OLD | NEW |
---|---|
1 /* | 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
2 * Copyright (C) 2013 Google Inc. All rights reserved. | 2 // Use of this source code is governed by a BSD-style license that can be |
3 * | 3 // found in the LICENSE file. |
4 * Redistribution and use in source and binary forms, with or without | |
5 * modification, are permitted provided that the following conditions are | |
6 * met: | |
7 * | |
8 * * Redistributions of source code must retain the above copyright | |
9 * notice, this list of conditions and the following disclaimer. | |
10 * * Redistributions in binary form must reproduce the above | |
11 * copyright notice, this list of conditions and the following disclaimer | |
12 * in the documentation and/or other materials provided with the | |
13 * distribution. | |
14 * * Neither the name of Google Inc. nor the names of its | |
15 * contributors may be used to endorse or promote products derived from | |
16 * this software without specific prior written permission. | |
17 * | |
18 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS | |
19 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT | |
20 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR | |
21 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT | |
22 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | |
23 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT | |
24 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, | |
25 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY | |
26 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | |
27 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE | |
28 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | |
29 */ | |
30 | 4 |
31 #include "wtf/allocator/PageAllocator.h" | 5 #include "base/allocator/partition_allocator/page_allocator.h" |
32 | |
33 #include "wtf/Assertions.h" | |
34 #include "wtf/Atomics.h" | |
35 #include "wtf/allocator/AddressSpaceRandomization.h" | |
36 | 6 |
37 #include <limits.h> | 7 #include <limits.h> |
38 | 8 |
39 #if OS(POSIX) | 9 #include "base/allocator/partition_allocator/address_space_randomization.h" |
10 #include "base/logging.h" | |
Primiano Tucci (use gerrit)
2016/11/22 14:28:32
+ build_config.h
palmer
2016/11/24 01:05:55
Done.
| |
11 | |
12 #if defined(OS_POSIX) | |
40 | 13 |
41 #include <errno.h> | 14 #include <errno.h> |
42 #include <sys/mman.h> | 15 #include <sys/mman.h> |
43 | 16 |
44 #ifndef MADV_FREE | 17 #ifndef MADV_FREE |
45 #define MADV_FREE MADV_DONTNEED | 18 #define MADV_FREE MADV_DONTNEED |
46 #endif | 19 #endif |
47 | 20 |
48 #ifndef MAP_ANONYMOUS | 21 #ifndef MAP_ANONYMOUS |
49 #define MAP_ANONYMOUS MAP_ANON | 22 #define MAP_ANONYMOUS MAP_ANON |
50 #endif | 23 #endif |
51 | 24 |
52 // On POSIX memmap uses a nearby address if the hint address is blocked. | 25 // On POSIX memmap uses a nearby address if the hint address is blocked. |
53 static const bool kHintIsAdvisory = true; | 26 static const bool kHintIsAdvisory = true; |
54 static uint32_t s_allocPageErrorCode = 0; | 27 static uint32_t s_allocPageErrorCode = 0; |
55 | 28 |
56 #elif OS(WIN) | 29 #elif defined(OS_WIN) |
57 | 30 |
58 #include <windows.h> | 31 #include <windows.h> |
59 | 32 |
60 // VirtualAlloc will fail if allocation at the hint address is blocked. | 33 // VirtualAlloc will fail if allocation at the hint address is blocked. |
61 static const bool kHintIsAdvisory = false; | 34 static const bool kHintIsAdvisory = false; |
62 static uint32_t s_allocPageErrorCode = ERROR_SUCCESS; | 35 static uint32_t s_allocPageErrorCode = ERROR_SUCCESS; |
63 | 36 |
64 #else | 37 #else |
65 #error Unknown OS | 38 #error Unknown OS |
66 #endif // OS(POSIX) | 39 #endif // defined(OS_POSIX) |
67 | 40 |
68 namespace WTF { | 41 namespace base { |
69 | 42 |
70 // This internal function wraps the OS-specific page allocation call. The | 43 // This internal function wraps the OS-specific page allocation call. The |
71 // behavior of the hint address is determined by the kHintIsAdvisory constant. | 44 // behavior of the hint address is determined by the kHintIsAdvisory constant. |
72 // If true, a non-zero hint is advisory and the returned address may differ from | 45 // If true, a non-zero hint is advisory and the returned address may differ from |
73 // the hint. If false, the hint is mandatory and a successful allocation will | 46 // the hint. If false, the hint is mandatory and a successful allocation will |
74 // not differ from the hint. | 47 // not differ from the hint. |
75 static void* systemAllocPages( | 48 static void* systemAllocPages( |
76 void* hint, | 49 void* hint, |
77 size_t len, | 50 size_t len, |
78 PageAccessibilityConfiguration pageAccessibility) { | 51 PageAccessibilityConfiguration pageAccessibility) { |
79 ASSERT(!(len & kPageAllocationGranularityOffsetMask)); | 52 DCHECK(!(len & kPageAllocationGranularityOffsetMask)); |
80 ASSERT(!(reinterpret_cast<uintptr_t>(hint) & | 53 DCHECK(!(reinterpret_cast<uintptr_t>(hint) & |
81 kPageAllocationGranularityOffsetMask)); | 54 kPageAllocationGranularityOffsetMask)); |
82 void* ret; | 55 void* ret; |
83 #if OS(WIN) | 56 #if defined(OS_WIN) |
84 DWORD accessFlag = | 57 DWORD accessFlag = |
85 pageAccessibility == PageAccessible ? PAGE_READWRITE : PAGE_NOACCESS; | 58 pageAccessibility == PageAccessible ? PAGE_READWRITE : PAGE_NOACCESS; |
86 ret = VirtualAlloc(hint, len, MEM_RESERVE | MEM_COMMIT, accessFlag); | 59 ret = VirtualAlloc(hint, len, MEM_RESERVE | MEM_COMMIT, accessFlag); |
87 if (!ret) | 60 if (!ret) |
88 releaseStore(&s_allocPageErrorCode, GetLastError()); | 61 releaseStore(&s_allocPageErrorCode, GetLastError()); |
89 #else | 62 #else |
90 int accessFlag = pageAccessibility == PageAccessible | 63 int accessFlag = pageAccessibility == PageAccessible |
91 ? (PROT_READ | PROT_WRITE) | 64 ? (PROT_READ | PROT_WRITE) |
92 : PROT_NONE; | 65 : PROT_NONE; |
93 ret = mmap(hint, len, accessFlag, MAP_ANONYMOUS | MAP_PRIVATE, -1, 0); | 66 ret = mmap(hint, len, accessFlag, MAP_ANONYMOUS | MAP_PRIVATE, -1, 0); |
94 if (ret == MAP_FAILED) { | 67 if (ret == MAP_FAILED) { |
95 releaseStore(&s_allocPageErrorCode, errno); | 68 releaseStore(&s_allocPageErrorCode, errno); |
96 ret = 0; | 69 ret = 0; |
97 } | 70 } |
98 #endif | 71 #endif |
99 return ret; | 72 return ret; |
100 } | 73 } |
101 | 74 |
102 // Trims base to given length and alignment. Windows returns null on failure and | 75 // Trims base to given length and alignment. Windows returns null on failure and |
103 // frees base. | 76 // frees base. |
104 static void* trimMapping(void* base, | 77 static void* trimMapping(void* base, |
105 size_t baseLen, | 78 size_t baseLen, |
106 size_t trimLen, | 79 size_t trimLen, |
107 uintptr_t align, | 80 uintptr_t align, |
108 PageAccessibilityConfiguration pageAccessibility) { | 81 PageAccessibilityConfiguration pageAccessibility) { |
109 size_t preSlack = reinterpret_cast<uintptr_t>(base) & (align - 1); | 82 size_t preSlack = reinterpret_cast<uintptr_t>(base) & (align - 1); |
110 if (preSlack) | 83 if (preSlack) |
111 preSlack = align - preSlack; | 84 preSlack = align - preSlack; |
112 size_t postSlack = baseLen - preSlack - trimLen; | 85 size_t postSlack = baseLen - preSlack - trimLen; |
113 ASSERT(baseLen >= trimLen || preSlack || postSlack); | 86 DCHECK(baseLen >= trimLen || preSlack || postSlack); |
114 ASSERT(preSlack < baseLen); | 87 DCHECK(preSlack < baseLen); |
115 ASSERT(postSlack < baseLen); | 88 DCHECK(postSlack < baseLen); |
116 void* ret = base; | 89 void* ret = base; |
117 | 90 |
118 #if OS(POSIX) // On POSIX we can resize the allocation run. | 91 #if defined(OS_POSIX) // On POSIX we can resize the allocation run. |
119 (void)pageAccessibility; | 92 (void)pageAccessibility; |
120 if (preSlack) { | 93 if (preSlack) { |
121 int res = munmap(base, preSlack); | 94 int res = munmap(base, preSlack); |
122 RELEASE_ASSERT(!res); | 95 CHECK(!res); |
123 ret = reinterpret_cast<char*>(base) + preSlack; | 96 ret = reinterpret_cast<char*>(base) + preSlack; |
124 } | 97 } |
125 if (postSlack) { | 98 if (postSlack) { |
126 int res = munmap(reinterpret_cast<char*>(ret) + trimLen, postSlack); | 99 int res = munmap(reinterpret_cast<char*>(ret) + trimLen, postSlack); |
127 RELEASE_ASSERT(!res); | 100 CHECK(!res); |
128 } | 101 } |
129 #else // On Windows we can't resize the allocation run. | 102 #else // On Windows we can't resize the allocation run. |
130 if (preSlack || postSlack) { | 103 if (preSlack || postSlack) { |
131 ret = reinterpret_cast<char*>(base) + preSlack; | 104 ret = reinterpret_cast<char*>(base) + preSlack; |
132 freePages(base, baseLen); | 105 freePages(base, baseLen); |
133 ret = systemAllocPages(ret, trimLen, pageAccessibility); | 106 ret = systemAllocPages(ret, trimLen, pageAccessibility); |
134 } | 107 } |
135 #endif | 108 #endif |
136 | 109 |
137 return ret; | 110 return ret; |
138 } | 111 } |
139 | 112 |
140 void* allocPages(void* addr, | 113 void* allocPages(void* addr, |
141 size_t len, | 114 size_t len, |
142 size_t align, | 115 size_t align, |
143 PageAccessibilityConfiguration pageAccessibility) { | 116 PageAccessibilityConfiguration pageAccessibility) { |
144 ASSERT(len >= kPageAllocationGranularity); | 117 DCHECK(len >= kPageAllocationGranularity); |
145 ASSERT(!(len & kPageAllocationGranularityOffsetMask)); | 118 DCHECK(!(len & kPageAllocationGranularityOffsetMask)); |
146 ASSERT(align >= kPageAllocationGranularity); | 119 DCHECK(align >= kPageAllocationGranularity); |
147 ASSERT(!(align & kPageAllocationGranularityOffsetMask)); | 120 DCHECK(!(align & kPageAllocationGranularityOffsetMask)); |
148 ASSERT(!(reinterpret_cast<uintptr_t>(addr) & | 121 DCHECK(!(reinterpret_cast<uintptr_t>(addr) & |
149 kPageAllocationGranularityOffsetMask)); | 122 kPageAllocationGranularityOffsetMask)); |
150 uintptr_t alignOffsetMask = align - 1; | 123 uintptr_t alignOffsetMask = align - 1; |
151 uintptr_t alignBaseMask = ~alignOffsetMask; | 124 uintptr_t alignBaseMask = ~alignOffsetMask; |
152 ASSERT(!(reinterpret_cast<uintptr_t>(addr) & alignOffsetMask)); | 125 DCHECK(!(reinterpret_cast<uintptr_t>(addr) & alignOffsetMask)); |
153 | 126 |
154 // If the client passed null as the address, choose a good one. | 127 // If the client passed null as the address, choose a good one. |
155 if (!addr) { | 128 if (!addr) { |
156 addr = getRandomPageBase(); | 129 addr = getRandomPageBase(); |
157 addr = reinterpret_cast<void*>(reinterpret_cast<uintptr_t>(addr) & | 130 addr = reinterpret_cast<void*>(reinterpret_cast<uintptr_t>(addr) & |
158 alignBaseMask); | 131 alignBaseMask); |
159 } | 132 } |
160 | 133 |
161 // First try to force an exact-size, aligned allocation from our random base. | 134 // First try to force an exact-size, aligned allocation from our random base. |
162 for (int count = 0; count < 3; ++count) { | 135 for (int count = 0; count < 3; ++count) { |
(...skipping 20 matching lines...) Expand all Loading... | |
183 // Keep trying random addresses on systems that have a large address space. | 156 // Keep trying random addresses on systems that have a large address space. |
184 addr = getRandomPageBase(); | 157 addr = getRandomPageBase(); |
185 addr = reinterpret_cast<void*>(reinterpret_cast<uintptr_t>(addr) & | 158 addr = reinterpret_cast<void*>(reinterpret_cast<uintptr_t>(addr) & |
186 alignBaseMask); | 159 alignBaseMask); |
187 #endif | 160 #endif |
188 } | 161 } |
189 | 162 |
190 // Map a larger allocation so we can force alignment, but continue randomizing | 163 // Map a larger allocation so we can force alignment, but continue randomizing |
191 // only on 64-bit POSIX. | 164 // only on 64-bit POSIX. |
192 size_t tryLen = len + (align - kPageAllocationGranularity); | 165 size_t tryLen = len + (align - kPageAllocationGranularity); |
193 RELEASE_ASSERT(tryLen >= len); | 166 CHECK(tryLen >= len); |
194 void* ret; | 167 void* ret; |
195 | 168 |
196 do { | 169 do { |
197 // Don't continue to burn cycles on mandatory hints (Windows). | 170 // Don't continue to burn cycles on mandatory hints (Windows). |
198 addr = kHintIsAdvisory ? getRandomPageBase() : nullptr; | 171 addr = kHintIsAdvisory ? getRandomPageBase() : nullptr; |
199 ret = systemAllocPages(addr, tryLen, pageAccessibility); | 172 ret = systemAllocPages(addr, tryLen, pageAccessibility); |
200 // The retries are for Windows, where a race can steal our mapping on | 173 // The retries are for Windows, where a race can steal our mapping on |
201 // resize. | 174 // resize. |
202 } while (ret && | 175 } while (ret && |
203 !(ret = trimMapping(ret, tryLen, len, align, pageAccessibility))); | 176 !(ret = trimMapping(ret, tryLen, len, align, pageAccessibility))); |
204 | 177 |
205 return ret; | 178 return ret; |
206 } | 179 } |
207 | 180 |
208 void freePages(void* addr, size_t len) { | 181 void freePages(void* addr, size_t len) { |
209 ASSERT(!(reinterpret_cast<uintptr_t>(addr) & | 182 DCHECK(!(reinterpret_cast<uintptr_t>(addr) & |
210 kPageAllocationGranularityOffsetMask)); | 183 kPageAllocationGranularityOffsetMask)); |
211 ASSERT(!(len & kPageAllocationGranularityOffsetMask)); | 184 DCHECK(!(len & kPageAllocationGranularityOffsetMask)); |
212 #if OS(POSIX) | 185 #if defined(OS_POSIX) |
213 int ret = munmap(addr, len); | 186 int ret = munmap(addr, len); |
214 RELEASE_ASSERT(!ret); | 187 CHECK(!ret); |
215 #else | 188 #else |
216 BOOL ret = VirtualFree(addr, 0, MEM_RELEASE); | 189 BOOL ret = VirtualFree(addr, 0, MEM_RELEASE); |
217 RELEASE_ASSERT(ret); | 190 CHECK(ret); |
218 #endif | 191 #endif |
219 } | 192 } |
220 | 193 |
221 void setSystemPagesInaccessible(void* addr, size_t len) { | 194 void setSystemPagesInaccessible(void* addr, size_t len) { |
222 ASSERT(!(len & kSystemPageOffsetMask)); | 195 DCHECK(!(len & kSystemPageOffsetMask)); |
223 #if OS(POSIX) | 196 #if defined(OS_POSIX) |
224 int ret = mprotect(addr, len, PROT_NONE); | 197 int ret = mprotect(addr, len, PROT_NONE); |
225 RELEASE_ASSERT(!ret); | 198 CHECK(!ret); |
226 #else | 199 #else |
227 BOOL ret = VirtualFree(addr, len, MEM_DECOMMIT); | 200 BOOL ret = VirtualFree(addr, len, MEM_DECOMMIT); |
228 RELEASE_ASSERT(ret); | 201 CHECK(ret); |
229 #endif | 202 #endif |
230 } | 203 } |
231 | 204 |
232 bool setSystemPagesAccessible(void* addr, size_t len) { | 205 bool setSystemPagesAccessible(void* addr, size_t len) { |
233 ASSERT(!(len & kSystemPageOffsetMask)); | 206 DCHECK(!(len & kSystemPageOffsetMask)); |
234 #if OS(POSIX) | 207 #if defined(OS_POSIX) |
235 return !mprotect(addr, len, PROT_READ | PROT_WRITE); | 208 return !mprotect(addr, len, PROT_READ | PROT_WRITE); |
236 #else | 209 #else |
237 return !!VirtualAlloc(addr, len, MEM_COMMIT, PAGE_READWRITE); | 210 return !!VirtualAlloc(addr, len, MEM_COMMIT, PAGE_READWRITE); |
238 #endif | 211 #endif |
239 } | 212 } |
240 | 213 |
241 void decommitSystemPages(void* addr, size_t len) { | 214 void decommitSystemPages(void* addr, size_t len) { |
242 ASSERT(!(len & kSystemPageOffsetMask)); | 215 DCHECK(!(len & kSystemPageOffsetMask)); |
243 #if OS(POSIX) | 216 #if defined(OS_POSIX) |
244 int ret = madvise(addr, len, MADV_FREE); | 217 int ret = madvise(addr, len, MADV_FREE); |
245 RELEASE_ASSERT(!ret); | 218 CHECK(!ret); |
246 #else | 219 #else |
247 setSystemPagesInaccessible(addr, len); | 220 setSystemPagesInaccessible(addr, len); |
248 #endif | 221 #endif |
249 } | 222 } |
250 | 223 |
251 void recommitSystemPages(void* addr, size_t len) { | 224 void recommitSystemPages(void* addr, size_t len) { |
252 ASSERT(!(len & kSystemPageOffsetMask)); | 225 DCHECK(!(len & kSystemPageOffsetMask)); |
253 #if OS(POSIX) | 226 #if defined(OS_POSIX) |
254 (void)addr; | 227 (void)addr; |
255 #else | 228 #else |
256 RELEASE_ASSERT(setSystemPagesAccessible(addr, len)); | 229 CHECK(setSystemPagesAccessible(addr, len)); |
257 #endif | 230 #endif |
258 } | 231 } |
259 | 232 |
260 void discardSystemPages(void* addr, size_t len) { | 233 void discardSystemPages(void* addr, size_t len) { |
261 ASSERT(!(len & kSystemPageOffsetMask)); | 234 DCHECK(!(len & kSystemPageOffsetMask)); |
262 #if OS(POSIX) | 235 #if defined(OS_POSIX) |
263 // On POSIX, the implementation detail is that discard and decommit are the | 236 // On POSIX, the implementation detail is that discard and decommit are the |
264 // same, and lead to pages that are returned to the system immediately and | 237 // same, and lead to pages that are returned to the system immediately and |
265 // get replaced with zeroed pages when touched. So we just call | 238 // get replaced with zeroed pages when touched. So we just call |
266 // decommitSystemPages() here to avoid code duplication. | 239 // decommitSystemPages() here to avoid code duplication. |
267 decommitSystemPages(addr, len); | 240 decommitSystemPages(addr, len); |
268 #else | 241 #else |
269 // On Windows discarded pages are not returned to the system immediately and | 242 // On Windows discarded pages are not returned to the system immediately and |
270 // not guaranteed to be zeroed when returned to the application. | 243 // not guaranteed to be zeroed when returned to the application. |
271 using DiscardVirtualMemoryFunction = | 244 using DiscardVirtualMemoryFunction = |
272 DWORD(WINAPI*)(PVOID virtualAddress, SIZE_T size); | 245 DWORD(WINAPI*)(PVOID virtualAddress, SIZE_T size); |
273 static DiscardVirtualMemoryFunction discardVirtualMemory = | 246 static DiscardVirtualMemoryFunction discardVirtualMemory = |
274 reinterpret_cast<DiscardVirtualMemoryFunction>(-1); | 247 reinterpret_cast<DiscardVirtualMemoryFunction>(-1); |
275 if (discardVirtualMemory == | 248 if (discardVirtualMemory == |
276 reinterpret_cast<DiscardVirtualMemoryFunction>(-1)) | 249 reinterpret_cast<DiscardVirtualMemoryFunction>(-1)) |
277 discardVirtualMemory = | 250 discardVirtualMemory = |
278 reinterpret_cast<DiscardVirtualMemoryFunction>(GetProcAddress( | 251 reinterpret_cast<DiscardVirtualMemoryFunction>(GetProcAddress( |
279 GetModuleHandle(L"Kernel32.dll"), "DiscardVirtualMemory")); | 252 GetModuleHandle(L"Kernel32.dll"), "DiscardVirtualMemory")); |
280 // Use DiscardVirtualMemory when available because it releases faster than | 253 // Use DiscardVirtualMemory when available because it releases faster than |
281 // MEM_RESET. | 254 // MEM_RESET. |
282 DWORD ret = 1; | 255 DWORD ret = 1; |
283 if (discardVirtualMemory) | 256 if (discardVirtualMemory) |
284 ret = discardVirtualMemory(addr, len); | 257 ret = discardVirtualMemory(addr, len); |
285 // DiscardVirtualMemory is buggy in Win10 SP0, so fall back to MEM_RESET on | 258 // DiscardVirtualMemory is buggy in Win10 SP0, so fall back to MEM_RESET on |
286 // failure. | 259 // failure. |
287 if (ret) { | 260 if (ret) { |
288 void* ret = VirtualAlloc(addr, len, MEM_RESET, PAGE_READWRITE); | 261 void* ret = VirtualAlloc(addr, len, MEM_RESET, PAGE_READWRITE); |
289 RELEASE_ASSERT(ret); | 262 CHECK(ret); |
290 } | 263 } |
291 #endif | 264 #endif |
292 } | 265 } |
293 | 266 |
294 uint32_t getAllocPageErrorCode() { | 267 uint32_t getAllocPageErrorCode() { |
295 return acquireLoad(&s_allocPageErrorCode); | 268 return acquireLoad(&s_allocPageErrorCode); |
296 } | 269 } |
297 | 270 |
298 } // namespace WTF | 271 } // namespace base |
OLD | NEW |