blob: 218b84fbfb2d4e695fc3a1b580e698b14046a0c2 [file] [log] [blame]
// Copyright 2011 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef COURGETTE_MEMORY_ALLOCATOR_H_
#define COURGETTE_MEMORY_ALLOCATOR_H_
#include <stddef.h>
#include <stdint.h>
#include <stdlib.h>
#include <string.h>
#include "base/files/file.h"
#include "base/logging.h"
#include "base/memory/raw_ptr.h"
#include "base/process/memory.h"
#include "build/build_config.h"
#ifndef NDEBUG
// A helper class to track down call sites that are not handling error cases.
template<class T>
class CheckReturnValue {
public:
// Not marked explicit on purpose.
CheckReturnValue(T value) : value_(value), checked_(false) { // NOLINT
}
CheckReturnValue(const CheckReturnValue& other)
: value_(other.value_), checked_(other.checked_) {
other.checked_ = true;
}
CheckReturnValue& operator=(const CheckReturnValue& other) {
if (this != &other) {
DCHECK(checked_);
value_ = other.value_;
checked_ = other.checked_;
other.checked_ = true;
}
return *this;
}
~CheckReturnValue() {
DCHECK(checked_);
}
operator const T&() const {
checked_ = true;
return value_;
}
private:
T value_;
mutable bool checked_;
};
typedef CheckReturnValue<bool> CheckBool;
#else
typedef bool CheckBool;
#endif
namespace courgette {
// Allocates memory for an instance of type T, instantiates an object in that
// memory with arguments |args| (of type ArgTypes), and returns the constructed
// instance. Returns null if allocation fails.
template <class T, class... ArgTypes>
T* UncheckedNew(ArgTypes... args) {
void* ram = nullptr;
return base::UncheckedMalloc(sizeof(T), &ram) ? new (ram) T(args...)
: nullptr;
}
// Complement of UncheckedNew(): destructs |object| and releases its memory.
template <class T>
void UncheckedDelete(T* object) {
if (object) {
object->T::~T();
free(object);
}
}
// A deleter for std::unique_ptr that will delete the object via
// UncheckedDelete().
template <class T>
struct UncheckedDeleter {
inline void operator()(T* ptr) const { UncheckedDelete(ptr); }
};
#if BUILDFLAG(IS_WIN)
// Manages a read/write virtual mapping of a physical file.
class FileMapping {
public:
FileMapping();
~FileMapping();
// Map a file from beginning to |size|.
bool Create(HANDLE file, size_t size);
void Close();
// Returns true iff a mapping has been created.
bool valid() const;
// Returns a writable pointer to the beginning of the memory mapped file.
// If Create has not been called successfully, return value is nullptr.
void* view() const;
protected:
bool InitializeView(size_t size);
HANDLE mapping_;
raw_ptr<void> view_;
};
// Manages a temporary file and a memory mapping of the temporary file.
// The memory that this class manages holds a pointer back to the TempMapping
// object itself, so that given a memory pointer allocated by this class,
// you can get a pointer to the TempMapping instance that owns that memory.
class TempMapping {
public:
TempMapping();
~TempMapping();
// Creates a temporary file of size |size| and maps it into the current
// process's address space.
bool Initialize(size_t size);
// Returns a writable pointer to the reserved memory.
void* memory() const;
// Returns true if the mapping is valid and memory is available.
bool valid() const;
// Returns a pointer to the TempMapping instance that allocated the |mem|
// block of memory. It's the callers responsibility to make sure that
// the memory block was allocated by the TempMapping class.
static TempMapping* GetMappingFromPtr(void* mem);
protected:
base::File file_;
FileMapping mapping_;
};
// A memory allocator class that allocates memory either from the heap or via a
// temporary file. The interface is STL inspired but the class does not throw
// STL exceptions on allocation failure. Instead it returns nullptr.
// A file allocation will be made if either the requested memory size exceeds
// |kMaxHeapAllocationSize| or if a heap allocation fails.
// Allocating the memory as a mapping of a temporary file solves the problem
// that there might not be enough physical memory and pagefile to support the
// allocation. This can happen because these resources are too small, or
// already committed to other processes. Provided there is enough disk, the
// temporary file acts like a pagefile that other processes can't access.
template<class T>
class MemoryAllocator {
public:
typedef T value_type;
typedef value_type* pointer;
typedef value_type& reference;
typedef const value_type* const_pointer;
typedef const value_type& const_reference;
typedef size_t size_type;
typedef ptrdiff_t difference_type;
// Each allocation is tagged with a single byte so that we know how to
// deallocate it.
enum AllocationType : uint8_t {
HEAP_ALLOCATION = 0xF0, // Non-trivial constants to detect corruption.
FILE_ALLOCATION = 0x0F,
};
// 5MB is the maximum heap allocation size that we'll attempt.
// When applying a patch for Chrome 10.X we found that at this
// threshold there were 17 allocations higher than this threshold
// (largest at 136MB) 10 allocations just below the threshold and 6362
// smaller allocations.
static const size_t kMaxHeapAllocationSize = 1024 * 1024 * 5;
template<class OtherT>
struct rebind {
// convert a MemoryAllocator<T> to a MemoryAllocator<OtherT>
typedef MemoryAllocator<OtherT> other;
};
MemoryAllocator() {}
// We can't use an explicit constructor here, as dictated by our style guide.
// The implementation of basic_string in Visual Studio 2010 prevents this.
MemoryAllocator(const MemoryAllocator<T>& other) { // NOLINT
}
template <class OtherT>
MemoryAllocator(const MemoryAllocator<OtherT>& other) { // NOLINT
}
~MemoryAllocator() {
}
void deallocate(pointer ptr, size_type size) {
uint8_t* mem = reinterpret_cast<uint8_t*>(ptr);
mem -= sizeof(T);
if (mem[0] == HEAP_ALLOCATION)
free(mem);
else if (mem[0] == FILE_ALLOCATION)
UncheckedDelete(TempMapping::GetMappingFromPtr(mem));
else
LOG(FATAL);
}
pointer allocate(size_type count) {
// We use the first byte of each allocation to mark the allocation type.
// However, so that the allocation is properly aligned, we allocate an
// extra element and then use the first byte of the first element
// to mark the allocation type.
count++;
if (count > max_size())
return nullptr;
size_type bytes = count * sizeof(T);
uint8_t* mem = nullptr;
// First see if we can do this allocation on the heap.
if (count < kMaxHeapAllocationSize &&
base::UncheckedMalloc(bytes, reinterpret_cast<void**>(&mem))) {
mem[0] = static_cast<uint8_t>(HEAP_ALLOCATION);
} else {
// Back the allocation with a temp file if either the request exceeds the
// max heap allocation threshold or the heap allocation failed.
TempMapping* mapping = UncheckedNew<TempMapping>();
if (mapping) {
if (mapping->Initialize(bytes)) {
mem = reinterpret_cast<uint8_t*>(mapping->memory());
mem[0] = static_cast<uint8_t>(FILE_ALLOCATION);
} else {
UncheckedDelete(mapping);
}
}
}
// If the above fails (e.g. because we are in a sandbox), just try the heap.
if (!mem && base::UncheckedMalloc(bytes, reinterpret_cast<void**>(&mem))) {
mem[0] = static_cast<uint8_t>(HEAP_ALLOCATION);
}
return mem ? reinterpret_cast<pointer>(mem + sizeof(T)) : nullptr;
}
pointer allocate(size_type count, const void* hint) {
return allocate(count);
}
void construct(pointer ptr, const T& value) {
::new(ptr) T(value);
}
void destroy(pointer ptr) {
ptr->~T();
}
size_type max_size() const {
size_type count = static_cast<size_type>(-1) / sizeof(T);
return (0 < count ? count : 1);
}
};
#else // BUILDFLAG(IS_WIN)
// On Mac, Linux, we use a bare bones implementation that only does
// heap allocations.
template<class T>
class MemoryAllocator {
public:
typedef T value_type;
typedef value_type* pointer;
typedef value_type& reference;
typedef const value_type* const_pointer;
typedef const value_type& const_reference;
typedef size_t size_type;
typedef ptrdiff_t difference_type;
template<class OtherT>
struct rebind {
// convert a MemoryAllocator<T> to a MemoryAllocator<OtherT>
typedef MemoryAllocator<OtherT> other;
};
MemoryAllocator() {
}
explicit MemoryAllocator(const MemoryAllocator<T>& other) {
}
template<class OtherT>
explicit MemoryAllocator(const MemoryAllocator<OtherT>& other) {
}
~MemoryAllocator() {
}
void deallocate(pointer ptr, size_type size) { free(ptr); }
pointer allocate(size_type count) {
if (count > max_size())
return nullptr;
pointer result = nullptr;
return base::UncheckedMalloc(count * sizeof(T),
reinterpret_cast<void**>(&result))
? result
: nullptr;
}
pointer allocate(size_type count, const void* hint) {
return allocate(count);
}
void construct(pointer ptr, const T& value) {
::new(ptr) T(value);
}
void destroy(pointer ptr) {
ptr->~T();
}
size_type max_size() const {
size_type count = static_cast<size_type>(-1) / sizeof(T);
return (0 < count ? count : 1);
}
};
#endif // BUILDFLAG(IS_WIN)
// Manages a growable buffer. The buffer allocation is done by the
// MemoryAllocator class. This class will not throw exceptions so call sites
// must be prepared to handle memory allocation failures.
// The interface is STL inspired to avoid having to make too many changes
// to code that previously was using STL.
template<typename T, class Allocator = MemoryAllocator<T> >
class NoThrowBuffer {
public:
typedef T value_type;
static const size_t kAllocationFailure = 0xffffffff;
static const size_t kStartSize = sizeof(T) > 0x100 ? 1 : 0x100 / sizeof(T);
NoThrowBuffer() : buffer_(nullptr), size_(0), alloc_size_(0) {}
~NoThrowBuffer() {
clear();
}
void clear() {
if (buffer_) {
alloc_.deallocate(buffer_, alloc_size_);
buffer_ = nullptr;
size_ = 0;
alloc_size_ = 0;
}
}
bool empty() const {
return size_ == 0;
}
[[nodiscard]] CheckBool reserve(size_t size) {
if (failed())
return false;
if (size <= alloc_size_)
return true;
if (size < kStartSize)
size = kStartSize;
T* new_buffer = alloc_.allocate(size);
if (!new_buffer) {
clear();
alloc_size_ = kAllocationFailure;
} else {
if (buffer_) {
memcpy(new_buffer, buffer_, size_ * sizeof(T));
alloc_.deallocate(buffer_, alloc_size_);
}
buffer_ = new_buffer;
alloc_size_ = size;
}
return !failed();
}
[[nodiscard]] CheckBool append(const T* data, size_t size) {
if (failed())
return false;
if (size > alloc_.max_size() - size_)
return false;
if (!size)
return true;
// Disallow source range from overlapping with buffer_, since in this case
// reallocation would cause use-after-free.
DCHECK(data + size <= buffer_ || data >= buffer_ + alloc_size_);
if ((alloc_size_ - size_) < size) {
const size_t max_size = alloc_.max_size();
size_t new_size = alloc_size_ ? alloc_size_ : kStartSize;
while (new_size < size_ + size) {
if (new_size < max_size - new_size) {
new_size *= 2;
} else {
new_size = max_size;
}
}
if (!reserve(new_size))
return false;
}
memcpy(buffer_ + size_, data, size * sizeof(T));
size_ += size;
return true;
}
[[nodiscard]] CheckBool resize(size_t size, const T& init_value) {
if (size > size_) {
if (!reserve(size))
return false;
for (size_t i = size_; i < size; ++i)
buffer_[i] = init_value;
} else if (size < size_) {
// TODO(tommi): Should we allocate a new, smaller buffer?
// It might be faster for us to simply change the size.
}
size_ = size;
return true;
}
[[nodiscard]] CheckBool push_back(const T& item) { return append(&item, 1); }
const T& back() const {
return buffer_[size_ - 1];
}
T& back() {
return buffer_[size_ - 1];
}
const T* begin() const {
if (!size_)
return nullptr;
return buffer_;
}
T* begin() {
if (!size_)
return nullptr;
return buffer_;
}
const T* end() const {
if (!size_)
return nullptr;
return buffer_ + size_;
}
T* end() {
if (!size_)
return nullptr;
return buffer_ + size_;
}
const T& operator[](size_t index) const {
DCHECK(index < size_);
return buffer_[index];
}
T& operator[](size_t index) {
DCHECK(index < size_);
return buffer_[index];
}
size_t size() const {
return size_;
}
size_t capacity() const {
return alloc_size_;
}
T* data() const {
return buffer_;
}
// Returns true if an allocation failure has ever occurred for this object.
bool failed() const {
return alloc_size_ == kAllocationFailure;
}
protected:
raw_ptr<T, DanglingUntriaged | AllowPtrArithmetic> buffer_;
size_t size_; // how much of the buffer we're using.
size_t alloc_size_; // how much space we have allocated.
Allocator alloc_;
};
} // namespace courgette
#endif // COURGETTE_MEMORY_ALLOCATOR_H_