Index: base/memory/shared_memory_mac.cc |
diff --git a/base/memory/shared_memory_mac.cc b/base/memory/shared_memory_mac.cc |
index a8f09555d96de9b6ab420b2123f5999cd8bf9223..c0488cbeac319dc36b3b249b41e7f0c3d2e820c6 100644 |
--- a/base/memory/shared_memory_mac.cc |
+++ b/base/memory/shared_memory_mac.cc |
@@ -4,22 +4,33 @@ |
#include "base/memory/shared_memory.h" |
+#include <errno.h> |
+#include <fcntl.h> |
#include <mach/mach_vm.h> |
+#include <stddef.h> |
+#include <sys/mman.h> |
+#include <sys/stat.h> |
+#include <unistd.h> |
#include "base/files/file_util.h" |
#include "base/files/scoped_file.h" |
#include "base/logging.h" |
-#include "base/mac/foundation_util.h" |
#include "base/mac/mac_util.h" |
#include "base/mac/scoped_mach_vm.h" |
#include "base/metrics/field_trial.h" |
#include "base/metrics/histogram_macros.h" |
+#include "base/posix/eintr_wrapper.h" |
+#include "base/posix/safe_strerror.h" |
#include "base/process/process_metrics.h" |
#include "base/profiler/scoped_tracker.h" |
#include "base/scoped_generic.h" |
#include "base/strings/utf_string_conversions.h" |
#include "build/build_config.h" |
+#if defined(OS_MACOSX) |
+#include "base/mac/foundation_util.h" |
+#endif // OS_MACOSX |
+ |
namespace base { |
namespace { |
@@ -67,13 +78,84 @@ bool MakeMachSharedMemoryHandleReadOnly(SharedMemoryHandle* new_handle, |
return true; |
} |
+struct ScopedPathUnlinkerTraits { |
+ static FilePath* InvalidValue() { return nullptr; } |
+ |
+ static void Free(FilePath* path) { |
+ // TODO(erikchen): Remove ScopedTracker below once http://crbug.com/466437 |
+ // is fixed. |
+ tracked_objects::ScopedTracker tracking_profile( |
Robert Sesek
2016/12/06 21:45:55
Do we still need the ScopedTrackers in this file?
lawrencewu
2016/12/06 22:33:24
Probably not, now that the bug is fixed. erikchen@
lawrencewu
2016/12/07 19:44:26
Removed all instances of ScopedTracker.
|
+ FROM_HERE_WITH_EXPLICIT_FUNCTION( |
+ "466437 SharedMemory::Create::Unlink")); |
+ if (unlink(path->value().c_str())) |
+ PLOG(WARNING) << "unlink"; |
+ } |
+}; |
+ |
+// Unlinks the FilePath when the object is destroyed. |
+typedef ScopedGeneric<FilePath*, ScopedPathUnlinkerTraits> ScopedPathUnlinker; |
+ |
+// Makes a temporary file, fdopens it, and then unlinks it. |fp| is populated |
+// with the fdopened FILE. |readonly_fd| is populated with the opened fd if |
+// options.share_read_only is true. |path| is populated with the location of |
+// the file before it was unlinked. |
+// Returns false if there's an unhandled failure. |
+bool CreateAnonymousSharedMemory(const SharedMemoryCreateOptions& options, |
+ ScopedFILE* fp, |
+ ScopedFD* readonly_fd, |
+ FilePath* path) { |
+ // Q: Why not use the shm_open() etc. APIs? |
+ // A: Because they're limited to 4mb on OS X. FFFFFFFUUUUUUUUUUU |
Robert Sesek
2016/12/06 21:45:55
Hmmmm. I wonder if we could use shm_open for this
lawrencewu
2016/12/06 22:33:24
I'd like to punt on this, since we can just reuse
|
+ FilePath directory; |
+ ScopedPathUnlinker path_unlinker; |
+ if (GetShmemTempDir(options.executable, &directory)) { |
+ // TODO(erikchen): Remove ScopedTracker below once http://crbug.com/466437 |
+ // is fixed. |
+ tracked_objects::ScopedTracker tracking_profile( |
+ FROM_HERE_WITH_EXPLICIT_FUNCTION( |
+ "466437 SharedMemory::Create::OpenTemporaryFile")); |
+ fp->reset(CreateAndOpenTemporaryFileInDir(directory, path)); |
+ |
+ // Deleting the file prevents anyone else from mapping it in (making it |
+ // private), and prevents the need for cleanup (once the last fd is |
+ // closed, it is truly freed). |
+ if (*fp) |
+ path_unlinker.reset(path); |
+ } |
+ |
+ if (*fp) { |
+ if (options.share_read_only) { |
+ // TODO(erikchen): Remove ScopedTracker below once |
+ // http://crbug.com/466437 is fixed. |
+ tracked_objects::ScopedTracker tracking_profile( |
+ FROM_HERE_WITH_EXPLICIT_FUNCTION( |
+ "466437 SharedMemory::Create::OpenReadonly")); |
+ // Also open as readonly so that we can ShareReadOnlyToProcess. |
+ readonly_fd->reset(HANDLE_EINTR(open(path->value().c_str(), O_RDONLY))); |
+ if (!readonly_fd->is_valid()) { |
+ DPLOG(ERROR) << "open(\"" << path->value() << "\", O_RDONLY) failed"; |
+ fp->reset(); |
+ return false; |
+ } |
+ } |
+ } |
+ return true; |
+} |
+ |
} // namespace |
SharedMemory::SharedMemory() |
- : mapped_size_(0), memory_(NULL), read_only_(false), requested_size_(0) {} |
+ : mapped_memory_mechanism_(SharedMemoryHandle::MACH), |
+ readonly_mapped_file_(-1), |
+ mapped_size_(0), |
+ memory_(NULL), |
+ read_only_(false), |
+ requested_size_(0) {} |
SharedMemory::SharedMemory(const SharedMemoryHandle& handle, bool read_only) |
: shm_(handle), |
+ mapped_memory_mechanism_(SharedMemoryHandle::POSIX), |
+ readonly_mapped_file_(-1), |
mapped_size_(0), |
memory_(NULL), |
read_only_(read_only), |
@@ -101,8 +183,7 @@ void SharedMemory::CloseHandle(const SharedMemoryHandle& handle) { |
// static |
size_t SharedMemory::GetHandleLimit() { |
- // This should be effectively unlimited on OS X. |
- return 10000; |
+ return GetMaxFds(); |
} |
// static |
@@ -111,6 +192,12 @@ SharedMemoryHandle SharedMemory::DuplicateHandle( |
return handle.Duplicate(); |
} |
+// static |
+int SharedMemory::GetFdFromSharedMemoryHandle( |
+ const SharedMemoryHandle& handle) { |
+ return handle.GetFileDescriptor().fd; |
+} |
+ |
bool SharedMemory::CreateAndMapAnonymous(size_t size) { |
return CreateAnonymous(size) && Map(size); |
} |
@@ -136,9 +223,42 @@ bool SharedMemory::Create(const SharedMemoryCreateOptions& options) { |
if (options.size > static_cast<size_t>(std::numeric_limits<int>::max())) |
return false; |
- shm_ = SharedMemoryHandle(options.size); |
+ if (options.type == SharedMemoryHandle::MACH) { |
+ shm_ = SharedMemoryHandle(options.size); |
+ requested_size_ = options.size; |
+ return shm_.IsValid(); |
+ } |
+ |
+ // This function theoretically can block on the disk. Both profiling of real |
+ // users and local instrumentation shows that this is a real problem. |
+ // https://code.google.com/p/chromium/issues/detail?id=466437 |
+ base::ThreadRestrictions::ScopedAllowIO allow_io; |
+ |
+ ScopedFILE fp; |
+ ScopedFD readonly_fd; |
+ |
+ FilePath path; |
+ bool result = CreateAnonymousSharedMemory(options, &fp, &readonly_fd, &path); |
+ if (!result) |
+ return false; |
+ |
+ if (!fp) { |
+ PLOG(ERROR) << "Creating shared memory in " << path.value() << " failed"; |
+ return false; |
+ } |
+ |
+ // Get current size. |
+ struct stat stat; |
+ if (fstat(fileno(fp.get()), &stat) != 0) |
+ return false; |
+ const size_t current_size = stat.st_size; |
+ if (current_size != options.size) { |
+ if (HANDLE_EINTR(ftruncate(fileno(fp.get()), options.size)) != 0) |
+ return false; |
+ } |
requested_size_ = options.size; |
- return shm_.IsValid(); |
+ |
+ return PrepareMapFile(std::move(fp), std::move(readonly_fd)); |
} |
bool SharedMemory::MapAt(off_t offset, size_t bytes) { |
@@ -154,6 +274,7 @@ bool SharedMemory::MapAt(off_t offset, size_t bytes) { |
mapped_size_ = bytes; |
DCHECK_EQ(0U, reinterpret_cast<uintptr_t>(memory_) & |
(SharedMemory::MAP_MINIMUM_ALIGNMENT - 1)); |
+ mapped_memory_mechanism_ = shm_.type_; |
} else { |
memory_ = NULL; |
} |
@@ -165,16 +286,29 @@ bool SharedMemory::Unmap() { |
if (memory_ == NULL) |
return false; |
- mach_vm_deallocate(mach_task_self(), |
- reinterpret_cast<mach_vm_address_t>(memory_), |
- mapped_size_); |
+ switch (mapped_memory_mechanism_) { |
+ case SharedMemoryHandle::POSIX: |
+ munmap(memory_, mapped_size_); |
+ break; |
+ case SharedMemoryHandle::MACH: |
+ mach_vm_deallocate(mach_task_self(), |
+ reinterpret_cast<mach_vm_address_t>(memory_), |
+ mapped_size_); |
+ break; |
+ } |
+ |
memory_ = NULL; |
mapped_size_ = 0; |
return true; |
} |
SharedMemoryHandle SharedMemory::handle() const { |
- return shm_; |
+ switch (shm_.type_) { |
+ case SharedMemoryHandle::POSIX: |
+ return SharedMemoryHandle(shm_.GetFileDescriptor().fd); |
+ case SharedMemoryHandle::MACH: |
+ return shm_; |
+ } |
} |
SharedMemoryHandle SharedMemory::TakeHandle() { |
@@ -186,34 +320,114 @@ SharedMemoryHandle SharedMemory::TakeHandle() { |
void SharedMemory::Close() { |
shm_.Close(); |
shm_ = SharedMemoryHandle(); |
+ if (shm_.type_ == SharedMemoryHandle::POSIX) { |
+ if (readonly_mapped_file_ > 0) { |
+ if (IGNORE_EINTR(close(readonly_mapped_file_)) < 0) |
+ PLOG(ERROR) << "close"; |
+ readonly_mapped_file_ = -1; |
+ } |
+ } |
+} |
+ |
+bool SharedMemory::PrepareMapFile(ScopedFILE fp, ScopedFD readonly_fd) { |
+ DCHECK(!shm_.IsValid()); |
+ DCHECK_EQ(-1, readonly_mapped_file_); |
+ if (fp == NULL) |
+ return false; |
+ |
+ // This function theoretically can block on the disk, but realistically |
+ // the temporary files we create will just go into the buffer cache |
+ // and be deleted before they ever make it out to disk. |
+ base::ThreadRestrictions::ScopedAllowIO allow_io; |
+ |
+ struct stat st = {}; |
+ if (fstat(fileno(fp.get()), &st)) |
+ NOTREACHED(); |
+ if (readonly_fd.is_valid()) { |
+ struct stat readonly_st = {}; |
+ if (fstat(readonly_fd.get(), &readonly_st)) |
+ NOTREACHED(); |
+ if (st.st_dev != readonly_st.st_dev || st.st_ino != readonly_st.st_ino) { |
+ LOG(ERROR) << "writable and read-only inodes don't match; bailing"; |
+ return false; |
+ } |
+ } |
+ |
+ int mapped_file = HANDLE_EINTR(dup(fileno(fp.get()))); |
+ if (mapped_file == -1) { |
+ if (errno == EMFILE) { |
+ LOG(WARNING) << "Shared memory creation failed; out of file descriptors"; |
+ return false; |
+ } else { |
+ NOTREACHED() << "Call to dup failed, errno=" << errno; |
+ } |
+ } |
+ shm_ = SharedMemoryHandle(mapped_file); |
+ readonly_mapped_file_ = readonly_fd.release(); |
+ |
+ return true; |
} |
bool SharedMemory::ShareToProcessCommon(ProcessHandle process, |
SharedMemoryHandle* new_handle, |
bool close_self, |
ShareMode share_mode) { |
- DCHECK(shm_.IsValid()); |
+ if (shm_.type_ == SharedMemoryHandle::MACH) { |
+ DCHECK(shm_.IsValid()); |
+ |
+ bool success = false; |
+ switch (share_mode) { |
+ case SHARE_CURRENT_MODE: |
+ *new_handle = shm_.Duplicate(); |
+ success = true; |
+ break; |
+ case SHARE_READONLY: |
+ success = MakeMachSharedMemoryHandleReadOnly(new_handle, shm_, memory_); |
+ break; |
+ } |
+ |
+ if (success) |
+ new_handle->SetOwnershipPassesToIPC(true); |
+ |
+ if (close_self) { |
+ Unmap(); |
+ Close(); |
+ } |
+ |
+ return success; |
+ } |
- bool success = false; |
+ int handle_to_dup = -1; |
switch (share_mode) { |
case SHARE_CURRENT_MODE: |
- *new_handle = shm_.Duplicate(); |
- success = true; |
+ handle_to_dup = shm_.GetFileDescriptor().fd; |
break; |
case SHARE_READONLY: |
- success = MakeMachSharedMemoryHandleReadOnly(new_handle, shm_, memory_); |
+ // We could imagine re-opening the file from /dev/fd, but that can't make |
+ // it readonly on Mac: https://codereview.chromium.org/27265002/#msg10 |
+ CHECK_GE(readonly_mapped_file_, 0); |
+ handle_to_dup = readonly_mapped_file_; |
break; |
} |
- if (success) |
- new_handle->SetOwnershipPassesToIPC(true); |
+ const int new_fd = HANDLE_EINTR(dup(handle_to_dup)); |
+ if (new_fd < 0) { |
+ if (close_self) { |
+ Unmap(); |
+ Close(); |
+ } |
+ DPLOG(ERROR) << "dup() failed."; |
+ return false; |
+ } |
+ |
+ new_handle->SetFileHandle(new_fd, true); |
if (close_self) { |
Unmap(); |
Close(); |
} |
- return success; |
+ return true; |
} |
} // namespace base |