i) {
107     if (g_malloc_zones[i].context == zone) {
108       return g_malloc_zones[i];
109     }
110   }
111   PA_IMMEDIATE_CRASH();
112 }
113 
114 }  // namespace allocator_shim
115 
116 #endif  // BUILDFLAG(USE_ALLOCATOR_SHIM)
117 
118 #endif  // BASE_ALLOCATOR_PARTITION_ALLOCATOR_SRC_PARTITION_ALLOC_SHIM_MALLOC_ZONE_FUNCTIONS_APPLE_H_
119