OLD | NEW |
1 // Copyright (c) 2011, Google Inc. | 1 // Copyright (c) 2011, Google Inc. |
2 // All rights reserved. | 2 // All rights reserved. |
3 // | 3 // |
4 // Redistribution and use in source and binary forms, with or without | 4 // Redistribution and use in source and binary forms, with or without |
5 // modification, are permitted provided that the following conditions are | 5 // modification, are permitted provided that the following conditions are |
6 // met: | 6 // met: |
7 // | 7 // |
8 // * Redistributions of source code must retain the above copyright | 8 // * Redistributions of source code must retain the above copyright |
9 // notice, this list of conditions and the following disclaimer. | 9 // notice, this list of conditions and the following disclaimer. |
10 // * Redistributions in binary form must reproduce the above | 10 // * Redistributions in binary form must reproduce the above |
(...skipping 41 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
52 // -In singly linked lists, the |next| pointer is stored in the first N | 52 // -In singly linked lists, the |next| pointer is stored in the first N |
53 // bytes of the node. | 53 // bytes of the node. |
54 // | 54 // |
55 // For both types of lists: when a pop operation is performed on a non | 55 // For both types of lists: when a pop operation is performed on a non |
56 // empty list, the new list head becomes that which is pointed to by | 56 // empty list, the new list head becomes that which is pointed to by |
57 // the former head's |next| pointer. If the list is doubly linked, the | 57 // the former head's |next| pointer. If the list is doubly linked, the |
58 // new head |previous| pointer gets changed from pointing to the former | 58 // new head |previous| pointer gets changed from pointing to the former |
59 // head to NULL. | 59 // head to NULL. |
60 | 60 |
61 | 61 |
| 62 #include <limits> |
62 #include <stddef.h> | 63 #include <stddef.h> |
63 #include "free_list.h" | 64 #include "free_list.h" |
| 65 #include "system-alloc.h" |
64 | 66 |
65 #if defined(TCMALLOC_USE_DOUBLYLINKED_FREELIST) | 67 #if defined(TCMALLOC_USE_DOUBLYLINKED_FREELIST) |
66 | 68 |
67 using tcmalloc::kCrash; | 69 using tcmalloc::kCrash; |
68 | 70 |
69 // TODO(jar): We should use C++ rather than a macro here. | 71 // TODO(jar): We should use C++ rather than a macro here. |
70 #define MEMORY_CHECK(v1, v2) \ | 72 #define MEMORY_CHECK(v1, v2) \ |
71 if (v1 != v2) Log(kCrash, __FILE__, __LINE__, "Memory corruption detected.") | 73 if (v1 != v2) Log(kCrash, __FILE__, __LINE__, "Memory corruption detected.") |
72 | 74 |
73 namespace { | 75 namespace { |
74 void EnsureNonLoop(void* node, void* next) { | 76 void EnsureNonLoop(void* node, void* next) { |
75 // We only have time to do minimal checking. We don't traverse the list, but | 77 // We only have time to do minimal checking. We don't traverse the list, but |
76 // only look for an immediate loop (cycle back to ourself). | 78 // only look for an immediate loop (cycle back to ourself). |
77 if (node != next) return; | 79 if (node != next) return; |
78 Log(kCrash, __FILE__, __LINE__, "Circular loop in list detected: ", next); | 80 Log(kCrash, __FILE__, __LINE__, "Circular loop in list detected: ", next); |
79 } | 81 } |
80 | 82 |
| 83 inline void* MaskPtr(void* p) { |
| 84 // Maximize ASLR entropy and guarantee the result is an invalid address. |
| 85 const uintptr_t q = ~(reinterpret_cast<intptr_t>(TCMalloc_SystemAlloc) >> 13); |
| 86 // Do not mask NULL pointers, otherwise we could leak address state. |
| 87 if (p) |
| 88 return reinterpret_cast<void*>(reinterpret_cast<uintptr_t>(p) ^ q); |
| 89 return p; |
| 90 } |
| 91 |
| 92 inline void* UnmaskPtr(void* p) { |
| 93 return MaskPtr(p); |
| 94 } |
| 95 |
81 // Returns value of the |previous| pointer w/out running a sanity | 96 // Returns value of the |previous| pointer w/out running a sanity |
82 // check. | 97 // check. |
83 inline void *FL_Previous_No_Check(void *t) { | 98 inline void *FL_Previous_No_Check(void *t) { |
84 return reinterpret_cast<void**>(t)[1]; | 99 return UnmaskPtr(reinterpret_cast<void**>(t)[1]); |
85 } | 100 } |
86 | 101 |
87 // Returns value of the |next| pointer w/out running a sanity check. | 102 // Returns value of the |next| pointer w/out running a sanity check. |
88 inline void *FL_Next_No_Check(void *t) { | 103 inline void *FL_Next_No_Check(void *t) { |
89 return reinterpret_cast<void**>(t)[0]; | 104 return UnmaskPtr(reinterpret_cast<void**>(t)[0]); |
90 } | 105 } |
91 | 106 |
92 void *FL_Previous(void *t) { | 107 void *FL_Previous(void *t) { |
93 void *previous = FL_Previous_No_Check(t); | 108 void *previous = FL_Previous_No_Check(t); |
94 if (previous) { | 109 if (previous) { |
95 MEMORY_CHECK(FL_Next_No_Check(previous), t); | 110 MEMORY_CHECK(FL_Next_No_Check(previous), t); |
96 } | 111 } |
97 return previous; | 112 return previous; |
98 } | 113 } |
99 | 114 |
100 inline void FL_SetPrevious(void *t, void *n) { | 115 inline void FL_SetPrevious(void *t, void *n) { |
101 EnsureNonLoop(t, n); | 116 EnsureNonLoop(t, n); |
102 reinterpret_cast<void**>(t)[1] = n; | 117 reinterpret_cast<void**>(t)[1] = MaskPtr(n); |
103 } | 118 } |
104 | 119 |
105 inline void FL_SetNext(void *t, void *n) { | 120 inline void FL_SetNext(void *t, void *n) { |
106 EnsureNonLoop(t, n); | 121 EnsureNonLoop(t, n); |
107 reinterpret_cast<void**>(t)[0] = n; | 122 reinterpret_cast<void**>(t)[0] = MaskPtr(n); |
108 } | 123 } |
109 | 124 |
110 } // namespace | 125 } // namespace |
111 | 126 |
112 namespace tcmalloc { | 127 namespace tcmalloc { |
113 | 128 |
114 void *FL_Next(void *t) { | 129 void *FL_Next(void *t) { |
115 void *next = FL_Next_No_Check(t); | 130 void *next = FL_Next_No_Check(t); |
116 if (next) { | 131 if (next) { |
117 MEMORY_CHECK(FL_Previous_No_Check(next), t); | 132 MEMORY_CHECK(FL_Previous_No_Check(next), t); |
(...skipping 104 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
222 | 237 |
223 namespace { | 238 namespace { |
224 | 239 |
225 inline void FL_SetNext(void *t, void *n) { | 240 inline void FL_SetNext(void *t, void *n) { |
226 tcmalloc::SLL_SetNext(t,n); | 241 tcmalloc::SLL_SetNext(t,n); |
227 } | 242 } |
228 | 243 |
229 } | 244 } |
230 | 245 |
231 #endif // TCMALLOC_USE_DOUBLYLINKED_FREELIST | 246 #endif // TCMALLOC_USE_DOUBLYLINKED_FREELIST |
OLD | NEW |