Fully support read/write memory-mapped files for persistent memory.

base/metrics/persistent_memory_allocator.cc

 // Copyright (c) 2015 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "base/metrics/persistent_memory_allocator.h"
 
 #include <assert.h>
 #include <algorithm>
 
 #include "base/files/memory_mapped_file.h"
 #include "base/logging.h"
 #include "base/memory/shared_memory.h"
 #include "base/metrics/histogram_macros.h"
 
 namespace {
 
-// Required range of memory segment sizes. It has to fit in an unsigned 32-bit
-// number and should be a power of 2 in order to accomodate almost any page
-// size.
-const uint32_t kSegmentMinSize = 1 << 10;  // 1 KiB
+// Limit of memory segment size. It has to fit in an unsigned 32-bit number
+// and should be a power of 2 in order to accomodate almost any page size.
 const uint32_t kSegmentMaxSize = 1 << 30;  // 1 GiB
 
 // A constant (random) value placed in the shared metadata to identify
 // an already initialized memory segment.
 const uint32_t kGlobalCookie = 0x408305DC;
 
 // The current version of the metadata. If updates are made that change
 // the metadata, the version number can be queried to operate in a backward-
 // compatible manner until the memory segment is completely re-initalized.
 const uint32_t kGlobalVersion = 1;
@@ skipping 201 matching lines @@
 }
 
 
 // static
 bool PersistentMemoryAllocator::IsMemoryAcceptable(const void* base,
                                                    size_t size,
                                                    size_t page_size,
                                                    bool readonly) {
   return ((base && reinterpret_cast<uintptr_t>(base) % kAllocAlignment == 0) &&
           (size >= sizeof(SharedMetadata) && size <= kSegmentMaxSize) &&
-          (size >= kSegmentMinSize || readonly) &&
           (size % kAllocAlignment == 0 || readonly) &&
           (page_size == 0 || size % page_size == 0 || readonly));
 }
 
 PersistentMemoryAllocator::PersistentMemoryAllocator(
     void* base,
     size_t size,
     size_t page_size,
     uint64_t id,
     base::StringPiece name,
@@ skipping 41 matching lines @@
         shared_meta()->id != 0 ||
         shared_meta()->name != 0 ||
         shared_meta()->tailptr != 0 ||
         shared_meta()->queue.cookie != 0 ||
         shared_meta()->queue.next.load(std::memory_order_relaxed) != 0 ||
         first_block->size != 0 ||
         first_block->cookie != 0 ||
         first_block->type_id != 0 ||
         first_block->next != 0) {
       // ...or something malicious has been playing with the metadata.
-      NOTREACHED();
       SetCorrupt();
     }
 
     // This is still safe to do even if corruption has been detected.
     shared_meta()->cookie = kGlobalCookie;
     shared_meta()->size = mem_size_;
     shared_meta()->page_size = mem_page_;
     shared_meta()->version = kGlobalVersion;
     shared_meta()->id = id;
     shared_meta()->freeptr.store(sizeof(SharedMetadata),
@@ skipping 17 matching lines @@
     if (shared_meta()->size == 0 ||
         shared_meta()->version == 0 ||
         shared_meta()->freeptr.load(std::memory_order_relaxed) == 0 ||
         shared_meta()->tailptr == 0 ||
         shared_meta()->queue.cookie == 0 ||
         shared_meta()->queue.next.load(std::memory_order_relaxed) == 0) {
       SetCorrupt();
     }
     if (!readonly) {
       // The allocator is attaching to a previously initialized segment of
-      // memory. Make sure the embedded data matches what has been passed.
-      if (shared_meta()->size != mem_size_ ||
-          shared_meta()->page_size != mem_page_) {
-        NOTREACHED();
+      // memory. If the initialization parameters differ, make the best of it
+      // by reducing the local construction parameters to match those of
+      // the actual memory area. This ensures that the local object never
+      // tries to write outside of the original bounds.
+      // Because the fields are const to ensure that no code other than the
+      // constructor makes changes to them as well as to give optimization
+      // hints to the compiler, it's necessary to const-cast them for changes
+      // here.
+      if (shared_meta()->size < mem_size_)
+        *const_cast<uint32_t*>(&mem_size_) = shared_meta()->size;
+      if (shared_meta()->page_size < mem_page_)
+        *const_cast<uint32_t*>(&mem_page_) = shared_meta()->page_size;
+
+      // Ensure that settings are still valid after the above adjustments.
+      if (!IsMemoryAcceptable(base, mem_size_, mem_page_, readonly))
         SetCorrupt();
-      }
     }
   }
 }
 
 PersistentMemoryAllocator::~PersistentMemoryAllocator() {
   // It's strictly forbidden to do any memory access here in case there is
   // some issue with the underlying memory segment. The "Local" allocator
   // makes use of this to allow deletion of the segment on the heap from
   // within its destructor.
 }
@@ skipping 379 matching lines @@
                                 id,
                                 name,
                                 read_only),
       shared_memory_(std::move(memory)) {}
 
 SharedPersistentMemoryAllocator::~SharedPersistentMemoryAllocator() {}
 
 // static
 bool SharedPersistentMemoryAllocator::IsSharedMemoryAcceptable(
     const SharedMemory& memory) {
-  return IsMemoryAcceptable(memory.memory(), memory.mapped_size(), 0, true);
+  return IsMemoryAcceptable(memory.memory(), memory.mapped_size(), 0, false);
 }
 
 
 //----- FilePersistentMemoryAllocator ------------------------------------------
 
 FilePersistentMemoryAllocator::FilePersistentMemoryAllocator(
     std::unique_ptr<MemoryMappedFile> file,
+    size_t max_size,
     uint64_t id,
-    base::StringPiece name)
+    base::StringPiece name,
+    bool read_only)
     : PersistentMemoryAllocator(const_cast<uint8_t*>(file->data()),
-                                file->length(),
+                                max_size != 0 ? max_size : file->length(),
                                 0,
                                 id,
                                 name,
-                                true),
+                                read_only),
       mapped_file_(std::move(file)) {}
 
 FilePersistentMemoryAllocator::~FilePersistentMemoryAllocator() {}
 
 // static
 bool FilePersistentMemoryAllocator::IsFileAcceptable(
-    const MemoryMappedFile& file) {
-  return IsMemoryAcceptable(file.data(), file.length(), 0, true);
+    const MemoryMappedFile& file,
+    bool read_only) {
+  return IsMemoryAcceptable(file.data(), file.length(), 0, read_only);
 }
 
 }  // namespace base