mirror/naiveproxy
1
0
Fork 0
mirror of https://github.com/klzgrad/naiveproxy.git synced 2025-04-04 14:23:38 +03:00
Code Issues Projects Releases Wiki Activity

Compare commits

base: mirror:v124.0.6367.54-1
Branches Tags
mirror:master
mirror:134.0.6998.39
mirror:133.0.6943.49
mirror:132.0.6834.79
mirror:131.0.6778.86
mirror:130.0.6723.40
mirror:129.0.6668.81
mirror:128.0.6613.40
mirror:127.0.6533.64
mirror:126.0.6478.40
mirror:125.0.6422.35
mirror:124.0.6367.54
mirror:123.0.6312.40
mirror:122.0.6261.43
mirror:121.0.6167.71
mirror:120.0.6099.43
mirror:119.0.6045.66
mirror:118.0.5993.65
mirror:117.0.5938.44
mirror:116.0.5845.92
mirror:115.0.5790.166
mirror:114.0.5735.91
mirror:113.0.5672.62
mirror:112.0.5615.49
mirror:111.0.5563.64
mirror:110.0.5481.100
mirror:109.0.5414.74
mirror:108.0.5359.94
mirror:107.0.5304.87
mirror:106.0.5249.91
mirror:105.0.5195.52
mirror:104.0.5112.79
mirror:103.0.5060.53
mirror:102.0.5005.61
mirror:101.0.4951.41
mirror:100.0.4896.60
mirror:99.0.4844.51
mirror:98.0.4758.80
mirror:97.0.4692.71
mirror:96.0.4664.45
mirror:95.0.4638.54
mirror:94.0.4606.61
mirror:93.0.4577.63
mirror:92.0.4515.107
mirror:91.0.4472.77
mirror:90.0.4430.85
mirror:89.0.4389.72
mirror:88.0.4324.96
mirror:87.0.4280.66
mirror:86.0.4240.75
mirror:85.0.4183.83
mirror:84.0.4147.89
mirror:83.0.4103.61
mirror:81.0.4044.92
mirror:80.0.3987.87
mirror:79.0.3945.79
mirror:78.0.3904.70
mirror:77.0.3865.90
mirror:76.0.3809.87
mirror:74.0.3729.108
mirror:73.0.3683.86
mirror:72.0.3626.81
mirror:71.0.3578.98
mirror:70.0.3538.110
mirror:70.0.3521.2
mirror:68.0.3440.106
mirror:64.0.3282.140
mirror:64.0.3282.119
mirror:63.0.3239.132
mirror:v135.0.7049.38-1
mirror:v134.0.6998.39-1
mirror:v133.0.6943.49-1
mirror:v132.0.6834.79-2
mirror:v132.0.6834.79-1
mirror:v131.0.6778.86-1
mirror:v130.0.6723.40-5
mirror:v130.0.6723.40-4
mirror:v130.0.6723.40-3
mirror:v130.0.6723.40-2
mirror:v130.0.6723.40-1
mirror:v129.0.6668.81-2
mirror:v129.0.6668.81-1
mirror:v128.0.6613.40-3
mirror:v128.0.6613.40-2
mirror:v128.0.6613.40-1
mirror:v127.0.6533.64-3
mirror:v127.0.6533.64-2
mirror:v127.0.6533.64-1
mirror:v126.0.6478.40-2
mirror:v126.0.6478.40-1
mirror:v125.0.6422.35-1
mirror:v124.0.6367.54-3
mirror:v124.0.6367.54-2
mirror:v124.0.6367.54-1
mirror:v123.0.6312.40-1
mirror:v122.0.6261.43-2
mirror:v122.0.6261.43-1
mirror:v121.0.6167.71-1
mirror:v120.0.6099.43-2
mirror:v120.0.6099.43-1
mirror:v119.0.6045.66-1
mirror:v118.0.5993.65-1
mirror:v117.0.5938.44-4
mirror:v117.0.5938.44-3
mirror:v117.0.5938.44-2
mirror:v117.0.5938.44-1
mirror:v116.0.5845.92-2
mirror:v116.0.5845.92-1
mirror:v115.0.5790.166-1
mirror:v114.0.5735.91-4test
mirror:v114.0.5735.91-3
mirror:v114.0.5735.91-1
mirror:v113.0.5672.62-2
mirror:v113.0.5672.62-1
mirror:v112.0.5615.49-1
mirror:v111.0.5563.64-1
mirror:v110.0.5481.100-1
mirror:v109.0.5414.74-2
mirror:v109.0.5414.74-1
mirror:v108.0.5359.94-1
mirror:v107.0.5304.87-3
mirror:v107.0.5304.87-2
mirror:v107.0.5304.87-1
mirror:v106.0.5249.91-3
mirror:v106.0.5249.91-2
mirror:v106.0.5249.91-1
mirror:v105.0.5195.52-1
mirror:v104.0.5112.79-4
mirror:v104.0.5112.79-3
mirror:v104.0.5112.79-2
mirror:v103.0.5060.53-3
mirror:v103.0.5060.53-2
mirror:v103.0.5060.53-1
mirror:v102.0.5005.61-1
mirror:cronet-test8
mirror:cronet-test7
mirror:cronet-test6
mirror:cronet-test5
mirror:cronet-test4
mirror:cronet-test3
mirror:v101.0.4951.41-1
mirror:cronet-test2
mirror:cronet-test
mirror:v100.0.4896.60-1
mirror:v99.0.4844.51-1
mirror:v98.0.4758.80-2
mirror:v98.0.4758.80-1
mirror:v97.0.4692.71-2
mirror:v97.0.4692.71-1
mirror:v96.0.4664.45-1
mirror:v95.0.4638.54-3
mirror:v95.0.4638.54-2
mirror:v95.0.4638.54-1
mirror:v94.0.4606.61-1
mirror:v93.0.4577.63-2
mirror:v93.0.4577.63-1
mirror:v92.0.4515.107-2
mirror:v92.0.4515.107-1
mirror:v91.0.4472.77-1
mirror:v90.0.4430.85-10
mirror:v90.0.4430.85-7
mirror:v90.0.4430.85-6
mirror:v90.0.4430.85-4
mirror:v89.0.4389.72-2
mirror:v89.0.4389.72-1
mirror:v88.0.4324.96-5
mirror:v88.0.4324.96-4
mirror:v88.0.4324.96-2
mirror:v88.0.4324.96-1
mirror:v87.0.4280.66-1
mirror:v86.0.4240.75-1
mirror:v85.0.4183.83-4
mirror:v85.0.4183.83-3
mirror:v85.0.4183.83-2
mirror:v85.0.4183.83-1
mirror:v84.0.4147.89-2
mirror:v84.0.4147.89-1
mirror:v83.0.4103.61-3
mirror:v83.0.4103.61-2
mirror:v83.0.4103.61-1
mirror:v81.0.4044.92-1
mirror:v80.0.3987.87-3
mirror:v80.0.3987.87-2
mirror:v80.0.3987.87-1
mirror:v79.0.3945.79-2
mirror:v79.0.3945.79-1
mirror:v78.0.3904.70-6
mirror:v78.0.3904.70-5
mirror:v78.0.3904.70-4
mirror:v78.0.3904.70-3
mirror:v78.0.3904.70-2
mirror:v78.0.3904.70-1
mirror:v77.0.3865.90-3
mirror:v77.0.3865.90-2
mirror:v77.0.3865.90-1
mirror:v76.0.3809.87-1
mirror:v76.0.3809.12-redir2
mirror:v76.0.3809.12-redir
mirror:v76.0.3809.12
mirror:v74.0.3729.108-1
mirror:v73.0.3683.86-3
mirror:v73.0.3683.86-2
mirror:v73.0.3683.86-1
mirror:v72.0.3626.81-1
mirror:v71.0.3578.98-2
mirror:v71.0.3578.98-1
...
compare: mirror:master
Branches Tags
mirror:master
mirror:134.0.6998.39
mirror:133.0.6943.49
mirror:132.0.6834.79
mirror:131.0.6778.86
mirror:130.0.6723.40
mirror:129.0.6668.81
mirror:128.0.6613.40
mirror:127.0.6533.64
mirror:126.0.6478.40
mirror:125.0.6422.35
mirror:124.0.6367.54
mirror:123.0.6312.40
mirror:122.0.6261.43
mirror:121.0.6167.71
mirror:120.0.6099.43
mirror:119.0.6045.66
mirror:118.0.5993.65
mirror:117.0.5938.44
mirror:116.0.5845.92
mirror:115.0.5790.166
mirror:114.0.5735.91
mirror:113.0.5672.62
mirror:112.0.5615.49
mirror:111.0.5563.64
mirror:110.0.5481.100
mirror:109.0.5414.74
mirror:108.0.5359.94
mirror:107.0.5304.87
mirror:106.0.5249.91
mirror:105.0.5195.52
mirror:104.0.5112.79
mirror:103.0.5060.53
mirror:102.0.5005.61
mirror:101.0.4951.41
mirror:100.0.4896.60
mirror:99.0.4844.51
mirror:98.0.4758.80
mirror:97.0.4692.71
mirror:96.0.4664.45
mirror:95.0.4638.54
mirror:94.0.4606.61
mirror:93.0.4577.63
mirror:92.0.4515.107
mirror:91.0.4472.77
mirror:90.0.4430.85
mirror:89.0.4389.72
mirror:88.0.4324.96
mirror:87.0.4280.66
mirror:86.0.4240.75
mirror:85.0.4183.83
mirror:84.0.4147.89
mirror:83.0.4103.61
mirror:81.0.4044.92
mirror:80.0.3987.87
mirror:79.0.3945.79
mirror:78.0.3904.70
mirror:77.0.3865.90
mirror:76.0.3809.87
mirror:74.0.3729.108
mirror:73.0.3683.86
mirror:72.0.3626.81
mirror:71.0.3578.98
mirror:70.0.3538.110
mirror:70.0.3521.2
mirror:68.0.3440.106
mirror:64.0.3282.140
mirror:64.0.3282.119
mirror:63.0.3239.132
mirror:v135.0.7049.38-1
mirror:v134.0.6998.39-1
mirror:v133.0.6943.49-1
mirror:v132.0.6834.79-2
mirror:v132.0.6834.79-1
mirror:v131.0.6778.86-1
mirror:v130.0.6723.40-5
mirror:v130.0.6723.40-4
mirror:v130.0.6723.40-3
mirror:v130.0.6723.40-2
mirror:v130.0.6723.40-1
mirror:v129.0.6668.81-2
mirror:v129.0.6668.81-1
mirror:v128.0.6613.40-3
mirror:v128.0.6613.40-2
mirror:v128.0.6613.40-1
mirror:v127.0.6533.64-3
mirror:v127.0.6533.64-2
mirror:v127.0.6533.64-1
mirror:v126.0.6478.40-2
mirror:v126.0.6478.40-1
mirror:v125.0.6422.35-1
mirror:v124.0.6367.54-3
mirror:v124.0.6367.54-2
mirror:v124.0.6367.54-1
mirror:v123.0.6312.40-1
mirror:v122.0.6261.43-2
mirror:v122.0.6261.43-1
mirror:v121.0.6167.71-1
mirror:v120.0.6099.43-2
mirror:v120.0.6099.43-1
mirror:v119.0.6045.66-1
mirror:v118.0.5993.65-1
mirror:v117.0.5938.44-4
mirror:v117.0.5938.44-3
mirror:v117.0.5938.44-2
mirror:v117.0.5938.44-1
mirror:v116.0.5845.92-2
mirror:v116.0.5845.92-1
mirror:v115.0.5790.166-1
mirror:v114.0.5735.91-4test
mirror:v114.0.5735.91-3
mirror:v114.0.5735.91-1
mirror:v113.0.5672.62-2
mirror:v113.0.5672.62-1
mirror:v112.0.5615.49-1
mirror:v111.0.5563.64-1
mirror:v110.0.5481.100-1
mirror:v109.0.5414.74-2
mirror:v109.0.5414.74-1
mirror:v108.0.5359.94-1
mirror:v107.0.5304.87-3
mirror:v107.0.5304.87-2
mirror:v107.0.5304.87-1
mirror:v106.0.5249.91-3
mirror:v106.0.5249.91-2
mirror:v106.0.5249.91-1
mirror:v105.0.5195.52-1
mirror:v104.0.5112.79-4
mirror:v104.0.5112.79-3
mirror:v104.0.5112.79-2
mirror:v103.0.5060.53-3
mirror:v103.0.5060.53-2
mirror:v103.0.5060.53-1
mirror:v102.0.5005.61-1
mirror:cronet-test8
mirror:cronet-test7
mirror:cronet-test6
mirror:cronet-test5
mirror:cronet-test4
mirror:cronet-test3
mirror:v101.0.4951.41-1
mirror:cronet-test2
mirror:cronet-test
mirror:v100.0.4896.60-1
mirror:v99.0.4844.51-1
mirror:v98.0.4758.80-2
mirror:v98.0.4758.80-1
mirror:v97.0.4692.71-2
mirror:v97.0.4692.71-1
mirror:v96.0.4664.45-1
mirror:v95.0.4638.54-3
mirror:v95.0.4638.54-2
mirror:v95.0.4638.54-1
mirror:v94.0.4606.61-1
mirror:v93.0.4577.63-2
mirror:v93.0.4577.63-1
mirror:v92.0.4515.107-2
mirror:v92.0.4515.107-1
mirror:v91.0.4472.77-1
mirror:v90.0.4430.85-10
mirror:v90.0.4430.85-7
mirror:v90.0.4430.85-6
mirror:v90.0.4430.85-4
mirror:v89.0.4389.72-2
mirror:v89.0.4389.72-1
mirror:v88.0.4324.96-5
mirror:v88.0.4324.96-4
mirror:v88.0.4324.96-2
mirror:v88.0.4324.96-1
mirror:v87.0.4280.66-1
mirror:v86.0.4240.75-1
mirror:v85.0.4183.83-4
mirror:v85.0.4183.83-3
mirror:v85.0.4183.83-2
mirror:v85.0.4183.83-1
mirror:v84.0.4147.89-2
mirror:v84.0.4147.89-1
mirror:v83.0.4103.61-3
mirror:v83.0.4103.61-2
mirror:v83.0.4103.61-1
mirror:v81.0.4044.92-1
mirror:v80.0.3987.87-3
mirror:v80.0.3987.87-2
mirror:v80.0.3987.87-1
mirror:v79.0.3945.79-2
mirror:v79.0.3945.79-1
mirror:v78.0.3904.70-6
mirror:v78.0.3904.70-5
mirror:v78.0.3904.70-4
mirror:v78.0.3904.70-3
mirror:v78.0.3904.70-2
mirror:v78.0.3904.70-1
mirror:v77.0.3865.90-3
mirror:v77.0.3865.90-2
mirror:v77.0.3865.90-1
mirror:v76.0.3809.87-1
mirror:v76.0.3809.12-redir2
mirror:v76.0.3809.12-redir
mirror:v76.0.3809.12
mirror:v74.0.3729.108-1
mirror:v73.0.3683.86-3
mirror:v73.0.3683.86-2
mirror:v73.0.3683.86-1
mirror:v72.0.3626.81-1
mirror:v71.0.3578.98-2
mirror:v71.0.3578.98-1

No commits in common. "v124.0.6367.54-1" and "master" have entirely different histories.
v124.0.636 ... master

26371 changed files with 1394523 additions and 1720322 deletions
Show stats Expand all files Collapse all files

114
.github/workflows/build.yml vendored
View file

@ -49,7 +49,7 @@ jobs:
wget https://snapshot.debian.org/archive/debian/20230611T210420Z/pool/main/q/qemu/qemu-user-static_8.0%2Bdfsg-4_amd64.deb
fi
cache-toolchains-win:
runs-on: windows-2019
runs-on: windows-2022
steps:
- uses: actions/checkout@v4
- name: Cache toolchains
@ -79,7 +79,7 @@ jobs:
unzip ninja-win.zip -d ~/bin
fi
cache-toolchains-mac:
runs-on: macos-11
runs-on: macos-13
steps:
- uses: actions/checkout@v4
- uses: actions/cache@v4
@ -179,9 +179,13 @@ jobs:
abi: armeabi-v7a
env:
EXTRA_FLAGS: 'target_cpu="${{ matrix.arch }}" target_os="android"'
BUNDLE: naiveproxy-plugin-${{ github.event.release.tag_name || 'v1' }}-${{ matrix.abi }}.apk
BUNDLE: naiveproxy-plugin-${{ github.event.release.tag_name || 'v1.1.1.1-1' }}-${{ matrix.abi }}.apk
steps:
- uses: actions/checkout@v4
- uses: actions/setup-java@v4
with:
distribution: 'temurin'
java-version: 17
- name: Cache toolchains (Linux, OpenWrt, Android)
uses: actions/cache@v4
with:
@ -236,7 +240,7 @@ jobs:
working-directory: apk
env:
APK_ABI: ${{ matrix.abi }}
APK_VERSION_NAME: ${{ github.event.release.tag_name || 'v1' }}
APK_VERSION_NAME: ${{ github.event.release.tag_name || 'v1.1.1.1-1' }}
KEYSTORE_PASS: ${{ secrets.KEYSTORE_PASS }}
run: |
mkdir -p app/libs/$APK_ABI
@ -256,7 +260,7 @@ jobs:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
win:
needs: cache-toolchains-win
runs-on: windows-2019
runs-on: windows-2022
strategy:
fail-fast: false
matrix:
@ -320,7 +324,7 @@ jobs:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
mac:
needs: cache-toolchains-mac
runs-on: macos-11
runs-on: macos-13
strategy:
fail-fast: false
matrix:
@ -371,40 +375,6 @@ jobs:
run: gh release upload "${GITHUB_REF##*/}" ${{ env.BUNDLE }}.tar.xz --clobber
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
ios:
needs: cache-toolchains-mac
runs-on: macos-11
strategy:
fail-fast: false
matrix:
arch: [arm64]
env:
EXTRA_FLAGS: 'target_cpu="${{ matrix.arch }}" target_os="ios" ios_enable_code_signing=false'
BUNDLE: naiveproxy-${{ github.event.release.tag_name }}-${{ github.job }}-${{ matrix.arch }}
steps:
- uses: actions/checkout@v4
- name: Cache toolchains and PGO
uses: actions/cache@v4
with:
path: |
src/third_party/llvm-build/Release+Asserts/
src/chrome/build/pgo_profiles/chrome-mac-*
src/gn/
key: toolchains-pgo-mac-${{ hashFiles('CHROMIUM_VERSION') }}-v${{ env.CACHE_EPOCH }}
- id: ccache-timestamp
run: echo "CCACHE_TIMESTAMP=$(date +%s)" >>$GITHUB_OUTPUT
- name: Cache ccache files
uses: actions/cache@v4
with:
path: ~/Library/Caches/ccache
key: ccache-ios-${{ matrix.arch }}-${{ hashFiles('CHROMIUM_VERSION') }}-${{ steps.ccache-timestamp.outputs.CCACHE_TIMESTAMP }}
restore-keys: ccache-ios-${{ matrix.arch }}-${{ hashFiles('CHROMIUM_VERSION') }}-
- run: brew install ninja ccache
- run: pip install setuptools
- run: ./get-clang.sh
- run: ccache -z
- run: ./build.sh
- run: ccache -s
openwrt:
needs: cache-toolchains-posix
runs-on: ubuntu-22.04
@ -416,7 +386,7 @@ jobs:
openwrt: "target=x86 subtarget=64"
target_cpu: x64
- arch: x86
openwrt: "target=x86 subtarget=generic"
openwrt: "target=x86 subtarget=geode"
target_cpu: x86
- arch: aarch64_cortex-a53
openwrt: "target=sunxi subtarget=cortexa53"
@ -425,7 +395,9 @@ jobs:
- arch: aarch64_cortex-a53-static
openwrt: "target=sunxi subtarget=cortexa53"
target_cpu: arm64
extra: 'arm_cpu="cortex-a53" build_static=true no_madvise_syscall=true'
extra: 'arm_cpu="cortex-a53" build_static=true use_allocator_shim=false use_partition_alloc=false'
openwrt_release: '24.10.0'
openwrt_gcc_ver: '13.3.0'
- arch: aarch64_cortex-a72
openwrt: "target=mvebu subtarget=cortexa72"
target_cpu: arm64
@ -433,16 +405,26 @@ jobs:
- arch: aarch64_cortex-a72-static
openwrt: "target=mvebu subtarget=cortexa72"
target_cpu: arm64
extra: 'arm_cpu="cortex-a72" build_static=true no_madvise_syscall=true'
extra: 'arm_cpu="cortex-a72" build_static=true use_allocator_shim=false use_partition_alloc=false'
openwrt_release: '24.10.0'
openwrt_gcc_ver: '13.3.0'
- arch: aarch64_cortex-a76
openwrt: "target=bcm27xx subtarget=bcm2712"
target_cpu: arm64
extra: 'arm_cpu="cortex-a76"'
openwrt_release: '24.10.0'
openwrt_gcc_ver: '13.3.0'
- arch: aarch64_generic
openwrt: "target=rockchip subtarget=armv8"
openwrt: "target=layerscape subtarget=armv8_64b"
target_cpu: arm64
- arch: aarch64_generic-static
openwrt: "target=rockchip subtarget=armv8"
openwrt: "target=layerscape subtarget=armv8_64b"
target_cpu: arm64
extra: "build_static=true no_madvise_syscall=true"
extra: "build_static=true use_allocator_shim=false use_partition_alloc=false"
openwrt_release: '24.10.0'
openwrt_gcc_ver: '13.3.0'
- arch: arm_arm1176jzf-s_vfp
openwrt: "target=bcm27xx subtarget=bcm2708"
openwrt: "target=brcm2708 subtarget=bcm2708"
target_cpu: arm
extra: 'arm_version=0 arm_cpu="arm1176jzf-s" arm_fpu="vfp" arm_float_abi="hard" arm_use_neon=false arm_use_thumb=false'
- arch: arm_arm926ej-s
@ -450,29 +432,35 @@ jobs:
target_cpu: arm
extra: 'arm_version=0 arm_cpu="arm926ej-s" arm_float_abi="soft" arm_use_neon=false arm_use_thumb=false'
- arch: arm_cortex-a15_neon-vfpv4
openwrt: "target=armsr subtarget=armv7"
openwrt: "target=ipq806x subtarget=generic"
target_cpu: arm
extra: 'arm_version=0 arm_cpu="cortex-a15" arm_fpu="neon-vfpv4" arm_float_abi="hard" arm_use_neon=true'
- arch: arm_cortex-a5_vfpv4
openwrt: "target=at91 subtarget=sama5"
openwrt: "target=at91 subtarget=sama5d3"
target_cpu: arm
extra: 'arm_version=0 arm_cpu="cortex-a5" arm_fpu="vfpv4" arm_float_abi="hard" arm_use_neon=false'
- arch: arm_cortex-a7
openwrt: "target=mediatek subtarget=mt7629"
target_cpu: arm
extra: 'arm_version=0 arm_cpu="cortex-a7" arm_float_abi="soft" arm_use_neon=false'
openwrt_release: '21.02.0'
openwrt_gcc_ver: '8.4.0'
- arch: arm_cortex-a7_neon-vfpv4
openwrt: "target=sunxi subtarget=cortexa7"
target_cpu: arm
extra: 'arm_version=0 arm_cpu="cortex-a7" arm_fpu="neon-vfpv4" arm_float_abi="hard" arm_use_neon=true'
- arch: arm_cortex-a7_neon-vfpv4-static
openwrt: "target=sunxi subtarget=cortexa7"
target_cpu: arm
extra: 'arm_version=0 arm_cpu="cortex-a7" arm_fpu="neon-vfpv4" arm_float_abi="hard" arm_use_neon=true build_static=true use_allocator_shim=false use_partition_alloc=false'
openwrt_release: '24.10.0'
openwrt_gcc_ver: '13.3.0'
- arch: arm_cortex-a7_vfpv4
openwrt: "target=at91 subtarget=sama7"
target_cpu: arm
extra: 'arm_version=0 arm_cpu="cortex-a7" arm_fpu="vfpv4" arm_float_abi="hard" arm_use_neon=false'
- arch: arm_cortex-a7_neon-vfpv4-static
openwrt: "target=sunxi subtarget=cortexa7"
target_cpu: arm
extra: 'arm_version=0 arm_cpu="cortex-a7" arm_fpu="neon-vfpv4" arm_float_abi="hard" arm_use_neon=true build_static=true no_madvise_syscall=true'
openwrt_release: '22.03.0'
openwrt_gcc_ver: '11.2.0'
- arch: arm_cortex-a8_vfpv3
openwrt: "target=sunxi subtarget=cortexa8"
target_cpu: arm
@ -484,13 +472,15 @@ jobs:
- arch: arm_cortex-a9-static
openwrt: "target=bcm53xx subtarget=generic"
target_cpu: arm
extra: 'arm_version=0 arm_cpu="cortex-a9" arm_float_abi="soft" arm_use_neon=false build_static=true no_madvise_syscall=true'
extra: 'arm_version=0 arm_cpu="cortex-a9" arm_float_abi="soft" arm_use_neon=false build_static=true use_allocator_shim=false use_partition_alloc=false'
openwrt_release: '24.10.0'
openwrt_gcc_ver: '13.3.0'
- arch: arm_cortex-a9_neon
openwrt: "target=zynq subtarget=generic"
openwrt: "target=imx6 subtarget=generic"
target_cpu: arm
extra: 'arm_version=0 arm_cpu="cortex-a9" arm_fpu="neon" arm_float_abi="hard" arm_use_neon=true'
- arch: arm_cortex-a9_vfpv3-d16
openwrt: "target=tegra subtarget=generic"
openwrt: "target=mvebu subtarget=cortexa9"
target_cpu: arm
extra: 'arm_version=0 arm_cpu="cortex-a9" arm_fpu="vfpv3-d16" arm_float_abi="hard" arm_use_neon=false'
- arch: arm_mpcore
@ -508,17 +498,21 @@ jobs:
- arch: mipsel_24kc-static
openwrt: "target=ramips subtarget=rt305x"
target_cpu: mipsel
extra: 'mips_arch_variant="r2" mips_float_abi="soft" build_static=true no_madvise_syscall=true'
extra: 'mips_arch_variant="r2" mips_float_abi="soft" build_static=true use_allocator_shim=false use_partition_alloc=false'
openwrt_release: '24.10.0'
openwrt_gcc_ver: '13.3.0'
- arch: mipsel_mips32
openwrt: "target=bcm47xx subtarget=generic"
openwrt: "target=brcm47xx subtarget=legacy"
target_cpu: mipsel
extra: 'mips_arch_variant="r1" mips_float_abi="soft"'
- arch: riscv64
openwrt: "target=sifiveu subtarget=generic"
target_cpu: riscv64
openwrt_release: '23.05.0'
openwrt_gcc_ver: '12.3.0'
env:
EXTRA_FLAGS: target_cpu="${{ matrix.target_cpu }}" target_os="openwrt" ${{ matrix.extra }}
OPENWRT_FLAGS: arch=${{ matrix.arch }} release=23.05.0 gcc_ver=12.3.0 ${{ matrix.openwrt }}
EXTRA_FLAGS: target_cpu="${{ matrix.target_cpu }}" target_os="openwrt" ${{ matrix.extra }} enable_shadow_metadata=false
OPENWRT_FLAGS: arch=${{ matrix.arch }} release=${{ matrix.openwrt_release || '18.06.0' }} gcc_ver=${{ matrix.openwrt_gcc_ver || '7.3.0' }} ${{ matrix.openwrt }}
BUNDLE: naiveproxy-${{ github.event.release.tag_name }}-${{ github.job }}-${{ matrix.arch }}
steps:
- uses: actions/checkout@v4

2
CHROMIUM_VERSION
View file

@ -1 +1 @@
124.0.6367.54
135.0.7049.38

7
README.md
View file

@ -21,7 +21,7 @@ The Naïve server here works as a forward proxy and a packet length padding laye
## Download NaïveProxy
Download [here](https://github.com/klzgrad/naiveproxy/releases/latest). Supported platforms include: Windows, Android (with [NekoBox](https://github.com/MatsuriDayo/NekoBoxForAndroid)), Linux, Mac OS, and OpenWrt ([support status](https://github.com/klzgrad/naiveproxy/wiki/OpenWrt-Support)).
Download [here](https://github.com/klzgrad/naiveproxy/releases/latest). Supported platforms include: Windows, Android (with [Exclave](https://github.com/dyhkwong/Exclave), [NekoBox](https://github.com/MatsuriDayo/NekoBoxForAndroid)), Linux, Mac OS, and OpenWrt ([support status](https://github.com/klzgrad/naiveproxy/wiki/OpenWrt-Support)).
Users should always use the latest version to keep signatures identical to Chrome.
@ -82,7 +82,6 @@ Or `quic://user:pass@example.com`, if it works better. See also [parameter usage
* [v2rayN](https://github.com/2dust/v2rayN), GUI client, Windows
* [NekoBox for Android](https://github.com/MatsuriDayo/NekoBoxForAndroid), Proxy toolchain, Android
* [NekoRay / NekoBox For PC](https://github.com/MatsuriDayo/nekoray), Qt based GUI, Windows, Linux
* [Yet Another Shadow Socket](https://github.com/Chilledheart/yass), NaïveProxy-compatible forward proxy, Android, iOS, Windows, macOS, Linux, FreeBSD
## Notes for downstream
@ -114,7 +113,7 @@ Further reads and writes after `kFirstPaddings` are unpadded to avoid performanc
### H2 RST_STREAM frame padding
In experiments, NaïveProxy tends to send too many RST_STREAM frames per session, an uncommon behavior from regular browsers. To solve this, an END_STREAM DATA frame padded with total length distributed in [48, 72] is prepended to the RST_STREAM frame so it looks like a HEADERS frame. The server often replies to this with a WINDOW_UPDATE because padding is accounted in flow control. Whether this results in a new uncommon behavior is still unclear.
In experiments, NaïveProxy tends to send too many RST_STREAM frames per session, an uncommon behavior from regular browsers. To solve this, an END_STREAM DATA frame padded with total length distributed in [48, 72] is prepended to the RST_STREAM frame so it looks like a HEADERS frame. The server often replies to this with a WINDOW_UPDATE because padding is accounted in flow control. Whether this results in a new uncommon behavior is still unclear.
### H2 HEADERS frame padding
@ -130,7 +129,7 @@ The first CONNECT request to a server cannot use "Fast Open" to send payload bef
## Changes from Chromium upstream
- Minimize source code and build size (1% of the original)
- Minimize source code and build size (0.3% of the original)
- Disable exceptions and RTTI, except on Mac and Android.
- Support OpenWrt builds
- (Android, Linux) Use the builtin verifier instead of the system verifier (drop dependency of NSS on Linux) and read the system trust store from (following Go's behavior in crypto/x509/root_unix.go and crypto/x509/root_linux.go):

39
USAGE.txt
View file

@ -14,8 +14,8 @@ Description:
"proxy": "..."
}
`--listen` can be specified multiple times on the command line,
and can be either a string or an array of strings in the JSON file.
Specifying a flag multiple times on the command line is equivalent to
having an array of multiple strings in the JSON file.
Uses "config.json" by default if run without arguments.
@ -29,18 +29,16 @@ Options:
Prints version.
--listen=<proto>://[addr][:port]
--listen=socks://[[user]:[pass]@][addr][:port]
--listen=LISTEN-URI
Listens at addr:port with protocol <proto>.
LISTEN-URI = <LISTEN-PROTO>"://"[<USER>":"<PASS>"@"][<ADDR>][":"<PORT>]
LISTEN-PROTO = "socks" | "http" | "redir"
Listens at addr:port with protocol <LISTEN-PROTO>.
Can be specified multiple times to listen on multiple ports.
Available proto: socks, http, redir.
Default proto, addr, port: socks, 0.0.0.0, 1080.
* http: Supports only proxying https:// URLs, no http://.
* redir: Works with certain iptables setup.
Note: redir requires specific iptables rules and uses no authentication.
(Redirecting locally originated traffic)
iptables -t nat -A OUTPUT -d $proxy_server_ip -j RETURN
@ -57,10 +55,21 @@ Options:
The artificial results are not saved for privacy, so restarting the
resolver may cause downstream to cache stale results.
--proxy=<proto>://<user>:<pass>@<hostname>[:<port>]
--proxy=PROXY
Routes traffic via the proxy server. Connects directly by default.
Available proto: https, quic. Infers port by default.
PROXY = PROXY-CHAIN | SOCKS-PROXY
PROXY-CHAIN = <PROXY-URI>[","<PROXY-CHAIN>]
PROXY-URI = <PROXY-PROTO>"://"[<USER>":"<PASS>"@"]<HOSTNAME>[":"<PORT>]
PROXY-PROTO = "http" | "https" | "quic"
SOCKS-PROXY = "socks://"<HOSTNAME>[":"<PORT>]
Routes traffic via the proxy chain.
The default proxy is directly connection without proxying.
The last PROXY-URI is negotiated automatically for Naive padding.
Limitations:
* QUIC proxies cannot follow TCP-based proxies in a proxy chain.
* The user needs to ensure there is no loop in the proxy chain.
* SOCKS proxies do not support chaining, authentication, or Naive padding.
--insecure-concurrency=<N>
@ -97,3 +106,7 @@ Options:
--ssl-key-log-file=<path>
Saves SSL keys for Wireshark inspection.
--no-post-quantum
Overrides the default and disables post-quantum key agreement.

1
apk/.gitignore vendored
View file

@ -1,2 +1,3 @@
.gradle/
app/build/
app/libs/

30
apk/app/build.gradle.kts
View file

@ -4,7 +4,7 @@ plugins {
}
android {
namespace = "moe.matsuri.exe.naive"
namespace = "io.nekohasekai.sagernet.plugin.naive"
signingConfigs {
create("release") {
@ -17,23 +17,21 @@ android {
buildTypes {
getByName("release") {
proguardFiles(
getDefaultProguardFile("proguard-android-optimize.txt"),
file("proguard-rules.pro")
)
isMinifyEnabled = true
signingConfig = signingConfigs.getByName("release")
}
}
compileSdk = 33
buildToolsVersion = "35.0.0"
compileSdk = 35
defaultConfig {
minSdk = 21
targetSdk = 33
minSdk = 24
targetSdk = 35
applicationId = "moe.matsuri.exe.naive"
versionCode = System.getenv("APK_VERSION_NAME").removePrefix("v").split(".")[0].toInt()
applicationId = "io.nekohasekai.sagernet.plugin.naive"
versionCode = System.getenv("APK_VERSION_NAME").removePrefix("v").split(".")[0].toInt() * 10 + System.getenv("APK_VERSION_NAME").removePrefix("v").split("-")[1].toInt()
versionName = System.getenv("APK_VERSION_NAME").removePrefix("v")
splits.abi {
isEnable = true
@ -44,12 +42,8 @@ android {
}
compileOptions {
sourceCompatibility = JavaVersion.VERSION_1_8
targetCompatibility = JavaVersion.VERSION_1_8
}
kotlinOptions {
jvmTarget = "1.8"
sourceCompatibility = JavaVersion.VERSION_17
targetCompatibility = JavaVersion.VERSION_17
}
lint {
@ -59,6 +53,10 @@ android {
warningsAsErrors = true
}
packaging {
jniLibs.useLegacyPackaging = true
}
applicationVariants.all {
outputs.all {
this as com.android.build.gradle.internal.api.BaseVariantOutputImpl

7
apk/app/src/main/AndroidManifest.xml
View file

@ -13,13 +13,12 @@
<application
android:allowBackup="false"
android:extractNativeLibs="true"
android:icon="@mipmap/ic_launcher"
android:label="Naïve For NekoBox"
android:label="Naïve Plugin"
android:roundIcon="@mipmap/ic_launcher_round">
<provider
android:name=".BinaryProvider"
android:authorities="moe.matsuri.exe.naive.BinaryProvider"
android:authorities="io.nekohasekai.sagernet.plugin.naive.BinaryProvider"
android:directBootAware="true"
android:exported="true"
tools:ignore="ExportedContentProvider">
@ -29,7 +28,7 @@
<intent-filter>
<action android:name="io.nekohasekai.sagernet.plugin.ACTION_NATIVE_PLUGIN" />
<data
android:host="moe.matsuri.lite"
android:host="io.nekohasekai.sagernet"
android:path="/naive-plugin"
android:scheme="plugin" />
</intent-filter>

2
apk/app/src/main/java/moe/matsuri/exe/naive/BinaryProvider.kt → apk/app/src/main/java/io/nekohasekai/sagernet/plugin/naive/BinaryProvider.kt
View file

@ -17,7 +17,7 @@
* *
******************************************************************************/
package moe.matsuri.exe.naive
package io.nekohasekai.sagernet.plugin.naive
import android.net.Uri
import android.os.ParcelFileDescriptor

4
apk/build.gradle
View file

@ -5,8 +5,8 @@ buildscript {
mavenCentral()
}
dependencies {
classpath 'com.android.tools.build:gradle:7.3.1'
classpath 'org.jetbrains.kotlin:kotlin-gradle-plugin:1.6.10'
classpath 'com.android.tools.build:gradle:8.6.0'
classpath 'org.jetbrains.kotlin:kotlin-gradle-plugin:2.0.20'
// NOTE: Do not place your application dependencies here; they belong
// in the individual module build.gradle files

BIN
apk/gradle/wrapper/gradle-wrapper.jar vendored
View file

Binary file not shown.

7
apk/gradle/wrapper/gradle-wrapper.properties vendored
View file

@ -1,6 +1,7 @@
#Thu Jan 27 22:42:44 HKT 2022
distributionBase=GRADLE_USER_HOME
distributionUrl=https\://services.gradle.org/distributions/gradle-7.4-bin.zip
distributionPath=wrapper/dists
zipStorePath=wrapper/dists
distributionUrl=https\://services.gradle.org/distributions/gradle-8.10-bin.zip
networkTimeout=10000
validateDistributionUrl=true
zipStoreBase=GRADLE_USER_HOME
zipStorePath=wrapper/dists

297
apk/gradlew vendored
View file

@ -1,7 +1,7 @@
#!/usr/bin/env sh
#!/bin/sh
#
# Copyright 2015 the original author or authors.
# Copyright © 2015-2021 the original authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@ -15,69 +15,104 @@
# See the License for the specific language governing permissions and
# limitations under the License.
#
# SPDX-License-Identifier: Apache-2.0
#
##############################################################################
##
## Gradle start up script for UN*X
##
#
# Gradle start up script for POSIX generated by Gradle.
#
# Important for running:
#
# (1) You need a POSIX-compliant shell to run this script. If your /bin/sh is
# noncompliant, but you have some other compliant shell such as ksh or
# bash, then to run this script, type that shell name before the whole
# command line, like:
#
# ksh Gradle
#
# Busybox and similar reduced shells will NOT work, because this script
# requires all of these POSIX shell features:
# * functions;
# * expansions «$var», «${var}», «${var:-default}», «${var+SET}»,
# «${var#prefix}», «${var%suffix}», and «$( cmd )»;
# * compound commands having a testable exit status, especially «case»;
# * various built-in commands including «command», «set», and «ulimit».
#
# Important for patching:
#
# (2) This script targets any POSIX shell, so it avoids extensions provided
# by Bash, Ksh, etc; in particular arrays are avoided.
#
# The "traditional" practice of packing multiple parameters into a
# space-separated string is a well documented source of bugs and security
# problems, so this is (mostly) avoided, by progressively accumulating
# options in "$@", and eventually passing that to Java.
#
# Where the inherited environment variables (DEFAULT_JVM_OPTS, JAVA_OPTS,
# and GRADLE_OPTS) rely on word-splitting, this is performed explicitly;
# see the in-line comments for details.
#
# There are tweaks for specific operating systems such as AIX, CygWin,
# Darwin, MinGW, and NonStop.
#
# (3) This script is generated from the Groovy template
# https://github.com/gradle/gradle/blob/HEAD/platforms/jvm/plugins-application/src/main/resources/org/gradle/api/internal/plugins/unixStartScript.txt
# within the Gradle project.
#
# You can find Gradle at https://github.com/gradle/gradle/.
#
##############################################################################
# Attempt to set APP_HOME
# Resolve links: $0 may be a link
PRG="$0"
# Need this for relative symlinks.
while [ -h "$PRG" ] ; do
ls=`ls -ld "$PRG"`
link=`expr "$ls" : '.*-> \(.*\)$'`
if expr "$link" : '/.*' > /dev/null; then
PRG="$link"
else
PRG=`dirname "$PRG"`"/$link"
fi
app_path=$0
# Need this for daisy-chained symlinks.
while
APP_HOME=${app_path%"${app_path##*/}"} # leaves a trailing /; empty if no leading path
[ -h "$app_path" ]
do
ls=$( ls -ld "$app_path" )
link=${ls#*' -> '}
case $link in #(
/*) app_path=$link ;; #(
*) app_path=$APP_HOME$link ;;
esac
done
SAVED="`pwd`"
cd "`dirname \"$PRG\"`/" >/dev/null
APP_HOME="`pwd -P`"
cd "$SAVED" >/dev/null
APP_NAME="Gradle"
APP_BASE_NAME=`basename "$0"`
# Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
DEFAULT_JVM_OPTS='"-Xmx64m" "-Xms64m"'
# This is normally unused
# shellcheck disable=SC2034
APP_BASE_NAME=${0##*/}
# Discard cd standard output in case $CDPATH is set (https://github.com/gradle/gradle/issues/25036)
APP_HOME=$( cd -P "${APP_HOME:-./}" > /dev/null && printf '%s
' "$PWD" ) || exit
# Use the maximum available, or set MAX_FD != -1 to use that value.
MAX_FD="maximum"
MAX_FD=maximum
warn () {
echo "$*"
}
} >&2
die () {
echo
echo "$*"
echo
exit 1
}
} >&2
# OS specific support (must be 'true' or 'false').
cygwin=false
msys=false
darwin=false
nonstop=false
case "`uname`" in
CYGWIN* )
cygwin=true
;;
Darwin* )
darwin=true
;;
MINGW* )
msys=true
;;
NONSTOP* )
nonstop=true
;;
case "$( uname )" in #(
CYGWIN* ) cygwin=true ;; #(
Darwin* ) darwin=true ;; #(
MSYS* | MINGW* ) msys=true ;; #(
NONSTOP* ) nonstop=true ;;
esac
CLASSPATH=$APP_HOME/gradle/wrapper/gradle-wrapper.jar
@ -87,9 +122,9 @@ CLASSPATH=$APP_HOME/gradle/wrapper/gradle-wrapper.jar
if [ -n "$JAVA_HOME" ] ; then
if [ -x "$JAVA_HOME/jre/sh/java" ] ; then
# IBM's JDK on AIX uses strange locations for the executables
JAVACMD="$JAVA_HOME/jre/sh/java"
JAVACMD=$JAVA_HOME/jre/sh/java
else
JAVACMD="$JAVA_HOME/bin/java"
JAVACMD=$JAVA_HOME/bin/java
fi
if [ ! -x "$JAVACMD" ] ; then
die "ERROR: JAVA_HOME is set to an invalid directory: $JAVA_HOME
@ -98,88 +133,120 @@ Please set the JAVA_HOME variable in your environment to match the
location of your Java installation."
fi
else
JAVACMD="java"
which java >/dev/null 2>&1 || die "ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
JAVACMD=java
if ! command -v java >/dev/null 2>&1
then
die "ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
Please set the JAVA_HOME variable in your environment to match the
location of your Java installation."
fi
fi
# Increase the maximum file descriptors if we can.
if [ "$cygwin" = "false" -a "$darwin" = "false" -a "$nonstop" = "false" ] ; then
MAX_FD_LIMIT=`ulimit -H -n`
if [ $? -eq 0 ] ; then
if [ "$MAX_FD" = "maximum" -o "$MAX_FD" = "max" ] ; then
MAX_FD="$MAX_FD_LIMIT"
fi
ulimit -n $MAX_FD
if [ $? -ne 0 ] ; then
warn "Could not set maximum file descriptor limit: $MAX_FD"
fi
else
warn "Could not query maximum file descriptor limit: $MAX_FD_LIMIT"
fi
fi
# For Darwin, add options to specify how the application appears in the dock
if $darwin; then
GRADLE_OPTS="$GRADLE_OPTS \"-Xdock:name=$APP_NAME\" \"-Xdock:icon=$APP_HOME/media/gradle.icns\""
fi
# For Cygwin or MSYS, switch paths to Windows format before running java
if [ "$cygwin" = "true" -o "$msys" = "true" ] ; then
APP_HOME=`cygpath --path --mixed "$APP_HOME"`
CLASSPATH=`cygpath --path --mixed "$CLASSPATH"`
JAVACMD=`cygpath --unix "$JAVACMD"`
# We build the pattern for arguments to be converted via cygpath
ROOTDIRSRAW=`find -L / -maxdepth 1 -mindepth 1 -type d 2>/dev/null`
SEP=""
for dir in $ROOTDIRSRAW ; do
ROOTDIRS="$ROOTDIRS$SEP$dir"
SEP="|"
done
OURCYGPATTERN="(^($ROOTDIRS))"
# Add a user-defined pattern to the cygpath arguments
if [ "$GRADLE_CYGPATTERN" != "" ] ; then
OURCYGPATTERN="$OURCYGPATTERN|($GRADLE_CYGPATTERN)"
fi
# Now convert the arguments - kludge to limit ourselves to /bin/sh
i=0
for arg in "$@" ; do
CHECK=`echo "$arg"|egrep -c "$OURCYGPATTERN" -`
CHECK2=`echo "$arg"|egrep -c "^-"` ### Determine if an option
if [ $CHECK -ne 0 ] && [ $CHECK2 -eq 0 ] ; then ### Added a condition
eval `echo args$i`=`cygpath --path --ignore --mixed "$arg"`
else
eval `echo args$i`="\"$arg\""
fi
i=`expr $i + 1`
done
case $i in
0) set -- ;;
1) set -- "$args0" ;;
2) set -- "$args0" "$args1" ;;
3) set -- "$args0" "$args1" "$args2" ;;
4) set -- "$args0" "$args1" "$args2" "$args3" ;;
5) set -- "$args0" "$args1" "$args2" "$args3" "$args4" ;;
6) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" ;;
7) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" ;;
8) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" ;;
9) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" "$args8" ;;
if ! "$cygwin" && ! "$darwin" && ! "$nonstop" ; then
case $MAX_FD in #(
max*)
# In POSIX sh, ulimit -H is undefined. That's why the result is checked to see if it worked.
# shellcheck disable=SC2039,SC3045
MAX_FD=$( ulimit -H -n ) ||
warn "Could not query maximum file descriptor limit"
esac
case $MAX_FD in #(
'' | soft) :;; #(
*)
# In POSIX sh, ulimit -n is undefined. That's why the result is checked to see if it worked.
# shellcheck disable=SC2039,SC3045
ulimit -n "$MAX_FD" ||
warn "Could not set maximum file descriptor limit to $MAX_FD"
esac
fi
# Escape application args
save () {
for i do printf %s\\n "$i" | sed "s/'/'\\\\''/g;1s/^/'/;\$s/\$/' \\\\/" ; done
echo " "
}
APP_ARGS=`save "$@"`
# Collect all arguments for the java command, stacking in reverse order:
# * args from the command line
# * the main class name
# * -classpath
# * -D...appname settings
# * --module-path (only if needed)
# * DEFAULT_JVM_OPTS, JAVA_OPTS, and GRADLE_OPTS environment variables.
# Collect all arguments for the java command, following the shell quoting and substitution rules
eval set -- $DEFAULT_JVM_OPTS $JAVA_OPTS $GRADLE_OPTS "\"-Dorg.gradle.appname=$APP_BASE_NAME\"" -classpath "\"$CLASSPATH\"" org.gradle.wrapper.GradleWrapperMain "$APP_ARGS"
# For Cygwin or MSYS, switch paths to Windows format before running java
if "$cygwin" || "$msys" ; then
APP_HOME=$( cygpath --path --mixed "$APP_HOME" )
CLASSPATH=$( cygpath --path --mixed "$CLASSPATH" )
JAVACMD=$( cygpath --unix "$JAVACMD" )
# Now convert the arguments - kludge to limit ourselves to /bin/sh
for arg do
if
case $arg in #(
-*) false ;; # don't mess with options #(
/?*) t=${arg#/} t=/${t%%/*} # looks like a POSIX filepath
[ -e "$t" ] ;; #(
*) false ;;
esac
then
arg=$( cygpath --path --ignore --mixed "$arg" )
fi
# Roll the args list around exactly as many times as the number of
# args, so each arg winds up back in the position where it started, but
# possibly modified.
#
# NB: a `for` loop captures its iteration list before it begins, so
# changing the positional parameters here affects neither the number of
# iterations, nor the values presented in `arg`.
shift # remove old arg
set -- "$@" "$arg" # push replacement arg
done
fi
# Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
DEFAULT_JVM_OPTS='"-Xmx64m" "-Xms64m"'
# Collect all arguments for the java command:
# * DEFAULT_JVM_OPTS, JAVA_OPTS, JAVA_OPTS, and optsEnvironmentVar are not allowed to contain shell fragments,
# and any embedded shellness will be escaped.
# * For example: A user cannot expect ${Hostname} to be expanded, as it is an environment variable and will be
# treated as '${Hostname}' itself on the command line.
set -- \
"-Dorg.gradle.appname=$APP_BASE_NAME" \
-classpath "$CLASSPATH" \
org.gradle.wrapper.GradleWrapperMain \
"$@"
# Stop when "xargs" is not available.
if ! command -v xargs >/dev/null 2>&1
then
die "xargs is not available"
fi
# Use "xargs" to parse quoted args.
#
# With -n1 it outputs one arg per line, with the quotes and backslashes removed.
#
# In Bash we could simply go:
#
# readarray ARGS < <( xargs -n1 <<<"$var" ) &&
# set -- "${ARGS[@]}" "$@"
#
# but POSIX shell has neither arrays nor command substitution, so instead we
# post-process each arg (as a line of input to sed) to backslash-escape any
# character that might be a shell metacharacter, then use eval to reverse
# that process (while maintaining the separation between arguments), and wrap
# the whole thing up as a single "set" statement.
#
# This will of course break if any of these variables contains a newline or
# an unmatched quote.
#
eval "set -- $(
printf '%s\n' "$DEFAULT_JVM_OPTS $JAVA_OPTS $GRADLE_OPTS" |
xargs -n1 |
sed ' s~[^-[:alnum:]+,./:=@_]~\\&~g; ' |
tr '\n' ' '
)" '"$@"'
exec "$JAVACMD" "$@"

94
apk/gradlew.bat vendored Normal file
View file

@ -0,0 +1,94 @@
@rem
@rem Copyright 2015 the original author or authors.
@rem
@rem Licensed under the Apache License, Version 2.0 (the "License");
@rem you may not use this file except in compliance with the License.
@rem You may obtain a copy of the License at
@rem
@rem https://www.apache.org/licenses/LICENSE-2.0
@rem
@rem Unless required by applicable law or agreed to in writing, software
@rem distributed under the License is distributed on an "AS IS" BASIS,
@rem WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@rem See the License for the specific language governing permissions and
@rem limitations under the License.
@rem
@rem SPDX-License-Identifier: Apache-2.0
@rem
@if "%DEBUG%"=="" @echo off
@rem ##########################################################################
@rem
@rem Gradle startup script for Windows
@rem
@rem ##########################################################################
@rem Set local scope for the variables with windows NT shell
if "%OS%"=="Windows_NT" setlocal
set DIRNAME=%~dp0
if "%DIRNAME%"=="" set DIRNAME=.
@rem This is normally unused
set APP_BASE_NAME=%~n0
set APP_HOME=%DIRNAME%
@rem Resolve any "." and ".." in APP_HOME to make it shorter.
for %%i in ("%APP_HOME%") do set APP_HOME=%%~fi
@rem Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
set DEFAULT_JVM_OPTS="-Xmx64m" "-Xms64m"
@rem Find java.exe
if defined JAVA_HOME goto findJavaFromJavaHome
set JAVA_EXE=java.exe
%JAVA_EXE% -version >NUL 2>&1
if %ERRORLEVEL% equ 0 goto execute
echo. 1>&2
echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. 1>&2
echo. 1>&2
echo Please set the JAVA_HOME variable in your environment to match the 1>&2
echo location of your Java installation. 1>&2
goto fail
:findJavaFromJavaHome
set JAVA_HOME=%JAVA_HOME:"=%
set JAVA_EXE=%JAVA_HOME%/bin/java.exe
if exist "%JAVA_EXE%" goto execute
echo. 1>&2
echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME% 1>&2
echo. 1>&2
echo Please set the JAVA_HOME variable in your environment to match the 1>&2
echo location of your Java installation. 1>&2
goto fail
:execute
@rem Setup the command line
set CLASSPATH=%APP_HOME%\gradle\wrapper\gradle-wrapper.jar
@rem Execute Gradle
"%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -classpath "%CLASSPATH%" org.gradle.wrapper.GradleWrapperMain %*
:end
@rem End local scope for the variables with windows NT shell
if %ERRORLEVEL% equ 0 goto mainEnd
:fail
rem Set variable GRADLE_EXIT_CONSOLE if you need the _script_ return code instead of
rem the _cmd.exe /c_ return code!
set EXIT_CODE=%ERRORLEVEL%
if %EXIT_CODE% equ 0 set EXIT_CODE=1
if not ""=="%GRADLE_EXIT_CONSOLE%" exit %EXIT_CODE%
exit /b %EXIT_CODE%
:mainEnd
if "%OS%"=="Windows_NT" endlocal
:omega

2
apk/settings.gradle
View file

@ -5,6 +5,6 @@ dependencyResolutionManagement {
mavenCentral()
}
}
rootProject.name = "Matsuri Plugins"
rootProject.name = "Naive Plugin"
include ':app'

40
src/.clang-format
View file

@ -12,6 +12,46 @@ Standard: Cpp11
InsertBraces: true
InsertNewlineAtEOF: true
# Sort #includes by following
# https://google.github.io/styleguide/cppguide.html#Names_and_Order_of_Includes
#
# ref: https://clang.llvm.org/docs/ClangFormatStyleOptions.html#includeblocks
IncludeBlocks: Regroup
# ref: https://clang.llvm.org/docs/ClangFormatStyleOptions.html#includecategories
IncludeCategories:
# The win32 api has all sorts of implicit include order dependencies :-/
# Give a few headers special priorities that make sure they appear before
# all other headers.
# Sync this with SerializeIncludes in tools/add_header.py.
# TODO(crbug.com/329138753): remove include sorting from tools/add_header.py
# after confirming clang-format sort works well.
# LINT.IfChange(winheader)
- Regex: '^<objbase\.h>' # This has to be before initguid.h.
Priority: 1
- Regex: '^<(atlbase|initguid|mmdeviceapi|ocidl|ole2|shobjidl|tchar|unknwn|windows|winsock2|winternl|ws2tcpip)\.h>'
Priority: 2
# LINT.ThenChange(/tools/add_header.py:winheader)
# UIAutomation*.h needs to be after base/win/atl.h.
# Note the low priority number.
- Regex: '^<UIAutomation.*\.h>'
Priority: 6
# Other C system headers.
- Regex: '^<.*\.h>'
Priority: 3
# C++ standard library headers.
- Regex: '^<.*>'
Priority: 4
# windows_h_disallowed.h should appear last. Note the low priority number.
- Regex: '"(.*/)?windows_h_disallowed\.h"'
Priority: 7
# Other libraries.
- Regex: '.*'
Priority: 5
# ref: https://clang.llvm.org/docs/ClangFormatStyleOptions.html#includeismainregex
IncludeIsMainRegex: "\
(_(32|64|android|apple|chromeos|freebsd|fuchsia|fuzzer|ios|linux|mac|nacl|openbsd|posix|stubs?|win))?\
(_(unit|browser|perf)?tests?)?$"
# Make sure code like:
# IPC_BEGIN_MESSAGE_MAP()
# IPC_MESSAGE_HANDLER(WidgetHostViewHost_Update, OnUpdate)

1
src/.gitattributes vendored
View file

@ -30,6 +30,7 @@
*.proto text eol=lf
*.rs text eol=lf
*.sh text eol=lf
*.spec text eol=lf
*.sql text eol=lf
*.toml text eol=lf
*.txt text eol=lf

21
src/.gn
View file

@ -55,11 +55,14 @@ default_args = {
crashpad_dependencies = "chromium"
# Override ANGLE's Vulkan dependencies.
angle_vulkan_headers_dir = "//third_party/vulkan-deps/vulkan-headers/src"
angle_vulkan_loader_dir = "//third_party/vulkan-deps/vulkan-loader/src"
angle_vulkan_tools_dir = "//third_party/vulkan-deps/vulkan-tools/src"
angle_vulkan_headers_dir = "//third_party/vulkan-headers/src"
angle_vulkan_loader_dir = "//third_party/vulkan-loader/src"
angle_vulkan_tools_dir = "//third_party/vulkan-tools/src"
angle_vulkan_validation_layers_dir =
"//third_party/vulkan-deps/vulkan-validation-layers/src"
"//third_party/vulkan-validation-layers/src"
# Override VMA's Vulkan dependencies.
vma_vulkan_headers_dir = "//third_party/vulkan-headers/src"
# Overwrite default args declared in the Fuchsia sdk
fuchsia_sdk_readelf_exec =
@ -69,6 +72,8 @@ default_args = {
pdf_partition_alloc_dir = "//base/allocator/partition_allocator"
devtools_visibility = [ "*" ]
clang_unsafe_buffers_paths = "//build/config/unsafe_buffers_paths.txt"
}
# These are the targets to skip header checking by default. The files in targets
@ -85,7 +90,7 @@ no_check_targets = [
"//v8:v8_libplatform", # 2 errors
]
# These are the list of GN files that run exec_script. This whitelist exists
# These are the list of GN files that run exec_script. This allowlist exists
# to force additional review for new uses of exec_script, which is strongly
# discouraged.
#
@ -140,11 +145,11 @@ no_check_targets = [
# this situation much easier to create. if the build always lists the
# files and passes them to a script, it will always be correct.
exec_script_whitelist =
build_dotfile_settings.exec_script_whitelist +
exec_script_allowlist =
build_dotfile_settings.exec_script_allowlist +
angle_dotfile_settings.exec_script_whitelist +
[
# Whitelist entries for //build should go into
# Allowlist entries for //build should go into
# //build/dotfile_settings.gni instead, so that they can be shared
# with other repos. The entries in this list should be only for files
# in the Chromium repo outside of //build.

102
src/AUTHORS
View file

@ -17,6 +17,7 @@ Aaron Jacobs <samusaaron3@gmail.com>
Aaron Leventhal <aaronlevbugs@gmail.com>
Aaron Randolph <aaron.randolph@gmail.com>
Aaryaman Vasishta <jem456.vasishta@gmail.com>
AbdAlRahman Gad <abdobngad@gmail.com>
Abdu Ameen <abdu.ameen000@gmail.com>
Abdullah Abu Tasneem <a.tasneem@samsung.com>
Abhijeet Kandalkar <abhijeet.k@samsung.com>
@ -48,6 +49,7 @@ Ahmed Elwasefi <a.m.elwasefi@gmail.com>
Ahmet Emir Ercin <ahmetemiremir@gmail.com>
Aidarbek Suleimenov <suleimenov.aidarbek@gmail.com>
Aiden Grossman <aidengrossmanpso@gmail.com>
Airing Deng <airingdeng@gmail.com>
Ajay Berwal <a.berwal@samsung.com>
Ajay Berwal <ajay.berwal@samsung.com>
Ajay Sharma <ajay.sh@samsung.com>
@ -61,7 +63,6 @@ Aldo Culquicondor <alculquicondor@gmail.com>
Alec Petridis <alecthechop@gmail.com>
Aleksandar Stojiljkovic <aleksandar.stojiljkovic@intel.com>
Aleksei Gurianov <gurianov@gmail.com>
Aleksey Khoroshilov <akhoroshilov@brave.com>
Alesandro Ortiz <alesandro@alesandroortiz.com>
Alessandro Astone <ales.astone@gmail.com>
Alex Chronopoulos <achronop@gmail.com>
@ -86,6 +87,7 @@ Alexey Kuts <kruntuid@gmail.com>
Alexey Kuzmin <alex.s.kuzmin@gmail.com>
Alexey Kuznetsov <saturas2000@gmail.com>
Alexey Terentiev <alexeyter@gmail.com>
Alexia Bojian <bojianalexia4@gmail.com>
Alexis Brenon <brenon.alexis@gmail.com>
Alexis La Goutte <alexis.lagoutte@gmail.com>
Alexis Menard <alexis.menard@intel.com>
@ -116,6 +118,7 @@ Andreas Papacharalampous <andreas@apap04.com>
Andrei Borza <andrei.borza@gmail.com>
Andrei Parvu <andrei.prv@gmail.com>
Andrei Parvu <parvu@adobe.com>
Andrei Volykhin <andrei.volykhin@gmail.com>
Andres Salomon <dilinger@queued.net>
Andreu Botella <andreu@andreubotella.com>
Andrew Boyarshin <andrew.boyarshin@gmail.com>
@ -191,6 +194,7 @@ Ben Noordhuis <ben@strongloop.com>
Benedek Heilig <benecene@gmail.com>
Benjamin Dupont <bedupont@cisco.com>
Benjamin Jemlich <pcgod99@gmail.com>
Beomsik Min <beomsikm@gmail.com>
Bernard Cafarelli <voyageur@gentoo.org>
Bernhard M. Wiedemann <bwiedemann@suse.de>
Bert Belder <bertbelder@gmail.com>
@ -208,7 +212,6 @@ Brendan Kirby <brendan.kirby@imgtec.com>
Brendan Long <self@brendanlong.com>
Brendon Tiszka <btiszka@gmail.com>
Brett Lewis <brettlewis@brettlewis.us>
Brian Clifton <clifton@brave.com>
Brian Dunn <brian@theophil.us>
Brian G. Merrell <bgmerrell@gmail.com>
Brian Konzman, SJ <b.g.konzman@gmail.com>
@ -237,6 +240,7 @@ Cameron Gutman <aicommander@gmail.com>
Camille Viot <viot.camille@outlook.com>
Can Liu <peter.can.liu@gmail.com>
Carlos Santa <carlos.santa@intel.com>
Casey Primozic <me@ameo.link>
Catalin Badea <badea@adobe.com>
Cathie Chen <cathiechen@tencent.com>
Cem Kocagil <cem.kocagil@gmail.com>
@ -276,6 +280,7 @@ Chris Szurgot <szurgotc@amazon.com>
Chris Tserng <tserng@amazon.com>
Chris Vasselli <clindsay@gmail.com>
Chris Ye <hawkoyates@gmail.com>
Christian Liebel <christianliebel@gmail.com>
Christoph Staengle <christoph142@gmx.com>
Christophe Dumez <ch.dumez@samsung.com>
Christopher Dale <chrelad@gmail.com>
@ -296,6 +301,7 @@ Daiwei Li <daiweili@suitabletech.com>
Damien Marié <damien@dam.io>
Dan McCombs <overridex@gmail.com>
Daniel Adams <msub2official@gmail.com>
Daniel Bertalan <dani@danielbertalan.dev>
Daniel Bevenius <daniel.bevenius@gmail.com>
Daniel Bomar <dbdaniel42@gmail.com>
Daniel Carvalho Liedke <dliedke@gmail.com>
@ -307,9 +313,11 @@ Daniel Lockyer <thisisdaniellockyer@gmail.com>
Daniel Nishi <dhnishi@gmail.com>
Daniel Platz <daplatz@googlemail.com>
Daniel Playfair Cal <daniel.playfair.cal@gmail.com>
Daniel Richard G. <iskunk@gmail.com>
Daniel Shaulov <dshaulov@ptc.com>
Daniel Trebbien <dtrebbien@gmail.com>
Daniel Waxweiler <daniel.waxweiler@gmail.com>
Daniel Zhao <zhaodani@amazon.com>
Dániel Bátyai <dbatyai@inf.u-szeged.hu>
Dániel Vince <vinced@inf.u-szeged.hu>
Daniil Suvorov <severecloud@gmail.com>
@ -317,13 +325,16 @@ Danny Weiss <danny.weiss.fr@gmail.com>
Danylo Boiko <danielboyko02@gmail.com>
Daoming Qiu <daoming.qiu@intel.com>
Darik Harter <darik.harter@gmail.com>
Darryl Pogue <darryl@dpogue.ca>
Darshan Sen <raisinten@gmail.com>
Darshini KN <kn.darshini@samsung.com>
Dave Vandyke <kzar@kzar.co.uk>
David Benjamin <davidben@mit.edu>
David Brown <develop.david.brown@gmail.com>
David Cernoch <dcernoch@uplandsoftware.com>
David Davidovic <david@davidovic.io>
David Erceg <erceg.david@gmail.com>
David Faden <dfaden@gmail.com>
David Fox <david@davidjfox.com>
David Futcher <david.mike.futcher@gmail.com>
David Jin <davidjin@amazon.com>
@ -332,6 +343,7 @@ David Leen <davileen@amazon.com>
David Manouchehri <david@davidmanouchehri.com>
David McAllister <mcdavid@amazon.com>
David Michael Barr <david.barr@samsung.com>
David Redondo <kde@david-redondo.de>
David Sanders <dsanders11@ucsbalum.com>
David Spellman <dspell@amazon.com>
David Valachovic <adenflorian@gmail.com>
@ -339,6 +351,7 @@ Dax Kelson <dkelson@gurulabs.com>
Dean Leitersdorf <dean.leitersdorf@gmail.com>
Debadree Chatterjee <debadree333@gmail.com>
Debashish Samantaray <d.samantaray@samsung.com>
Debin Zhang <debinzhang3@gmail.com>
Debug Wang <debugwang@tencent.com>
Deep Shah <deep.shah@samsung.com>
Deepak Dilip Borade <deepak.db@samsung.com>
@ -358,9 +371,11 @@ Diana Suvorova <diana.suvorova@gmail.com>
Diego Fernández Santos <agujaydedal@gmail.com>
Diego Ferreiro Val <elfogris@gmail.com>
Dillon Sellars <dill.sellars@gmail.com>
Dingming Liu <liudingming@bytedance.com>
Divya Bansal <divya.bansal@samsung.com>
Dmitry Shachnev <mitya57@gmail.com>
Dmitry Sokolov <dimanne@gmail.com>
Dominic Elm <elmdominic@gmx.net>
Dominic Farolino <domfarolino@gmail.com>
Dominic Jodoin <dominic.jodoin@gmail.com>
Dominik Röttsches <dominik.rottsches@intel.com>
@ -375,6 +390,7 @@ Dongseong Hwang <dongseong.hwang@intel.com>
Dongwoo Joshua Im <dw.im@samsung.com>
Dongyu Lin <l2d4y3@gmail.com>
Donna Wu <donna.wu@intel.com>
Douglas Browne <douglas.browne123@gmail.com>
Douglas F. Turner <doug.turner@gmail.com>
Drew Blaisdell <drew.blaisdell@gmail.com>
Dushyant Kant Sharma <dush.sharma@samsung.com>
@ -399,12 +415,14 @@ Emil Suleymanov <emil@esnx.xyz>
Ergun Erdogmus <erdogmusergun@gmail.com>
Eric Ahn <byungwook.ahn@gmail.com>
Eric Huang <ele828@gmail.com>
Eric Long <i@hack3r.moe>
Eric Rescorla <ekr@rtfm.com>
Erik Hill <erikghill@gmail.com>
Erik Kurzinger <ekurzinger@gmail.com>
Erik Sjölund <erik.sjolund@gmail.com>
Eriq Augustine <eriq.augustine@gmail.com>
Ernesto Mudu <ernesto.mudu@gmail.com>
Ethan Chen <randomgamingdev@gmail.com>
Ethan Wong <bunnnywong@gmail.com>
Etienne Laurin <etienne@atnnn.com>
Eugene Kim <eugene70kim@gmail.com>
@ -431,7 +449,6 @@ Finbar Crago <finbar.crago@gmail.com>
François Beaufort <beaufort.francois@gmail.com>
François Devatine <devatine@verizonmedia.com>
Francois Kritzinger <francoisk777@gmail.com>
Francois Marier <francois@brave.com>
Francois Rauch <leopardb@gmail.com>
Frankie Dintino <fdintino@theatlantic.com>
Franklin Ta <fta2012@gmail.com>
@ -474,6 +491,7 @@ Greg Visser <gregvis@gmail.com>
Gregory Davis <gpdavis.chromium@gmail.com>
Grzegorz Czajkowski <g.czajkowski@samsung.com>
Guangzhen Li <guangzhen.li@intel.com>
Guobin Wu <wuguobin.1229@bytedance.com>
Gurpreet Kaur <k.gurpreet@samsung.com>
Gustav Tiger <gustav.tiger@sonymobile.com>
Gyuyoung Kim <gyuyoung.kim@navercorp.com>
@ -490,9 +508,11 @@ Hansel Lee <mr.hansel.lee@gmail.com>
Hanwen Zheng <eserinc.z@gmail.com>
Hao Li <hao.x.li@intel.com>
Haojian Wu <hokein.wu@gmail.com>
Haoran Tang <haoran.tang.personal@gmail.com>
Haoxuan Zhang <zhanghaoxuan.59@bytedance.com>
Hari Singh <hari.singh1@samsung.com>
Harpreet Singh Khurana <harpreet.sk@samsung.com>
Harshal Gupta <gupta.h@samsung.com>
Harshikesh Kumar <harshikeshnobug@gmail.com>
Harshit Pal <harshitp12345@gmail.com>
Hassan Salehe Matar <hassansalehe@gmail.com>
@ -510,7 +530,6 @@ Himanshu Joshi <h.joshi@samsung.com>
Himanshu Nayak <himanshu.nayak@amd.corp-partner.google.com>
Hiroki Oshima <hiroki.oshima@gmail.com>
Hiroyuki Matsuda <gsittyz@gmail.com>
Ho Cheung <uioptt24@gmail.com>
Hodol Han <bab6ting@gmail.com>
Holger Kraus <kraush@amazon.com>
Hong Zheng <hong.zheng@intel.com>
@ -563,23 +582,28 @@ Ivan Naydonov <samogot@gmail.com>
Ivan Pavlotskiy <ivan.pavlotskiy@lgepartner.com>
Ivan Sham <ivansham@amazon.com>
Ivan Sidorov <ivansid@gmail.com>
Jacek Fedoryński <jfedor@gmail.com>
Jack Bates <jack@nottheoilrig.com>
Jack Shi <flystone2020@gmail.com>
Jackson Loeffler <j@jloeffler.com>
Jacky Hu <flameddd@gmail.com>
Jacob Clark <jacob.jh.clark@googlemail.com>
Jacob Mandelson <jacob@mandelson.org>
Jaehun Lim <ljaehun.lim@samsung.com>
Jaehyun Chung <jaehyun.chung@amd.com>
Jaehyun Ko <jaehyun.dev@gmail.com>
Jaehyun Lee <j-hyun.lee@samsung.com>
Jaekyeom Kim <btapiz@gmail.com>
Jaemin Seo <jaemin86.seo@samsung.com>
Jaemo Koo <jaemok@amazon.com>
Jaemo Koo <koo2434@gmail.com>
Jaeseok Yoon <yjaeseok@gmail.com>
Jaewon Choi <jaewon.james.choi@gmail.com>
Jaewon Jung <jw.jung@navercorp.com>
Jaeyong Bae <jdragon.bae@gmail.com>
Jagadesh P <jagadeshjai1999@gmail.com>
Jagdish Chourasia <jagdish.c@samsung.com>
Jagdish Chourasia <jagdish.jnu08@gmail.com>
Jaime Soriano Pastor <jsorianopastor@gmail.com>
Jake Helfert <jake@helfert.us>
Jake Hendy <me@jakehendy.com>
@ -587,6 +611,7 @@ Jakob Weigert <jakob.j.w@googlemail.com>
Jakub Machacek <xtreit@gmail.com>
James Burton <jb@0.me.uk>
James Choi <jchoi42@pha.jhu.edu>
James Crosby <crosby.james@gmail.com>
James Raphael Tiovalen <jamestiotio@gmail.com>
James Stanley <james@apphaus.co.uk>
James Vega <vega.james@gmail.com>
@ -605,8 +630,10 @@ Jared Wein <weinjared@gmail.com>
Jari Karppanen <jkarp@amazon.com>
Jason Gronn <jasontopia03@gmail.com>
Javayhu <javayhu@gmail.com>
Jay Kapadia <jaykapadia389@gmail.com>
Jay Oster <jay@kodewerx.org>
Jay Soffian <jaysoffian@gmail.com>
Jay Yang <sjyang1126@gmail.com>
Jeado Ko <haibane84@gmail.com>
Jeffrey C <jeffreyca16@gmail.com>
Jeffrey Yeung <jeffrey.yeung@poly.com>
@ -625,6 +652,7 @@ Jesper Storm Bache <jsbache@gmail.com>
Jesper van den Ende <jespertheend@gmail.com>
Jesse Miller <jesse@jmiller.biz>
Jesus Sanchez-Palencia <jesus.sanchez-palencia.fernandez.fil@intel.com>
Jia Yu <yujia.1019@bytedance.com>
Jiadong Chen <chenjiadong@huawei.com>
Jiadong Zhu <jiadong.zhu@linaro.org>
Jiahao Lu <lujjjh@gmail.com>
@ -653,6 +681,8 @@ Jincheol Jo <jincheol.jo@navercorp.com>
Jinfeng Ma <majinfeng1@xiaomi.com>
Jing Zhao <zhaojing7@xiaomi.com>
Jinglong Zuo <zuojinglong@xiaomi.com>
Jingqi Sun <jingqi.sun@hotmail.com>
Jingqi Sun <sunjingqi47@gmail.com>
Jingwei Liu <kingweiliu@gmail.com>
Jingyi Wei <wjywbs@gmail.com>
Jinho Bang <jinho.bang@samsung.com>
@ -678,6 +708,7 @@ John Kleinschmidt <kleinschmidtorama@gmail.com>
John Yani <vanuan@gmail.com>
John Yoo <nearbyh13@gmail.com>
Johnson Lin <johnson.lin@intel.com>
Jojo R <rjiejie@gmail.com>
Jon Jensen <jonj@netflix.com>
Jonathan Frazer <listedegarde@gmail.com>
Jonathan Garbee <jonathan@garbee.me>
@ -691,6 +722,7 @@ JongKwon Lee <jongkwon.lee@navercorp.com>
Jongmok Kim <jongmok.kim@navercorp.com>
Jongmok Kim <johny.kimc@gmail.com>
Jongsoo Lee <leejongsoo@gmail.com>
Joonas Halinen <joonashalinen@outlook.com>
Joone Hur <joone.hur@intel.com>
Joonghun Park <pjh0718@gmail.com>
Jorge Villatoro <jorge@tomatocannon.com>
@ -700,9 +732,11 @@ Joseph Lolak <joseph.lolak@samsung.com>
Josh Triplett <josh.triplett@intel.com>
Josh Triplett <josh@joshtriplett.org>
Joshua Lock <joshua.lock@intel.com>
Joshua Olaoye <joshuaolaoye46@gmail.com>
Joshua Roesslein <jroesslein@gmail.com>
Josué Ratelle <jorat1346@gmail.com>
Josyula Venkat Narasimham <venkat.nj@samsung.com>
Joy Roy <joy.roy.nil76@gmail.com>
Joyer Huang <collger@gmail.com>
Juan Cruz Viotti <jv@jviotti.com>
Juan Jose Lopez Jaimez <jj.lopezjaimez@gmail.com>
@ -725,6 +759,7 @@ Junmin Zhu <junmin.zhu@intel.com>
Junsang Mo <mojunsang26@gmail.com>
Junsong Li <ljs.darkfish@gmail.com>
Jun Wang <wangjuna@uniontech.com>
Jun Xu <jun1.xu@intel.com>
Jun Zeng <hjunzeng6@gmail.com>
Justin Okamoto <justmoto@amazon.com>
Justin Ribeiro <justin@justinribeiro.com>
@ -732,7 +767,7 @@ Jüri Valdmann <juri.valdmann@qt.io>
Juyoung Kim <chattank05@gmail.com>
Jingge Yu <jinggeyu423@gmail.com>
Jing Peiyang <jingpeiyang@eswincomputing.com>
Jinli Wu <wujinli.cn@gmail.com>
Jinli Wu <wujinli@bytedance.com>
K. M. Merajul Arefin <m.arefin@samsung.com>
Kai Jiang <jiangkai@gmail.com>
Kai Köhne <kai.koehne@qt.io>
@ -747,6 +782,7 @@ Kangyuan Shu <kangyuan.shu@intel.com>
Karan Thakkar <karanjthakkar@gmail.com>
Karel Král <kralkareliv@gmail.com>
Karl <karlpolicechromium@gmail.com>
Karl Piper <karl4piper@gmail.com>
Kartikey Bhatt <kartikey@amazon.com>
Kaspar Brand <googlecontrib@velox.ch>
Kaushalendra Mishra <k.mishra@samsung.com>
@ -762,6 +798,7 @@ Keita Suzuki <keitasuzuki.park@gmail.com>
Keita Yoshimoto <y073k3@gmail.com>
Keith Chen <keitchen@amazon.com>
Keith Cirkel <chromium@keithcirkel.co.uk>
Kelsen Liu <kelsenliu21@gmail.com>
Kenneth Rohde Christiansen <kenneth.r.christiansen@intel.com>
Kenneth Strickland <ken.strickland@gmail.com>
Kenneth Zhou <knthzh@gmail.com>
@ -772,6 +809,8 @@ Ketan Goyal <ketan.goyal@samsung.com>
Kevin Gibbons <bakkot@gmail.com>
Kevin Lee Helpingstine <sig11@reprehensible.net>
Kevin M. McCormick <mckev@amazon.com>
Kexy Biscuit <kexybiscuit@aosc.io>
Kexy Biscuit <kexybiscuit@gmail.com>
Keyou <qqkillyou@gmail.com>
Khasim Syed Mohammed <khasim.mohammed@linaro.org>
Khem Raj <raj.khem@gmail.com>
@ -786,6 +825,7 @@ Kirill Ovchinnikov <kirill.ovchinn@gmail.com>
Klemen Forstnerič <klemen.forstneric@gmail.com>
Kodam Nagaraju <k2.nagaraju@samsung.com>
Konrad Dzwinel <kdzwinel@gmail.com>
Kousuke Takaki <yoseio@brainoid.dev>
Kovacs Zeteny <brightbulbapp@gmail.com>
Krishna Chaitanya <krish.botta@samsung.com>
Kristof Kosztyo <kkosztyo.u-szeged@partner.samsung.com>
@ -806,9 +846,11 @@ Kyungtae Kim <ktf.kim@samsung.com>
Kyungyoung Heo <bbvch13531@gmail.com>
Kyutae Lee <gorisanson@gmail.com>
Lalit Chandivade <lalit.chandivade@einfochips.com>
Lalit Rana <lalitrn44@gmail.com>
Lam Lu <lamlu@amazon.com>
Laszlo Gombos <l.gombos@samsung.com>
Laszlo Radanyi <bekkra@gmail.com>
lauren n. liberda <lauren@selfisekai.rocks>
Lauren Yeun Kim <lauren.yeun.kim@gmail.com>
Lauri Oherd <lauri.oherd@gmail.com>
Lavar Askew <open.hyperion@gmail.com>
@ -834,6 +876,7 @@ Lin Peng <penglin220@gmail.com>
Lin Peng <penglin22@huawei.com>
Lingqi Chi <someway.bit@gmail.com>
Lingyun Cai <lingyun.cai@intel.com>
Linnan Li <lilinnan0903@gmail.com>
Lionel Landwerlin <lionel.g.landwerlin@intel.com>
Lisha Guo <lisha.guo@intel.com>
Lizhi Fan <lizhi.fan@samsung.com>
@ -869,6 +912,7 @@ Malcolm Wang <malcolm.2.wang@gmail.com>
Mallikarjuna Rao V <vm.arjun@samsung.com>
Manish Chhajer <chhajer.m@samsung.com>
Manish Jethani <m.jethani@eyeo.com>
Manjunath Babu <10manju@gmail.com>
Manojkumar Bhosale <manojkumar.bhosale@imgtec.com>
Manuel Braun <thembrown@gmail.com>
Manuel Lagana <manuel.lagana.dev@gmail.com>
@ -898,6 +942,7 @@ Martin Persson <mnpn03@gmail.com>
Martin Rogalla <martin@martinrogalla.com>
Martina Kollarova <martina.kollarova@intel.com>
Martino Fontana <tinozzo123@gmail.com>
Marvin Giessing <marvin.giessing@gmail.com>
Masahiro Yado <yado.masa@gmail.com>
Masaru Nishida <msr.i386@gmail.com>
Masayuki Wakizaka <mwakizaka0108@gmail.com>
@ -907,6 +952,8 @@ Mathias Bynens <mathias@qiwi.be>
Mathieu Meisser <mmeisser@logitech.com>
Matt Arpidone <mma.public@gmail.com>
Matt Fysh <mattfysh@gmail.com>
Matt Harding <majaharding@gmail.com>
Matt Jolly <kangie@gentoo.org>
Matt Strum <mstrum@amazon.com>
Matt Zeunert <matt@mostlystatic.com>
Matthew "strager" Glazar <strager.nds@gmail.com>
@ -921,7 +968,6 @@ Matthieu Rigolot <matthieu.rigolot@gmail.com>
Matthieu Vlad Hauglustaine <matt.hauglustaine@gmail.com>
Mattias Buelens <mattias.buelens@gmail.com>
Max Coplan <mchcopl@gmail.com>
Max Karolinskiy <max@brave.com>
Max Perepelitsyn <pph34r@gmail.com>
Max Schmitt <max@schmitt.mx>
Max Vujovic <mvujovic@adobe.com>
@ -930,16 +976,20 @@ Mayur Kankanwadi <mayurk.vk@samsung.com>
Mc Zeng <zengmcong@gmail.com>
Md Abdullah Al Alamin <a.alamin.cse@gmail.com>
Md. Hasanur Rashid <hasanur.r@samsung.com>
Md Hasibul Hasan <hasibulhasan873@gmail.com>
Md Hasibul Hasan <hasibul.h@samsung.com>
Md Jobed Hossain <jobed.h@samsung.com>
Md Raiyan bin Sayeed <mrbsayee@uwaterloo.ca>
Md. Sadiqul Amin <sadiqul.amin@samsung.com>
Md Sami Uddin <md.sami@samsung.com>
Mego Tan <tannal2409@gmail.com>
Merajul Arefin <merajularefin@gmail.com>
Micha Hanselmann <micha.hanselmann@gmail.com>
Michael Cirone <mikecirone@gmail.com>
Michael Constant <mconst@gmail.com>
Michael Forney <mforney@mforney.org>
Michael Gilbert <floppymaster@gmail.com>
Michael Herrmann <michael@herrmann.io>
Michael Kolomeytsev <michael.kolomeytsev@gmail.com>
Michael Lopez <lopes92290@gmail.com>
Michael Morrison <codebythepound@gmail.com>
@ -960,6 +1010,7 @@ Milko Leporis <milko.leporis@imgtec.com>
Milton Chiang <milton.chiang@mediatek.com>
Milutin Smiljanic <msmiljanic.gm@gmail.com>
Minchul Kang <tegongkang@gmail.com>
Ming Lei <minggeorgelei@gmail.com>
Mingeun Park <mindal99546@gmail.com>
Minggang Wang <minggang.wang@intel.com>
Mingmin Xie <melvinxie@gmail.com>
@ -976,15 +1027,20 @@ Mitchell Cohen <mitchell@agilebits.com>
Miyoung Shin <myid.shin@navercorp.com>
Mohamed I. Hammad <ibraaaa@gmail.com>
Mohamed Mansour <m0.interactive@gmail.com>
Mohamed Hany Youns <mohamedhyouns@gmail.com>
Mohammad Azam <m.azam@samsung.com>
MohammadSabri <mohammad.kh.sabri@exalt.ps>
Mohammed Ashraf <mohammedashraf4599@gmail.com>
Mohammed Wajahat Ali Siddiqui <wajahat.s@samsung.com>
Mohan Reddy <mohan.reddy@samsung.com>
Mohit Bhalla <bhallam@amazon.com>
Mohraiel Matta <mohraielmatta@gmail.com>
Moiseanu Rares-Marian <moiseanurares@gmail.com>
Momoka Yamamoto <momoka.my6@gmail.com>
Momoko Hattori <momohatt10@gmail.com>
Mostafa Sedaghat joo <mostafa.sedaghat@gmail.com>
Mrunal Kapade <mrunal.kapade@intel.com>
Muhammad Mahad <mahadtxt@gmail.com>
Munira Tursunova <moonira@google.com>
Myeongjin Cho <myeongjin.cho@navercorp.com>
Myles C. Maxfield <mymax@amazon.com>
@ -993,6 +1049,7 @@ Myunghoon Kim <asdvfrqwe@gmail.com>
Nagarajan Narayanan <nagarajan.n@samsung.com>
Nagarjuna Atluri <nagarjuna.a@samsung.com>
Naiem Shaik <naiem.shaik@gmail.com>
Nakuru Wubni <nakuru.wubni@gitstart.dev>
Naman Kumar Narula <namankumarnarula@gmail.com>
Naman Yadav <naman.yadav@samsung.com>
Nancy Tillery <hedonistsmith@gmail.com>
@ -1013,7 +1070,9 @@ Nedeljko Babic <nedeljko.babic@imgtec.com>
Neehit Goyal <neehit.goyal@samsung.com>
Nidhi Jaju <nidhijaju127@gmail.com>
Niek van der Maas <mail@niekvandermaas.nl>
Nik Pavlov <nikita.pavlov.dev@gmail.com>
Nikhil Bansal <n.bansal@samsung.com>
Nikhil Meena <iakhilmeena@gmail.com>
Nikhil Sahni <nikhil.sahni@samsung.com>
Nikita Ofitserov <himikof@gmail.com>
Niklas Hambüchen <mail@nh2.me>
@ -1027,17 +1086,20 @@ Nivedan Sharma <ni.sharma@samsung.com>
Noam Rosenthal <noam.j.rosenthal@gmail.com>
Noj Vek <nojvek@gmail.com>
Nolan Cao <nolan.robin.cao@gmail.com>
Nourhan Hasan <nourhan.m.hasan@gmail.com>
Oleksii Kadurin <ovkadurin@gmail.com>
Oliver Dunk <oliver@oliverdunk.com>
Olivier Tilloy <olivier+chromium@tilloy.net>
Olli Raula (Old name Olli Syrjälä) <olli.raula@intel.com>
Omar Sandoval <osandov@osandov.com>
Omar Shawky <omarmshawky11@gmail.com>
Orko Garai <orko.garai@gmail.com>
Owen Shaw <owenpshaw@gmail.com>
Owen Yuwono <owenyuwono@gmail.com>
Palash Verma <palashverma47@gmail.com>
Pan Deng <pan.deng@intel.com>
Parag Radke <nrqv63@motorola.com>
Paras Awasthi <awasthiparas6@gmail.com>
Paritosh Kumar <paritosh.in@samsung.com>
Pasquale Riello <pas.riello@gmail.com>
Patrasciuc Sorin Cristian <cristian.patrasciuc@gmail.com>
@ -1058,6 +1120,7 @@ Paul Wicks <pwicks86@gmail.com>
Pavan Kumar Emani <pavan.e@samsung.com>
Pavel Golikov <paullo612@ya.ru>
Pavel Ivanov <paivanof@gmail.com>
Pawan Udassi <pawanudassi@hotmail.com>
Pawel Forysiuk <p.forysiuk@samsung.com>
Paweł Hajdan jr <phajdan.jr@gmail.com>
Paweł Stanek <pawel@gener8ads.com>
@ -1092,7 +1155,6 @@ Po-Chun Chang <pochang0403@gmail.com>
Prakhar Shrivastav <p.shri@samsung.com>
Pramod Begur Srinath <pramod.bs@samsung.com>
Pranay Kumar <pranay.kumar@samsung.com>
Pranjal Jumde <pranjal@brave.com>
Prashant Hiremath <prashhir@cisco.com>
Prashant Nevase <prashant.n@samsung.com>
Prashant Patil <prashant.patil@imgtec.com>
@ -1119,7 +1181,6 @@ Rahul Gupta <rahul.g@samsung.com>
Rahul Yadav <rahul.yadav@samsung.com>
Rajesh Mahindra <rmahindra@uber.com>
Rajneesh Rana <rajneesh.r@samsung.com>
Ralph Giles <rgiles@brave.com>
Raman Tenneti <raman.tenneti@gmail.com>
Ramkumar Gokarnesan <ramkumar.gokarnesan@gmail.com>
Ramkumar Ramachandra <artagnon@gmail.com>
@ -1185,6 +1246,7 @@ Ryan Manuel <rfmanuel@gmail.com>
Ryan Norton <rnorton10@gmail.com>
Ryan Sleevi <ryan-chromium-dev@sleevi.com>
Ryan Yoakum <ryoakum@skobalt.com>
Ryan Huen <ryanhuenprivate@gmail.com>
Rye Zhang <ryezhang@tencent.com>
Ryo Ogawa <negibokken@gmail.com>
Ryuan Choi <ryuan.choi@samsung.com>
@ -1198,6 +1260,7 @@ Sam James <sam@gentoo.org>
Sam Larison <qufighter@gmail.com>
Sam McDonald <sam@sammcd.com>
Samuel Attard <samuel.r.attard@gmail.com>
Samuel Maddock <samuelmaddock@electronjs.org>
Sanfeng Liao <sanfengliao@gmail.com>
Sanggi Hong <sanggi.hong11@gmail.com>
Sanghee Lee <sanghee.lee1992@gmail.com>
@ -1228,6 +1291,7 @@ Sean Bryant <sean@cyberwang.net>
Sean DuBois <seaduboi@amazon.com>
Sebastian Amend <sebastian.amend@googlemail.com>
Sebastian Krzyszkowiak <dos@dosowisko.net>
Sebastian Markbåge <sebastian@calyptus.eu>
Sebastjan Raspor <sebastjan.raspor1@gmail.com>
Seo Sanghyeon <sanxiyn@gmail.com>
Seokju Kwon <seokju.kwon@gmail.com>
@ -1237,6 +1301,7 @@ Sergei Poletaev <spylogsster@gmail.com>
Sergei Romanov <rsv.981@gmail.com>
Sergey Romanov <svromanov@sberdevices.ru>
Sergey Kipet <sergey.kipet@gmail.com>
Sergey Markelov <sergionso@gmail.com>
Sergey Putilin <p.sergey@samsung.com>
Sergey Shekyan <shekyan@gmail.com>
Sergey Talantov <sergey.talantov@gmail.com>
@ -1247,11 +1312,13 @@ Serhii Matrunchyk <sergiy.matrunchyk@gmail.com>
Seshadri Mahalingam <seshadri.mahalingam@gmail.com>
Seungkyu Lee <zx6658@gmail.com>
Sevan Janiyan <venture37@geeklan.co.uk>
Shaheen Fazim <fazim.pentester@gmail.com>
Shahriar Rostami <shahriar.rostami@gmail.com>
Shail Singhal <shail.s@samsung.com>
Shane Hansen <shanemhansen@gmail.com>
ShankarGanesh K <blr.bmlab@gmail.com>
Shanmuga Pandi M <shanmuga.m@samsung.com>
Shanxing Mei <shanxing.mei@intel.com>
Shaobo Yan <shaobo.yan@intel.com>
Shaotang Zhu <zhushaotang@uniontech.com>
Shashi Kumar <sk.kumar@samsung.com>
@ -1303,6 +1370,7 @@ Sooho Park <sooho1000@gmail.com>
Soojung Choi <crystal2840@gmail.com>
Soorya R <soorya.r@samsung.com>
Soren Dreijer <dreijerbit@gmail.com>
Spencer Wilson <spencer@spencerwilson.org>
Sreerenj Balachandran <sreerenj.balachandran@intel.com>
Srirama Chandra Sekhar Mogali <srirama.m@samsung.com>
Stacy Kim <stacy.kim@ucla.edu>
@ -1326,6 +1394,7 @@ Sunchang Li <johnstonli@tencent.com>
Sundoo Kim <nerdooit@gmail.com>
Sundoo Kim <0xd00d00b@gmail.com>
Suneel Kota <suneel.kota@samsung.com>
Sung Lee <sung.lee@amd.com>
Sungguk Lim <limasdf@gmail.com>
Sunghyeok Kang <sh0528.kang@samsung.com>
Sungmann Cho <sungmann.cho@gmail.com>
@ -1365,6 +1434,7 @@ Takuya Kurimoto <takuya004869@gmail.com>
Tanay Chowdhury <tanay.c@samsung.com>
Tanvir Rizvi <tanvir.rizvi@samsung.com>
Tao Wang <tao.wang.2261@gmail.com>
Tao Xiong <taox4@illinois.edu>
Tapu Kumar Ghose <ghose.tapu@gmail.com>
Taylor Price <trprice@gmail.com>
Ted Kim <neot0000@gmail.com>
@ -1379,10 +1449,12 @@ Thomas Nguyen <haitung.nguyen@avast.com>
Thomas Phillips <tphillips@snapchat.com>
Thomas White <im.toms.inbox@gmail.com>
Tiago Vignatti <tiago.vignatti@intel.com>
Tianyi Zhang <me@1stprinciple.org>
Tibor Dusnoki <tibor.dusnoki.91@gmail.com>
Tibor Dusnoki <tdusnoki@inf.u-szeged.hu>
Tien Hock Loh <tienhock.loh@starfivetech.com>
Tim Ansell <mithro@mithis.com>
Tim Barry <oregongraperoot@gmail.com>
Tim Niederhausen <tim@rnc-ag.de>
Tim Steiner <twsteiner@gmail.com>
Timo Gurr <timo.gurr@gmail.com>
@ -1398,9 +1470,11 @@ Tom Harwood <tfh@skip.org>
Tomas Popela <tomas.popela@gmail.com>
Tomasz Edward Posłuszny <tom@devpeer.net>
Tony Shen <legendmastertony@gmail.com>
Topi Lassila <tolassila@gmail.com>
Torsten Kurbad <google@tk-webart.de>
Toshihito Kikuchi <leamovret@gmail.com>
Toshiaki Tanaka <zokutyou2@gmail.com>
Travis Leithead <travis.leithead@gmail.com>
Trent Willis <trentmwillis@gmail.com>
Trevor Perrin <unsafe@trevp.net>
Tripta Gupta <triptagupta19@gmail.com>
@ -1440,6 +1514,7 @@ Vishal Bhatnagar <vishal.b@samsung.com>
Vishal Lingam <vishal.reddy@samsung.com>
Vitaliy Kharin <kvserr@gmail.com>
Vivek Galatage <vivek.vg@samsung.com>
Vlad Zahorodnii <vlad.zahorodnii@kde.org>
Volker Sorge <volker.sorge@gmail.com>
Waihung Fu <fufranci@amazon.com>
wafuwafu13 <mariobaske@i.softbank.jp>
@ -1447,9 +1522,11 @@ Wojciech Bielawski <wojciech.bielawski@gmail.com>
Wang Chen <wangchen20@iscas.ac.cn>
Wang Chen <unicornxw@gmail.com>
Wang Weiwei <wangww@dingdao.com>
Wang Zirui <kingzirvi@gmail.com>
Wangyang Dai <jludwy@gmail.com>
Wanming Lin <wanming.lin@intel.com>
Wei Li <wei.c.li@intel.com>
Weicong Yu <yuweicong666@gmail.com>
Wen Fan <fanwen1@huawei.com>
Wenxiang Qian <leonwxqian@gmail.com>
WenSheng He <wensheng.he@samsung.com>
@ -1515,6 +1592,7 @@ Yong Shin <sy3620@gmail.com>
Yong Wang <ccyongwang@tencent.com>
Yonggang Luo <luoyonggang@gmail.com>
Yongha Lee <yongha78.lee@samsung.com>
Yongsang Park <yongsangpark980813@gmail.com>
Yongseok Choi <yongseok.choi@navercorp.com>
Yongsheng Zhu <yongsheng.zhu@intel.com>
Yoonjae Cho <yoonjae.cho92@gmail.com>
@ -1525,6 +1603,7 @@ Youngho Seo <hazivoo@gmail.com>
Youngjin Choi <cyjin9.yc@gmail.com>
YoungKi Hong <simon.hong81@gmail.com>
Youngmin Yoo <youngmin.yoo@samsung.com>
Youngmin Hong <mjdal0523@gmail.com>
Youngsoo Choi <kenshin.choi@samsung.com>
Youngsun Suh <zard17@gmail.com>
Yuan-Pin Yu <yjames@uber.com>
@ -1546,11 +1625,13 @@ Yuta Kasai <kasai.yuta0810@gmail.com>
Yuvanesh Natarajan <yuvanesh.n1@samsung.com>
Zach Bjornson <zbbjornson@gmail.com>
Zachary Capalbo <zach.geek@gmail.com>
Zehan Li <synclzhhans@gmail.com>
Zeno Albisser <zeno.albisser@digia.com>
Zeqin Chen <talonchen@tencent.com>
Zhanbang He <hezhanbang@gmail.com>
Zhang Hao <zhanghao.m@bytedance.com>
Zhang Hao <15686357310a@gmail.com>
Zhao Qin <qzmiss@gmail.com>
Zhaoming Jiang <zhaoming.jiang@intel.com>
Zhaoze Zhou <zhaoze.zhou@partner.samsung.com>
Zheda Chen <zheda.chen@intel.com>
@ -1576,6 +1657,7 @@ Zsolt Borbely <zsborbely.u-szeged@partner.samsung.com>
迷渡 <justjavac@gmail.com>
郑苏波 (Super Zheng) <superzheng@tencent.com>
一丝 (Yisi) <yiorsi@gmail.com>
林训杰 (XunJie Lin) <wick.linxunjie@gmail.com>
# Please DO NOT APPEND here. See comments at the top of the file.
# END individuals section.
@ -1587,6 +1669,7 @@ Akamai Inc. <*@akamai.com>
ARM Holdings <*@arm.com>
BlackBerry Limited <*@blackberry.com>
Bocoup <*@bocoup.com>
Brave Software Inc. <*@brave.com>
Canonical Limited <*@canonical.com>
Cloudflare, Inc. <*@cloudflare.com>
CloudMosa, Inc. <*@cloudmosa.com>
@ -1604,6 +1687,7 @@ EngFlow, Inc. <*@engflow.com>
Estimote, Inc. <*@estimote.com>
Google Inc. <*@google.com>
Grammarly, Inc. <*@grammarly.com>
Here Inc. <*@here.io>
Hewlett-Packard Development Company, L.P. <*@hp.com>
HyperConnect Inc. <*@hpcnt.com>
IBM Inc. <*@*.ibm.com>
@ -1633,12 +1717,14 @@ NVIDIA Corporation <*@nvidia.com>
OpenFin Inc. <*@openfin.co>
Opera Software ASA <*@opera.com>
Optical Tone Ltd <*@opticaltone.com>
Palo Alto Networks, Inc. <*@paloaltonetworks.com>
Pengutronix e.K. <*@pengutronix.de>
Quality First Software GmbH <*@qf-software.com>
Rakuten Kobo Inc. <*@kobo.com>
Rakuten Kobo Inc. <*@rakuten.com>
Red Hat Inc. <*@redhat.com>
Semihalf <*@semihalf.com>
S57 ApS <*@s57.io>
Seznam.cz, a.s. <*@firma.seznam.cz>
Slack Technologies Inc. <*@slack-corp.com>
Spotify AB <*@spotify.com>

3720
src/DEPS
View file

File diff suppressed because it is too large Load diff

451
src/base/BUILD.gn
View file

File diff suppressed because it is too large Load diff

12
src/base/DEPS
View file

@ -1,17 +1,12 @@
include_rules = [
# `#include "partition_alloc/..."` is prefered to
# `#include "base/allocator/partition_allocator/src/partition_alloc/..."`.
"+partition_alloc",
"-base/allocator/partition_allocator",
"+third_party/ashmem",
"+third_party/apple_apsl",
"+third_party/boringssl/src/include",
"+third_party/ced",
"+third_party/fuzztest",
# We are moving the old jni_generator to jni_zero, some references will remain
# in //base.
"+third_party/jni_zero",
"+third_party/libevent",
"+third_party/libunwindstack/src/libunwindstack/include",
"+third_party/lss",
"+third_party/modp_b64",
@ -24,7 +19,8 @@ include_rules = [
"+third_party/rust/cxx",
"+third_party/test_fonts",
# JSON Deserialization.
"+third_party/rust/serde_json_lenient/v0_1/wrapper",
"+third_party/rust/serde_json_lenient/v0_2/wrapper",
"+third_party/zlib",
# These are implicitly brought in from the root, and we don't want them.
"-ipc",
@ -43,7 +39,7 @@ specific_include_rules = {
"+third_party/perfetto/protos/perfetto/trace/track_event/chrome_process_descriptor.pbzero.h",
],
# To evaluate the performance effects of using absl's flat_hash_map.
"supports_user_data\.h": [
"supports_user_data\.cc": [
"+third_party/abseil-cpp/absl/container/flat_hash_map.h",
]
}

1
src/base/OWNERS
View file

@ -4,7 +4,6 @@ set noparent
# NOTE: keep this in sync with global-owners-override@chromium.org owners
# by emailing lsc-policy@chromium.org when this list changes.
altimin@chromium.org
danakj@chromium.org
dcheng@chromium.org
fdoray@chromium.org
gab@chromium.org

1
src/base/SECURITY_OWNERS
View file

@ -9,5 +9,4 @@
# yourself, don't hesitate to seek help from another security team member!
# Nobody knows everything, and the only way to learn is from experience.
dcheng@chromium.org
rsesek@chromium.org
tsepez@chromium.org

6
src/base/allocator/BUILD.gn
View file

@ -11,8 +11,10 @@ import("//build/config/dcheck_always_on.gni")
buildflag_header("buildflags") {
header = "buildflags.h"
flags =
[ "USE_PARTITION_ALLOC_AS_GWP_ASAN_STORE=$enable_backup_ref_ptr_support" ]
use_partition_alloc_as_gwp_asan_store =
enable_backup_ref_ptr_support && use_raw_ptr_backup_ref_impl
flags = [ "USE_PARTITION_ALLOC_AS_GWP_ASAN_STORE=$use_partition_alloc_as_gwp_asan_store" ]
}
if (is_apple) {

1
src/base/allocator/OWNERS
View file

@ -1,5 +1,4 @@
lizeb@chromium.org
primiano@chromium.org
wfh@chromium.org
per-file allocator.gni=file://base/allocator/partition_allocator/OWNERS

7
src/base/allocator/allocator_check.cc
View file

@ -5,7 +5,7 @@
#include "base/allocator/allocator_check.h"
#include "build/build_config.h"
#include "partition_alloc/partition_alloc_buildflags.h"
#include "partition_alloc/buildflags.h"
#if BUILDFLAG(IS_WIN)
#include "partition_alloc/shim/winheap_stubs_win.h"
@ -22,12 +22,13 @@
namespace base::allocator {
bool IsAllocatorInitialized() {
#if BUILDFLAG(IS_WIN) && BUILDFLAG(USE_ALLOCATOR_SHIM)
#if BUILDFLAG(IS_WIN) && PA_BUILDFLAG(USE_ALLOCATOR_SHIM)
// Set by allocator_shim_override_ucrt_symbols_win.h when the
// shimmed _set_new_mode() is called.
return allocator_shim::g_is_win_shim_layer_initialized;
#elif BUILDFLAG(IS_APPLE) && !defined(MEMORY_TOOL_REPLACES_ALLOCATOR) && \
!BUILDFLAG(USE_PARTITION_ALLOC_AS_MALLOC) && BUILDFLAG(USE_ALLOCATOR_SHIM)
!PA_BUILDFLAG(USE_PARTITION_ALLOC_AS_MALLOC) && \
PA_BUILDFLAG(USE_ALLOCATOR_SHIM)
// From allocator_interception_mac.mm.
return allocator_shim::g_replaced_default_zone;
#else

2
src/base/allocator/dispatcher/configuration.h
View file

@ -21,4 +21,4 @@ constexpr size_t kMaximumNumberOfObservers = 4;
} // namespace base::allocator::dispatcher::configuration
#endif // BASE_ALLOCATOR_DISPATCHER_CONFIGURATION_H_
#endif // BASE_ALLOCATOR_DISPATCHER_CONFIGURATION_H_

16
src/base/allocator/dispatcher/dispatcher.cc
View file

@ -8,15 +8,15 @@
#include "base/check.h"
#include "base/dcheck_is_on.h"
#include "base/no_destructor.h"
#include "partition_alloc/partition_alloc_buildflags.h"
#include "partition_alloc/buildflags.h"
#include "partition_alloc/shim/allocator_shim.h"
#if DCHECK_IS_ON()
#include <atomic>
#endif
#if BUILDFLAG(USE_PARTITION_ALLOC)
#include "partition_alloc/partition_alloc_hooks.h"
#if PA_BUILDFLAG(USE_PARTITION_ALLOC)
#include "partition_alloc/partition_alloc_hooks.h" // nogncheck
#endif
namespace base::allocator::dispatcher {
@ -34,7 +34,7 @@ struct Dispatcher::Impl {
void Reset() {
#if DCHECK_IS_ON()
DCHECK([&]() {
DCHECK([&] {
auto const was_set = is_initialized_check_flag_.test_and_set();
is_initialized_check_flag_.clear();
return was_set;
@ -51,13 +51,13 @@ struct Dispatcher::Impl {
// connected. This way we prevent notifications although no observers are
// present.
static void ConnectToEmitters(const internal::DispatchData& dispatch_data) {
#if BUILDFLAG(USE_ALLOCATOR_SHIM)
#if PA_BUILDFLAG(USE_ALLOCATOR_SHIM)
if (auto* const allocator_dispatch = dispatch_data.GetAllocatorDispatch()) {
allocator_shim::InsertAllocatorDispatch(allocator_dispatch);
}
#endif
#if BUILDFLAG(USE_PARTITION_ALLOC)
#if PA_BUILDFLAG(USE_PARTITION_ALLOC)
{
auto* const allocation_hook = dispatch_data.GetAllocationObserverHook();
auto* const free_hook = dispatch_data.GetFreeObserverHook();
@ -70,14 +70,14 @@ struct Dispatcher::Impl {
}
static void DisconnectFromEmitters(internal::DispatchData& dispatch_data) {
#if BUILDFLAG(USE_ALLOCATOR_SHIM)
#if PA_BUILDFLAG(USE_ALLOCATOR_SHIM)
if (auto* const allocator_dispatch = dispatch_data.GetAllocatorDispatch()) {
allocator_shim::RemoveAllocatorDispatchForTesting(
allocator_dispatch); // IN-TEST
}
#endif
#if BUILDFLAG(USE_PARTITION_ALLOC)
#if PA_BUILDFLAG(USE_PARTITION_ALLOC)
partition_alloc::PartitionAllocHooks::SetObserverHooks(nullptr, nullptr);
#endif
}

4
src/base/allocator/dispatcher/dispatcher.h
View file

@ -5,11 +5,11 @@
#ifndef BASE_ALLOCATOR_DISPATCHER_DISPATCHER_H_
#define BASE_ALLOCATOR_DISPATCHER_DISPATCHER_H_
#include <memory>
#include "base/allocator/dispatcher/internal/dispatcher_internal.h"
#include "base/base_export.h"
#include <memory>
namespace base::allocator::dispatcher {
namespace internal {

6
src/base/allocator/dispatcher/initializer.h
View file

@ -5,13 +5,13 @@
#ifndef BASE_ALLOCATOR_DISPATCHER_INITIALIZER_H_
#define BASE_ALLOCATOR_DISPATCHER_INITIALIZER_H_
#include <tuple>
#include <utility>
#include "base/allocator/dispatcher/configuration.h"
#include "base/allocator/dispatcher/dispatcher.h"
#include "base/allocator/dispatcher/internal/tools.h"
#include <tuple>
#include <utility>
namespace base::allocator::dispatcher {
namespace internal {

7
src/base/allocator/dispatcher/internal/dispatch_data.cc
View file

@ -3,11 +3,12 @@
// found in the LICENSE file.
#include "base/allocator/dispatcher/internal/dispatch_data.h"
#include "partition_alloc/partition_alloc_buildflags.h"
#include "partition_alloc/buildflags.h"
namespace base::allocator::dispatcher::internal {
#if BUILDFLAG(USE_PARTITION_ALLOC)
#if PA_BUILDFLAG(USE_PARTITION_ALLOC)
DispatchData& DispatchData::SetAllocationObserverHooks(
AllocationObserverHook* allocation_observer_hook,
@ -28,7 +29,7 @@ DispatchData::FreeObserverHook* DispatchData::GetFreeObserverHook() const {
}
#endif
#if BUILDFLAG(USE_ALLOCATOR_SHIM)
#if PA_BUILDFLAG(USE_ALLOCATOR_SHIM)
DispatchData& DispatchData::SetAllocatorDispatch(
AllocatorDispatch* allocator_dispatch) {
allocator_dispatch_ = allocator_dispatch;

16
src/base/allocator/dispatcher/internal/dispatch_data.h
View file

@ -7,26 +7,26 @@
#include "base/base_export.h"
#include "build/build_config.h"
#include "partition_alloc/partition_alloc_buildflags.h"
#include "partition_alloc/buildflags.h"
#if BUILDFLAG(USE_PARTITION_ALLOC)
#include "partition_alloc/partition_alloc_hooks.h"
#if PA_BUILDFLAG(USE_PARTITION_ALLOC)
#include "partition_alloc/partition_alloc_hooks.h" // nogncheck
#endif
#if BUILDFLAG(USE_ALLOCATOR_SHIM)
#include "partition_alloc/shim/allocator_shim.h"
#if PA_BUILDFLAG(USE_ALLOCATOR_SHIM)
#include "partition_alloc/shim/allocator_shim.h" // nogncheck
#endif
namespace base::allocator::dispatcher::internal {
#if BUILDFLAG(USE_ALLOCATOR_SHIM)
#if PA_BUILDFLAG(USE_ALLOCATOR_SHIM)
using allocator_shim::AllocatorDispatch;
#endif
// A simple utility class to pass all the information required to properly hook
// into the memory allocation subsystems from DispatcherImpl to the Dispatcher.
struct BASE_EXPORT DispatchData {
#if BUILDFLAG(USE_PARTITION_ALLOC)
#if PA_BUILDFLAG(USE_PARTITION_ALLOC)
using AllocationObserverHook =
partition_alloc::PartitionAllocHooks::AllocationObserverHook;
using FreeObserverHook =
@ -44,7 +44,7 @@ struct BASE_EXPORT DispatchData {
public:
#endif
#if BUILDFLAG(USE_ALLOCATOR_SHIM)
#if PA_BUILDFLAG(USE_ALLOCATOR_SHIM)
DispatchData& SetAllocatorDispatch(AllocatorDispatch* allocator_dispatch);
AllocatorDispatch* GetAllocatorDispatch() const;

238
src/base/allocator/dispatcher/internal/dispatcher_internal.h
View file

@ -13,13 +13,13 @@
#include "base/allocator/dispatcher/subsystem.h"
#include "base/check.h"
#include "base/compiler_specific.h"
#include "partition_alloc/partition_alloc_buildflags.h"
#include "partition_alloc/buildflags.h"
#if BUILDFLAG(USE_PARTITION_ALLOC)
#include "partition_alloc/partition_alloc_allocation_data.h"
#if PA_BUILDFLAG(USE_PARTITION_ALLOC)
#include "partition_alloc/partition_alloc_allocation_data.h" // nogncheck
#endif
#if BUILDFLAG(USE_ALLOCATOR_SHIM)
#if PA_BUILDFLAG(USE_ALLOCATOR_SHIM)
#include "partition_alloc/shim/allocator_shim.h"
#endif
@ -27,7 +27,7 @@
namespace base::allocator::dispatcher::internal {
#if BUILDFLAG(USE_ALLOCATOR_SHIM)
#if PA_BUILDFLAG(USE_ALLOCATOR_SHIM)
using allocator_shim::AllocatorDispatch;
#endif
@ -83,17 +83,17 @@ struct DispatcherImpl {
private:
static DispatchData CreateDispatchData() {
return DispatchData()
#if BUILDFLAG(USE_PARTITION_ALLOC)
#if PA_BUILDFLAG(USE_PARTITION_ALLOC)
.SetAllocationObserverHooks(&PartitionAllocatorAllocationHook,
&PartitionAllocatorFreeHook)
#endif
#if BUILDFLAG(USE_ALLOCATOR_SHIM)
#if PA_BUILDFLAG(USE_ALLOCATOR_SHIM)
.SetAllocatorDispatch(&allocator_dispatch_)
#endif
;
}
#if BUILDFLAG(USE_PARTITION_ALLOC)
#if PA_BUILDFLAG(USE_PARTITION_ALLOC)
static void PartitionAllocatorAllocationHook(
const partition_alloc::AllocationNotificationData& pa_notification_data) {
AllocationNotificationData dispatcher_notification_data(
@ -101,7 +101,7 @@ struct DispatcherImpl {
pa_notification_data.type_name(),
AllocationSubsystem::kPartitionAllocator);
#if BUILDFLAG(HAS_MEMORY_TAGGING)
#if PA_BUILDFLAG(HAS_MEMORY_TAGGING)
dispatcher_notification_data.SetMteReportingMode(
ConvertToMTEMode(pa_notification_data.mte_reporting_mode()));
#endif
@ -115,177 +115,175 @@ struct DispatcherImpl {
pa_notification_data.address(),
AllocationSubsystem::kPartitionAllocator);
#if BUILDFLAG(HAS_MEMORY_TAGGING)
#if PA_BUILDFLAG(HAS_MEMORY_TAGGING)
dispatcher_notification_data.SetMteReportingMode(
ConvertToMTEMode(pa_notification_data.mte_reporting_mode()));
#endif
DoNotifyFree(dispatcher_notification_data);
}
#endif // BUILDFLAG(USE_PARTITION_ALLOC)
#endif // PA_BUILDFLAG(USE_PARTITION_ALLOC)
#if BUILDFLAG(USE_ALLOCATOR_SHIM)
static void* AllocFn(const AllocatorDispatch* self,
size_t size,
void* context) {
void* const address = self->next->alloc_function(self->next, size, context);
DoNotifyAllocationForShim(address, size);
return address;
}
static void* AllocUncheckedFn(const AllocatorDispatch* self,
size_t size,
void* context) {
#if PA_BUILDFLAG(USE_ALLOCATOR_SHIM)
static void* AllocFn(size_t size, void* context) {
void* const address =
self->next->alloc_unchecked_function(self->next, size, context);
allocator_dispatch_.next->alloc_function(size, context);
DoNotifyAllocationForShim(address, size);
return address;
}
static void* AllocZeroInitializedFn(const AllocatorDispatch* self,
size_t n,
size_t size,
void* context) {
void* const address = self->next->alloc_zero_initialized_function(
self->next, n, size, context);
static void* AllocUncheckedFn(size_t size, void* context) {
void* const address =
allocator_dispatch_.next->alloc_unchecked_function(size, context);
DoNotifyAllocationForShim(address, size);
return address;
}
static void* AllocZeroInitializedFn(size_t n, size_t size, void* context) {
void* const address =
allocator_dispatch_.next->alloc_zero_initialized_function(n, size,
context);
DoNotifyAllocationForShim(address, n * size);
return address;
}
static void* AllocAlignedFn(const AllocatorDispatch* self,
size_t alignment,
size_t size,
void* context) {
void* const address = self->next->alloc_aligned_function(
self->next, alignment, size, context);
static void* AllocAlignedFn(size_t alignment, size_t size, void* context) {
void* const address = allocator_dispatch_.next->alloc_aligned_function(
alignment, size, context);
DoNotifyAllocationForShim(address, size);
return address;
}
static void* ReallocFn(const AllocatorDispatch* self,
void* address,
size_t size,
void* context) {
static void* ReallocFn(void* address, size_t size, void* context) {
// Note: size == 0 actually performs free.
DoNotifyFreeForShim(address);
void* const reallocated_address =
self->next->realloc_function(self->next, address, size, context);
allocator_dispatch_.next->realloc_function(address, size, context);
DoNotifyAllocationForShim(reallocated_address, size);
return reallocated_address;
}
static void FreeFn(const AllocatorDispatch* self,
void* address,
void* context) {
static void* ReallocUncheckedFn(void* address, size_t size, void* context) {
// Note: size == 0 actually performs free.
DoNotifyFreeForShim(address);
void* const reallocated_address =
allocator_dispatch_.next->realloc_unchecked_function(address, size,
context);
DoNotifyAllocationForShim(reallocated_address, size);
return reallocated_address;
}
static void FreeFn(void* address, void* context) {
// Note: DoNotifyFree should be called before free_function (here and in
// other places). That is because observers need to handle the allocation
// being freed before calling free_function, as once the latter is executed
// the address becomes available and can be allocated by another thread.
// That would be racy otherwise.
DoNotifyFreeForShim(address);
self->next->free_function(self->next, address, context);
MUSTTAIL return allocator_dispatch_.next->free_function(address, context);
}
static size_t GetSizeEstimateFn(const AllocatorDispatch* self,
void* address,
void* context) {
return self->next->get_size_estimate_function(self->next, address, context);
}
static size_t GoodSizeFn(const AllocatorDispatch* self,
size_t size,
void* context) {
return self->next->good_size_function(self->next, size, context);
}
static bool ClaimedAddressFn(const AllocatorDispatch* self,
void* address,
void* context) {
return self->next->claimed_address_function(self->next, address, context);
}
static unsigned BatchMallocFn(const AllocatorDispatch* self,
size_t size,
static unsigned BatchMallocFn(size_t size,
void** results,
unsigned num_requested,
void* context) {
unsigned const num_allocated = self->next->batch_malloc_function(
self->next, size, results, num_requested, context);
unsigned const num_allocated =
allocator_dispatch_.next->batch_malloc_function(size, results,
num_requested, context);
for (unsigned i = 0; i < num_allocated; ++i) {
DoNotifyAllocationForShim(results[i], size);
}
return num_allocated;
}
static void BatchFreeFn(const AllocatorDispatch* self,
void** to_be_freed,
static void BatchFreeFn(void** to_be_freed,
unsigned num_to_be_freed,
void* context) {
for (unsigned i = 0; i < num_to_be_freed; ++i) {
DoNotifyFreeForShim(to_be_freed[i]);
}
self->next->batch_free_function(self->next, to_be_freed, num_to_be_freed,
context);
MUSTTAIL return allocator_dispatch_.next->batch_free_function(
to_be_freed, num_to_be_freed, context);
}
static void FreeDefiniteSizeFn(const AllocatorDispatch* self,
void* address,
size_t size,
void* context) {
static void FreeDefiniteSizeFn(void* address, size_t size, void* context) {
DoNotifyFreeForShim(address);
self->next->free_definite_size_function(self->next, address, size, context);
MUSTTAIL return allocator_dispatch_.next->free_definite_size_function(
address, size, context);
}
static void TryFreeDefaultFn(const AllocatorDispatch* self,
void* address,
void* context) {
static void TryFreeDefaultFn(void* address, void* context) {
DoNotifyFreeForShim(address);
self->next->try_free_default_function(self->next, address, context);
MUSTTAIL return allocator_dispatch_.next->try_free_default_function(
address, context);
}
static void* AlignedMallocFn(const AllocatorDispatch* self,
size_t size,
size_t alignment,
void* context) {
void* const address = self->next->aligned_malloc_function(
self->next, size, alignment, context);
static void* AlignedMallocFn(size_t size, size_t alignment, void* context) {
void* const address = allocator_dispatch_.next->aligned_malloc_function(
size, alignment, context);
DoNotifyAllocationForShim(address, size);
return address;
}
static void* AlignedReallocFn(const AllocatorDispatch* self,
void* address,
static void* AlignedMallocUncheckedFn(size_t size,
size_t alignment,
void* context) {
void* const address =
allocator_dispatch_.next->aligned_malloc_unchecked_function(
size, alignment, context);
DoNotifyAllocationForShim(address, size);
return address;
}
static void* AlignedReallocFn(void* address,
size_t size,
size_t alignment,
void* context) {
// Note: size == 0 actually performs free.
DoNotifyFreeForShim(address);
address = self->next->aligned_realloc_function(self->next, address, size,
alignment, context);
address = allocator_dispatch_.next->aligned_realloc_function(
address, size, alignment, context);
DoNotifyAllocationForShim(address, size);
return address;
}
static void AlignedFreeFn(const AllocatorDispatch* self,
void* address,
void* context) {
static void* AlignedReallocUncheckedFn(void* address,
size_t size,
size_t alignment,
void* context) {
// Note: size == 0 actually performs free.
DoNotifyFreeForShim(address);
self->next->aligned_free_function(self->next, address, context);
address = allocator_dispatch_.next->aligned_realloc_unchecked_function(
address, size, alignment, context);
DoNotifyAllocationForShim(address, size);
return address;
}
static void AlignedFreeFn(void* address, void* context) {
DoNotifyFreeForShim(address);
MUSTTAIL return allocator_dispatch_.next->aligned_free_function(address,
context);
}
ALWAYS_INLINE static void DoNotifyAllocationForShim(void* address,
@ -304,7 +302,7 @@ struct DispatcherImpl {
}
static AllocatorDispatch allocator_dispatch_;
#endif // BUILDFLAG(USE_ALLOCATOR_SHIM)
#endif // PA_BUILDFLAG(USE_ALLOCATOR_SHIM)
ALWAYS_INLINE static void DoNotifyAllocation(
const AllocationNotificationData& notification_data) {
@ -323,27 +321,31 @@ struct DispatcherImpl {
template <typename... ObserverTypes>
std::tuple<ObserverTypes*...> DispatcherImpl<ObserverTypes...>::s_observers;
#if BUILDFLAG(USE_ALLOCATOR_SHIM)
#if PA_BUILDFLAG(USE_ALLOCATOR_SHIM)
template <typename... ObserverTypes>
AllocatorDispatch DispatcherImpl<ObserverTypes...>::allocator_dispatch_ = {
&AllocFn,
&AllocUncheckedFn,
&AllocZeroInitializedFn,
&AllocAlignedFn,
&ReallocFn,
&FreeFn,
&GetSizeEstimateFn,
&GoodSizeFn,
&ClaimedAddressFn,
&BatchMallocFn,
&BatchFreeFn,
&FreeDefiniteSizeFn,
&TryFreeDefaultFn,
&AlignedMallocFn,
&AlignedReallocFn,
&AlignedFreeFn,
nullptr};
#endif // BUILDFLAG(USE_ALLOCATOR_SHIM)
AllocFn, // alloc_function
AllocUncheckedFn, // alloc_unchecked_function
AllocZeroInitializedFn, // alloc_zero_initialized_function
AllocAlignedFn, // alloc_aligned_function
ReallocFn, // realloc_function
ReallocUncheckedFn, // realloc_unchecked_function
FreeFn, // free_function
nullptr, // get_size_estimate_function
nullptr, // good_size_function
nullptr, // claimed_address_function
BatchMallocFn, // batch_malloc_function
BatchFreeFn, // batch_free_function
FreeDefiniteSizeFn, // free_definite_size_function
TryFreeDefaultFn, // try_free_default_function
AlignedMallocFn, // aligned_malloc_function
AlignedMallocUncheckedFn, // aligned_malloc_unchecked_function
AlignedReallocFn, // aligned_realloc_function
AlignedReallocUncheckedFn, // aligned_realloc_unchecked_function
AlignedFreeFn, // aligned_free_function
nullptr // next
};
#endif // PA_BUILDFLAG(USE_ALLOCATOR_SHIM)
// Specialization of DispatcherImpl in case we have no observers to notify. In
// this special case we return a set of null pointers as the Dispatcher must not
@ -352,10 +354,10 @@ template <>
struct DispatcherImpl<> {
static DispatchData GetNotificationHooks(std::tuple<> /*observers*/) {
return DispatchData()
#if BUILDFLAG(USE_PARTITION_ALLOC)
#if PA_BUILDFLAG(USE_PARTITION_ALLOC)
.SetAllocationObserverHooks(nullptr, nullptr)
#endif
#if BUILDFLAG(USE_ALLOCATOR_SHIM)
#if PA_BUILDFLAG(USE_ALLOCATOR_SHIM)
.SetAllocatorDispatch(nullptr)
#endif
;

6
src/base/allocator/dispatcher/memory_tagging.h
View file

@ -2,8 +2,8 @@
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef BASE_ALLOCATOR_DISPATCHER_TAGGING_H_
#define BASE_ALLOCATOR_DISPATCHER_TAGGING_H_
#ifndef BASE_ALLOCATOR_DISPATCHER_MEMORY_TAGGING_H_
#define BASE_ALLOCATOR_DISPATCHER_MEMORY_TAGGING_H_
#include "partition_alloc/tagging.h"
@ -39,4 +39,4 @@ constexpr MTEMode ConvertToMTEMode(
} // namespace base::allocator::dispatcher
#endif // BASE_ALLOCATOR_DISPATCHER_TAGGING_H_
#endif // BASE_ALLOCATOR_DISPATCHER_MEMORY_TAGGING_H_

26
src/base/allocator/dispatcher/notification_data.h
View file

@ -10,7 +10,7 @@
#include "base/allocator/dispatcher/memory_tagging.h"
#include "base/allocator/dispatcher/subsystem.h"
#include "base/base_export.h"
#include "partition_alloc/partition_alloc_buildflags.h"
#include "partition_alloc/buildflags.h"
namespace base::allocator::dispatcher {
@ -42,28 +42,28 @@ class BASE_EXPORT AllocationNotificationData {
// In the allocation observer path, it's interesting which reporting mode is
// enabled.
#if BUILDFLAG(HAS_MEMORY_TAGGING)
#if PA_BUILDFLAG(HAS_MEMORY_TAGGING)
constexpr AllocationNotificationData& SetMteReportingMode(MTEMode mode) {
mte_reporting_mode_ = mode;
return *this;
}
#endif // BUILDFLAG(HAS_MEMORY_TAGGING)
#endif // PA_BUILDFLAG(HAS_MEMORY_TAGGING)
constexpr MTEMode mte_reporting_mode() const {
#if BUILDFLAG(HAS_MEMORY_TAGGING)
#if PA_BUILDFLAG(HAS_MEMORY_TAGGING)
return mte_reporting_mode_;
#else
return MTEMode::kUndefined;
#endif // BUILDFLAG(HAS_MEMORY_TAGGING)
#endif // PA_BUILDFLAG(HAS_MEMORY_TAGGING)
}
private:
void* address_ = nullptr;
size_t size_ = 0;
const char* type_name_ = nullptr;
#if BUILDFLAG(HAS_MEMORY_TAGGING)
#if PA_BUILDFLAG(HAS_MEMORY_TAGGING)
MTEMode mte_reporting_mode_ = MTEMode::kUndefined;
#endif // BUILDFLAG(HAS_MEMORY_TAGGING)
#endif // PA_BUILDFLAG(HAS_MEMORY_TAGGING)
AllocationSubsystem allocation_subsystem_;
};
@ -83,26 +83,26 @@ class BASE_EXPORT FreeNotificationData {
// In the free observer path, it's interesting which reporting mode is
// enabled.
#if BUILDFLAG(HAS_MEMORY_TAGGING)
#if PA_BUILDFLAG(HAS_MEMORY_TAGGING)
constexpr FreeNotificationData& SetMteReportingMode(MTEMode mode) {
mte_reporting_mode_ = mode;
return *this;
}
#endif // BUILDFLAG(HAS_MEMORY_TAGGING)
#endif // PA_BUILDFLAG(HAS_MEMORY_TAGGING)
constexpr MTEMode mte_reporting_mode() const {
#if BUILDFLAG(HAS_MEMORY_TAGGING)
#if PA_BUILDFLAG(HAS_MEMORY_TAGGING)
return mte_reporting_mode_;
#else
return MTEMode::kUndefined;
#endif // BUILDFLAG(HAS_MEMORY_TAGGING)
#endif // PA_BUILDFLAG(HAS_MEMORY_TAGGING)
}
private:
void* address_ = nullptr;
#if BUILDFLAG(HAS_MEMORY_TAGGING)
#if PA_BUILDFLAG(HAS_MEMORY_TAGGING)
MTEMode mte_reporting_mode_ = MTEMode::kUndefined;
#endif // BUILDFLAG(HAS_MEMORY_TAGGING)
#endif // PA_BUILDFLAG(HAS_MEMORY_TAGGING)
AllocationSubsystem allocation_subsystem_;
};

4
src/base/allocator/dispatcher/reentry_guard.cc
View file

@ -29,7 +29,7 @@ void ReentryGuard::InitTLSSlot() {
int error = pthread_key_create(&entered_key_, nullptr);
CHECK(!error);
// Touch the TLS slot immediately to force any allocations.
// TODO(https://crbug.com/1411454): Use this technique to avoid allocations
// TODO(crbug.com/40062835): Use this technique to avoid allocations
// in PoissonAllocationSampler::ScopedMuteThreadSamples, which will make
// ReentryGuard redundant.
pthread_setspecific(entered_key_, nullptr);
@ -47,7 +47,7 @@ void ReentryGuard::InitTLSSlot() {}
void ReentryGuard::RecordTLSSlotToCrashKey() {
// Record the key in crash dumps to detect when it's higher than 32
// (PTHREAD_KEY_2NDLEVEL_SIZE).
// TODO(crbug.com/1411454): Remove this after diagnosing reentry crashes.
// TODO(crbug.com/40062835): Remove this after diagnosing reentry crashes.
static auto* const crash_key = base::debug::AllocateCrashKeyString(
"reentry_guard_tls_slot", base::debug::CrashKeySize::Size32);

3
src/base/allocator/dispatcher/reentry_guard.h
View file

@ -33,8 +33,9 @@ struct BASE_EXPORT ReentryGuard {
}
ALWAYS_INLINE ~ReentryGuard() {
if (LIKELY(allowed_))
if (allowed_) [[likely]] {
pthread_setspecific(entered_key_, nullptr);
}
}
explicit operator bool() const noexcept { return allowed_; }

2
src/base/allocator/dispatcher/subsystem.h
View file

@ -24,4 +24,4 @@ enum class AllocationSubsystem {
};
} // namespace base::allocator::dispatcher
#endif // BASE_ALLOCATOR_DISPATCHER_SUBSYSTEM_H_
#endif // BASE_ALLOCATOR_DISPATCHER_SUBSYSTEM_H_

2
src/base/allocator/dispatcher/testing/dispatcher_test.h
View file

@ -24,4 +24,4 @@ struct DispatcherTest : public ::testing::Test {
} // namespace base::allocator::dispatcher::testing
#endif // BASE_ALLOCATOR_DISPATCHER_TESTING_DISPATCHER_TEST_H_
#endif // BASE_ALLOCATOR_DISPATCHER_TESTING_DISPATCHER_TEST_H_

2
src/base/allocator/dispatcher/testing/observer_mock.h
View file

@ -30,4 +30,4 @@ struct ObserverMock {
} // namespace testing
} // namespace base::allocator::dispatcher
#endif // BASE_ALLOCATOR_DISPATCHER_TESTING_OBSERVER_MOCK_H_
#endif // BASE_ALLOCATOR_DISPATCHER_TESTING_OBSERVER_MOCK_H_

8
src/base/allocator/dispatcher/tls.cc
View file

@ -4,16 +4,18 @@
#include "base/allocator/dispatcher/tls.h"
#include <string_view>
#if USE_LOCAL_TLS_EMULATION()
#include <sys/mman.h>
#include "base/check.h"
#include "base/dcheck_is_on.h"
#include "base/debug/crash_logging.h"
#include "base/immediate_crash.h"
#include "build/build_config.h"
#include <sys/mman.h>
#if BUILDFLAG(IS_ANDROID) || BUILDFLAG(IS_LINUX)
#include <sys/prctl.h>
#endif
@ -94,7 +96,7 @@ PThreadTLSSystem& PThreadTLSSystem::operator=(PThreadTLSSystem&& other) {
bool PThreadTLSSystem::Setup(
OnThreadTerminationFunction thread_termination_function,
const base::StringPiece instance_id) {
std::string_view instance_id) {
#if DCHECK_IS_ON()
// Initialize must happen outside of the allocation path. Therefore, it is
// secure to verify with DCHECK.

21
src/base/allocator/dispatcher/tls.h
View file

@ -5,6 +5,8 @@
#ifndef BASE_ALLOCATOR_DISPATCHER_TLS_H_
#define BASE_ALLOCATOR_DISPATCHER_TLS_H_
#include <string_view>
#include "build/build_config.h"
#if BUILDFLAG(IS_POSIX) // the current allocation mechanism (mmap) and TLS
@ -15,18 +17,21 @@
#endif
#if USE_LOCAL_TLS_EMULATION()
#include <pthread.h>
#include <algorithm>
#include <atomic>
#include <functional>
#include <memory>
#include <mutex>
#include "base/base_export.h"
#include "base/check.h"
#include "base/compiler_specific.h"
#include "base/strings/string_piece.h"
#include "partition_alloc/partition_alloc_constants.h"
#include <pthread.h>
#if PA_BUILDFLAG(USE_PARTITION_ALLOC)
#include "partition_alloc/partition_alloc_constants.h" // nogncheck
#endif
#if HAS_FEATURE(thread_sanitizer)
#define DISABLE_TSAN_INSTRUMENTATION __attribute__((no_sanitize("thread")))
@ -110,7 +115,7 @@ class BASE_EXPORT PThreadTLSSystem {
// @param thread_termination_function An optional function which will be
// invoked upon termination of a thread.
bool Setup(OnThreadTerminationFunction thread_termination_function,
const base::StringPiece instance_id);
std::string_view instance_id);
// Tear down the TLS system. After completing tear down, the thread
// termination function passed to Setup will not be invoked anymore.
bool TearDownForTesting();
@ -198,7 +203,7 @@ template <typename PayloadType,
size_t AllocationChunkSize,
bool IsDestructibleForTesting>
struct ThreadLocalStorage {
explicit ThreadLocalStorage(const base::StringPiece instance_id)
explicit ThreadLocalStorage(std::string_view instance_id)
: root_(AllocateAndInitializeChunk()) {
Initialize(instance_id);
}
@ -206,7 +211,7 @@ struct ThreadLocalStorage {
// Create a new instance of |ThreadLocalStorage| using the passed allocator
// and TLS system. This initializes the underlying TLS system and creates the
// first chunk of data.
ThreadLocalStorage(const base::StringPiece instance_id,
ThreadLocalStorage(std::string_view instance_id,
AllocatorType allocator,
TLSSystemType tls_system)
: allocator_(std::move(allocator)),
@ -243,7 +248,7 @@ struct ThreadLocalStorage {
auto* slot = static_cast<SingleSlot*>(tls_system.GetThreadSpecificData());
if (UNLIKELY(slot == nullptr)) {
if (slot == nullptr) [[unlikely]] {
slot = FindAndAllocateFreeSlot(root_.load(std::memory_order_relaxed));
// We might be called in the course of handling a memory allocation. We do
@ -359,7 +364,7 @@ struct ThreadLocalStorage {
}
// Perform common initialization during construction of an instance.
void Initialize(const base::StringPiece instance_id) {
void Initialize(std::string_view instance_id) {
// The constructor must be called outside of the allocation path. Therefore,
// it is secure to verify with CHECK.

6
src/base/allocator/early_zone_registration_apple.cc
View file

@ -7,7 +7,7 @@
#include <mach/mach.h>
#include <malloc/malloc.h>
#include "partition_alloc/partition_alloc_buildflags.h"
#include "partition_alloc/buildflags.h"
#include "partition_alloc/shim/early_zone_registration_constants.h"
// BASE_EXPORT tends to be defined as soon as anything from //base is included.
@ -17,7 +17,7 @@
namespace partition_alloc {
#if !BUILDFLAG(USE_PARTITION_ALLOC_AS_MALLOC)
#if !PA_BUILDFLAG(USE_PARTITION_ALLOC_AS_MALLOC)
void EarlyMallocZoneRegistration() {}
void AllowDoublePartitionAllocZoneRegistration() {}
@ -262,5 +262,5 @@ void AllowDoublePartitionAllocZoneRegistration() {
}
}
#endif // BUILDFLAG(USE_PARTITION_ALLOC_AS_MALLOC)
#endif // PA_BUILDFLAG(USE_PARTITION_ALLOC_AS_MALLOC)
} // namespace partition_alloc

21
src/base/allocator/miracle_parameter.cc
View file

@ -8,22 +8,7 @@
#include "base/strings/strcat.h"
#include "base/system/sys_info.h"
namespace base {
namespace miracle_parameter {
namespace {
std::string GetFieldTrialParamByFeatureAsString(
const base::Feature& feature,
const std::string& param_name,
const std::string& default_value) {
const std::string value =
base::GetFieldTrialParamValueByFeature(feature, param_name);
return value.empty() ? default_value : value;
}
} // namespace
namespace base::miracle_parameter {
std::string GetParamNameWithSuffix(const std::string& param_name) {
// `base::SysInfo::AmountOfPhysicalMemoryMB()` refers to CommandLine
@ -88,6 +73,4 @@ base::TimeDelta GetMiracleParameterAsTimeDelta(const base::Feature& feature,
default_value));
}
} // namespace miracle_parameter
} // namespace base
} // namespace base::miracle_parameter

4
src/base/allocator/miracle_parameter.h
View file

@ -14,7 +14,7 @@
// dependency cycle of (base->miracle_parameter->base).
// Eventually the miracle_parameter component will have a public interface in
// //base/ and this could be removed.
// TODO(crbug.com/1475915): remove miracle_parameter from
// TODO(crbug.com/40279826): remove miracle_parameter from
// //base/allocator/.
namespace base {
@ -166,7 +166,7 @@ Enum GetMiracleParameterAsEnum(
default_value, type, options) \
type function_name() { \
static const type value = miracle_parameter::GetMiracleParameterAsEnum( \
feature, param_name, default_value, base::make_span(options)); \
feature, param_name, default_value, base::span(options)); \
return value; \
}

398
src/base/allocator/partition_alloc_features.cc
View file

@ -12,15 +12,29 @@
#include "base/time/time.h"
#include "build/build_config.h"
#include "build/chromecast_buildflags.h"
#include "build/chromeos_buildflags.h"
#include "partition_alloc/buildflags.h"
#include "partition_alloc/partition_alloc_base/time/time.h"
#include "partition_alloc/partition_alloc_buildflags.h"
#include "partition_alloc/partition_alloc_constants.h"
#include "partition_alloc/partition_root.h"
#include "partition_alloc/shim/allocator_shim_dispatch_to_noop_on_free.h"
#include "partition_alloc/thread_cache.h"
namespace base {
namespace features {
namespace base::features {
namespace {
static constexpr char kPAFeatureEnabledProcessesStr[] = "enabled-processes";
static constexpr char kBrowserOnlyStr[] = "browser-only";
static constexpr char kBrowserAndRendererStr[] = "browser-and-renderer";
static constexpr char kNonRendererStr[] = "non-renderer";
static constexpr char kAllProcessesStr[] = "all-processes";
#if PA_CONFIG(ENABLE_SHADOW_METADATA)
static constexpr char kRendererOnlyStr[] = "renderer-only";
static constexpr char kAllChildProcessesStr[] = "all-child-processes";
#endif // PA_CONFIG(ENABLE_SHADOW_METADATA)
} // namespace
BASE_FEATURE(kPartitionAllocUnretainedDanglingPtr,
"PartitionAllocUnretainedDanglingPtr",
@ -32,7 +46,8 @@ constexpr FeatureParam<UnretainedDanglingPtrMode>::Option
{UnretainedDanglingPtrMode::kDumpWithoutCrashing,
"dump_without_crashing"},
};
const base::FeatureParam<UnretainedDanglingPtrMode>
// Note: Do not use the prepared macro as of no need for a local cache.
constinit const FeatureParam<UnretainedDanglingPtrMode>
kUnretainedDanglingPtrModeParam = {
&kPartitionAllocUnretainedDanglingPtr,
"mode",
@ -40,12 +55,13 @@ const base::FeatureParam<UnretainedDanglingPtrMode>
&kUnretainedDanglingPtrModeOption,
};
// Note: DPD conflicts with no-op `free()` (see
// `base::allocator::MakeFreeNoOp()`). No-op `free()` stands down in the
// presence of DPD, but hypothetically fully launching DPD should prompt
// a rethink of no-op `free()`.
BASE_FEATURE(kPartitionAllocDanglingPtr,
"PartitionAllocDanglingPtr",
#if BUILDFLAG(ENABLE_DANGLING_RAW_PTR_FEATURE_FLAG) || \
(BUILDFLAG(ENABLE_DANGLING_RAW_PTR_CHECKS) && \
(BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_WIN)) && !defined(OFFICIAL_BUILD) && \
(!defined(NDEBUG) || DCHECK_IS_ON()))
#if PA_BUILDFLAG(ENABLE_DANGLING_RAW_PTR_FEATURE_FLAG)
FEATURE_ENABLED_BY_DEFAULT
#else
FEATURE_DISABLED_BY_DEFAULT
@ -56,7 +72,8 @@ constexpr FeatureParam<DanglingPtrMode>::Option kDanglingPtrModeOption[] = {
{DanglingPtrMode::kCrash, "crash"},
{DanglingPtrMode::kLogOnly, "log_only"},
};
const base::FeatureParam<DanglingPtrMode> kDanglingPtrModeParam{
// Note: Do not use the prepared macro as of no need for a local cache.
constinit const FeatureParam<DanglingPtrMode> kDanglingPtrModeParam{
&kPartitionAllocDanglingPtr,
"mode",
DanglingPtrMode::kCrash,
@ -66,72 +83,91 @@ constexpr FeatureParam<DanglingPtrType>::Option kDanglingPtrTypeOption[] = {
{DanglingPtrType::kAll, "all"},
{DanglingPtrType::kCrossTask, "cross_task"},
};
const base::FeatureParam<DanglingPtrType> kDanglingPtrTypeParam{
// Note: Do not use the prepared macro as of no need for a local cache.
constinit const FeatureParam<DanglingPtrType> kDanglingPtrTypeParam{
&kPartitionAllocDanglingPtr,
"type",
DanglingPtrType::kAll,
&kDanglingPtrTypeOption,
};
#if BUILDFLAG(USE_STARSCAN)
// If enabled, PCScan is turned on by default for all partitions that don't
// disable it explicitly.
BASE_FEATURE(kPartitionAllocPCScan,
"PartitionAllocPCScan",
FEATURE_DISABLED_BY_DEFAULT);
#endif // BUILDFLAG(USE_STARSCAN)
#if BUILDFLAG(USE_PARTITION_ALLOC_AS_MALLOC)
// If enabled, PCScan is turned on only for the browser's malloc partition.
BASE_FEATURE(kPartitionAllocPCScanBrowserOnly,
"PartitionAllocPCScanBrowserOnly",
FEATURE_DISABLED_BY_DEFAULT);
// If enabled, PCScan is turned on only for the renderer's malloc partition.
BASE_FEATURE(kPartitionAllocPCScanRendererOnly,
"PartitionAllocPCScanRendererOnly",
FEATURE_DISABLED_BY_DEFAULT);
#if PA_BUILDFLAG(USE_PARTITION_ALLOC_AS_MALLOC)
// Use a larger maximum thread cache cacheable bucket size.
BASE_FEATURE(kPartitionAllocLargeThreadCacheSize,
"PartitionAllocLargeThreadCacheSize",
FEATURE_ENABLED_BY_DEFAULT);
MIRACLE_PARAMETER_FOR_INT(
GetPartitionAllocLargeThreadCacheSizeValue,
kPartitionAllocLargeThreadCacheSize,
"PartitionAllocLargeThreadCacheSizeValue",
::partition_alloc::ThreadCacheLimits::kLargeSizeThreshold)
MIRACLE_PARAMETER_FOR_INT(GetPartitionAllocLargeThreadCacheSizeValue,
kPartitionAllocLargeThreadCacheSize,
"PartitionAllocLargeThreadCacheSizeValue",
::partition_alloc::kThreadCacheLargeSizeThreshold)
MIRACLE_PARAMETER_FOR_INT(
GetPartitionAllocLargeThreadCacheSizeValueForLowRAMAndroid,
kPartitionAllocLargeThreadCacheSize,
"PartitionAllocLargeThreadCacheSizeValueForLowRAMAndroid",
::partition_alloc::ThreadCacheLimits::kDefaultSizeThreshold)
::partition_alloc::kThreadCacheDefaultSizeThreshold)
BASE_FEATURE(kPartitionAllocLargeEmptySlotSpanRing,
"PartitionAllocLargeEmptySlotSpanRing",
#if BUILDFLAG(IS_MAC) || BUILDFLAG(IS_WIN)
FEATURE_ENABLED_BY_DEFAULT);
#else
FEATURE_DISABLED_BY_DEFAULT);
#endif
BASE_FEATURE(kPartitionAllocWithAdvancedChecks,
"PartitionAllocWithAdvancedChecks",
FEATURE_DISABLED_BY_DEFAULT);
constexpr FeatureParam<PartitionAllocWithAdvancedChecksEnabledProcesses>::Option
kPartitionAllocWithAdvancedChecksEnabledProcessesOptions[] = {
{PartitionAllocWithAdvancedChecksEnabledProcesses::kBrowserOnly,
kBrowserOnlyStr},
{PartitionAllocWithAdvancedChecksEnabledProcesses::kBrowserAndRenderer,
kBrowserAndRendererStr},
{PartitionAllocWithAdvancedChecksEnabledProcesses::kNonRenderer,
kNonRendererStr},
{PartitionAllocWithAdvancedChecksEnabledProcesses::kAllProcesses,
kAllProcessesStr}};
// Note: Do not use the prepared macro as of no need for a local cache.
constinit const FeatureParam<PartitionAllocWithAdvancedChecksEnabledProcesses>
kPartitionAllocWithAdvancedChecksEnabledProcessesParam{
&kPartitionAllocWithAdvancedChecks, kPAFeatureEnabledProcessesStr,
PartitionAllocWithAdvancedChecksEnabledProcesses::kBrowserOnly,
&kPartitionAllocWithAdvancedChecksEnabledProcessesOptions};
BASE_FEATURE(kPartitionAllocSchedulerLoopQuarantine,
"PartitionAllocSchedulerLoopQuarantine",
FEATURE_DISABLED_BY_DEFAULT);
// Scheduler Loop Quarantine's capacity in bytes.
const base::FeatureParam<int> kPartitionAllocSchedulerLoopQuarantineCapacity{
&kPartitionAllocSchedulerLoopQuarantine,
"PartitionAllocSchedulerLoopQuarantineCapacity", 0};
// Scheduler Loop Quarantine's per-branch capacity in bytes.
// Note: Do not use the prepared macro as of no need for a local cache.
constinit const FeatureParam<int>
kPartitionAllocSchedulerLoopQuarantineBranchCapacity{
&kPartitionAllocSchedulerLoopQuarantine,
"PartitionAllocSchedulerLoopQuarantineBranchCapacity", 0};
// Scheduler Loop Quarantine's capacity for the UI thread in bytes.
BASE_FEATURE_PARAM(int,
kPartitionAllocSchedulerLoopQuarantineBrowserUICapacity,
&kPartitionAllocSchedulerLoopQuarantine,
"PartitionAllocSchedulerLoopQuarantineBrowserUICapacity",
0);
BASE_FEATURE(kPartitionAllocZappingByFreeFlags,
"PartitionAllocZappingByFreeFlags",
FEATURE_DISABLED_BY_DEFAULT);
#endif // BUILDFLAG(USE_PARTITION_ALLOC_AS_MALLOC)
BASE_FEATURE(kPartitionAllocEventuallyZeroFreedMemory,
"PartitionAllocEventuallyZeroFreedMemory",
FEATURE_DISABLED_BY_DEFAULT);
BASE_FEATURE(kPartitionAllocFewerMemoryRegions,
"PartitionAllocFewerMemoryRegions",
FEATURE_DISABLED_BY_DEFAULT);
#endif // PA_BUILDFLAG(USE_PARTITION_ALLOC_AS_MALLOC)
BASE_FEATURE(kPartitionAllocBackupRefPtr,
"PartitionAllocBackupRefPtr",
#if BUILDFLAG(IS_ANDROID) || BUILDFLAG(IS_WIN) || BUILDFLAG(IS_MAC) || \
BUILDFLAG(IS_CHROMEOS_ASH) || BUILDFLAG(IS_CHROMEOS_LACROS) || \
(BUILDFLAG(IS_LINUX) && !BUILDFLAG(IS_CASTOS)) || \
BUILDFLAG(ENABLE_BACKUP_REF_PTR_FEATURE_FLAG)
#if PA_BUILDFLAG(ENABLE_BACKUP_REF_PTR_FEATURE_FLAG)
FEATURE_ENABLED_BY_DEFAULT
#else
FEATURE_DISABLED_BY_DEFAULT
@ -140,47 +176,41 @@ BASE_FEATURE(kPartitionAllocBackupRefPtr,
constexpr FeatureParam<BackupRefPtrEnabledProcesses>::Option
kBackupRefPtrEnabledProcessesOptions[] = {
{BackupRefPtrEnabledProcesses::kBrowserOnly, "browser-only"},
{BackupRefPtrEnabledProcesses::kBrowserOnly, kBrowserOnlyStr},
{BackupRefPtrEnabledProcesses::kBrowserAndRenderer,
"browser-and-renderer"},
{BackupRefPtrEnabledProcesses::kNonRenderer, "non-renderer"},
{BackupRefPtrEnabledProcesses::kAllProcesses, "all-processes"}};
kBrowserAndRendererStr},
{BackupRefPtrEnabledProcesses::kNonRenderer, kNonRendererStr},
{BackupRefPtrEnabledProcesses::kAllProcesses, kAllProcessesStr}};
const base::FeatureParam<BackupRefPtrEnabledProcesses>
kBackupRefPtrEnabledProcessesParam{
&kPartitionAllocBackupRefPtr, "enabled-processes",
BackupRefPtrEnabledProcesses::kNonRenderer,
&kBackupRefPtrEnabledProcessesOptions};
BASE_FEATURE_ENUM_PARAM(BackupRefPtrEnabledProcesses,
kBackupRefPtrEnabledProcessesParam,
&kPartitionAllocBackupRefPtr,
kPAFeatureEnabledProcessesStr,
#if PA_BUILDFLAG(IS_MAC) && PA_BUILDFLAG(PA_ARCH_CPU_ARM64)
BackupRefPtrEnabledProcesses::kNonRenderer,
#else
BackupRefPtrEnabledProcesses::kAllProcesses,
#endif
&kBackupRefPtrEnabledProcessesOptions);
// Map *-with-memory-reclaimer modes onto their counterpars without the suffix.
// They are the same, as memory reclaimer is now controlled independently.
//
// Similarly, map disabled-but-*-way-split onto plain disabled, as we are done
// experimenting with partition split.
//
// We need to keep those option strings, as there is a long tail of clients that
// may have an old field trial config, which used these modes.
//
// DO NOT USE *-with-memory-reclaimer and disabled-but-*-way-split modes in new
// configs!
constexpr FeatureParam<BackupRefPtrMode>::Option kBackupRefPtrModeOptions[] = {
{BackupRefPtrMode::kDisabled, "disabled"},
{BackupRefPtrMode::kEnabled, "enabled"},
{BackupRefPtrMode::kEnabled, "enabled-with-memory-reclaimer"},
{BackupRefPtrMode::kEnabledInSameSlotMode, "enabled-in-same-slot-mode"},
{BackupRefPtrMode::kDisabled, "disabled-but-2-way-split"},
{BackupRefPtrMode::kDisabled,
"disabled-but-2-way-split-with-memory-reclaimer"},
{BackupRefPtrMode::kDisabled, "disabled-but-3-way-split"},
};
const base::FeatureParam<BackupRefPtrMode> kBackupRefPtrModeParam{
&kPartitionAllocBackupRefPtr, "brp-mode",
BackupRefPtrMode::kEnabledInSameSlotMode, &kBackupRefPtrModeOptions};
BASE_FEATURE_ENUM_PARAM(BackupRefPtrMode,
kBackupRefPtrModeParam,
&kPartitionAllocBackupRefPtr,
"brp-mode",
BackupRefPtrMode::kEnabled,
&kBackupRefPtrModeOptions);
// Note: Do not use the prepared macro as of no need for a local cache.
constinit const FeatureParam<int> kBackupRefPtrExtraExtrasSizeParam{
&kPartitionAllocBackupRefPtr, "brp-extra-extras-size", 0};
BASE_FEATURE(kPartitionAllocMemoryTagging,
"PartitionAllocMemoryTagging",
#if BUILDFLAG(USE_FULL_MTE)
#if PA_BUILDFLAG(USE_FULL_MTE) || BUILDFLAG(IS_ANDROID)
FEATURE_ENABLED_BY_DEFAULT
#else
FEATURE_DISABLED_BY_DEFAULT
@ -191,28 +221,40 @@ constexpr FeatureParam<MemtagMode>::Option kMemtagModeOptions[] = {
{MemtagMode::kSync, "sync"},
{MemtagMode::kAsync, "async"}};
const base::FeatureParam<MemtagMode> kMemtagModeParam{
// Note: Do not use the prepared macro as of no need for a local cache.
constinit const FeatureParam<MemtagMode> kMemtagModeParam{
&kPartitionAllocMemoryTagging, "memtag-mode",
#if BUILDFLAG(USE_FULL_MTE)
#if PA_BUILDFLAG(USE_FULL_MTE)
MemtagMode::kSync,
#else
MemtagMode::kAsync,
#endif
&kMemtagModeOptions};
constexpr FeatureParam<RetagMode>::Option kRetagModeOptions[] = {
{RetagMode::kIncrement, "increment"},
{RetagMode::kRandom, "random"},
};
// Note: Do not use the prepared macro as of no need for a local cache.
constinit const FeatureParam<RetagMode> kRetagModeParam{
&kPartitionAllocMemoryTagging, "retag-mode", RetagMode::kIncrement,
&kRetagModeOptions};
constexpr FeatureParam<MemoryTaggingEnabledProcesses>::Option
kMemoryTaggingEnabledProcessesOptions[] = {
{MemoryTaggingEnabledProcesses::kBrowserOnly, "browser-only"},
{MemoryTaggingEnabledProcesses::kNonRenderer, "non-renderer"},
{MemoryTaggingEnabledProcesses::kAllProcesses, "all-processes"}};
{MemoryTaggingEnabledProcesses::kBrowserOnly, kBrowserOnlyStr},
{MemoryTaggingEnabledProcesses::kNonRenderer, kNonRendererStr},
{MemoryTaggingEnabledProcesses::kAllProcesses, kAllProcessesStr}};
const base::FeatureParam<MemoryTaggingEnabledProcesses>
// Note: Do not use the prepared macro as of no need for a local cache.
constinit const FeatureParam<MemoryTaggingEnabledProcesses>
kMemoryTaggingEnabledProcessesParam{
&kPartitionAllocMemoryTagging, "enabled-processes",
#if BUILDFLAG(USE_FULL_MTE)
&kPartitionAllocMemoryTagging, kPAFeatureEnabledProcessesStr,
#if PA_BUILDFLAG(USE_FULL_MTE)
MemoryTaggingEnabledProcesses::kAllProcesses,
#else
MemoryTaggingEnabledProcesses::kBrowserOnly,
MemoryTaggingEnabledProcesses::kNonRenderer,
#endif
&kMemoryTaggingEnabledProcessesOptions};
@ -223,7 +265,7 @@ BASE_FEATURE(kKillPartitionAllocMemoryTagging,
BASE_EXPORT BASE_DECLARE_FEATURE(kPartitionAllocPermissiveMte);
BASE_FEATURE(kPartitionAllocPermissiveMte,
"PartitionAllocPermissiveMte",
#if BUILDFLAG(USE_FULL_MTE)
#if PA_BUILDFLAG(USE_FULL_MTE)
// We want to actually crash if USE_FULL_MTE is enabled.
FEATURE_DISABLED_BY_DEFAULT
#else
@ -231,13 +273,15 @@ BASE_FEATURE(kPartitionAllocPermissiveMte,
#endif
);
const base::FeatureParam<bool> kBackupRefPtrAsanEnableDereferenceCheckParam{
&kPartitionAllocBackupRefPtr, "asan-enable-dereference-check", true};
const base::FeatureParam<bool> kBackupRefPtrAsanEnableExtractionCheckParam{
&kPartitionAllocBackupRefPtr, "asan-enable-extraction-check",
false}; // Not much noise at the moment to enable by default.
const base::FeatureParam<bool> kBackupRefPtrAsanEnableInstantiationCheckParam{
&kPartitionAllocBackupRefPtr, "asan-enable-instantiation-check", true};
BASE_FEATURE(kAsanBrpDereferenceCheck,
"AsanBrpDereferenceCheck",
FEATURE_ENABLED_BY_DEFAULT);
BASE_FEATURE(kAsanBrpExtractionCheck,
"AsanBrpExtractionCheck", // Not much noise at the moment to
FEATURE_DISABLED_BY_DEFAULT); // enable by default.
BASE_FEATURE(kAsanBrpInstantiationCheck,
"AsanBrpInstantiationCheck",
FEATURE_ENABLED_BY_DEFAULT);
// If enabled, switches the bucket distribution to a denser one.
//
@ -251,29 +295,31 @@ BASE_FEATURE(kPartitionAllocUseDenserDistribution,
FEATURE_ENABLED_BY_DEFAULT
#endif // BUILDFLAG(IS_ANDROID) && defined(ARCH_CPU_32_BITS)
);
const base::FeatureParam<BucketDistributionMode>::Option
const FeatureParam<BucketDistributionMode>::Option
kPartitionAllocBucketDistributionOption[] = {
{BucketDistributionMode::kDefault, "default"},
{BucketDistributionMode::kDenser, "denser"},
};
const base::FeatureParam<BucketDistributionMode>
kPartitionAllocBucketDistributionParam {
&kPartitionAllocUseDenserDistribution, "mode",
// Note: Do not use the prepared macro as of no need for a local cache.
constinit const FeatureParam<BucketDistributionMode>
kPartitionAllocBucketDistributionParam{
&kPartitionAllocUseDenserDistribution, "mode",
#if BUILDFLAG(IS_ANDROID) && defined(ARCH_CPU_32_BITS)
BucketDistributionMode::kDefault,
BucketDistributionMode::kDefault,
#else
BucketDistributionMode::kDenser,
BucketDistributionMode::kDenser,
#endif // BUILDFLAG(IS_ANDROID) && defined(ARCH_CPU_32_BITS)
&kPartitionAllocBucketDistributionOption
};
&kPartitionAllocBucketDistributionOption};
BASE_FEATURE(kPartitionAllocMemoryReclaimer,
"PartitionAllocMemoryReclaimer",
FEATURE_ENABLED_BY_DEFAULT);
const base::FeatureParam<TimeDelta> kPartitionAllocMemoryReclaimerInterval = {
&kPartitionAllocMemoryReclaimer, "interval",
TimeDelta(), // Defaults to zero.
};
BASE_FEATURE_PARAM(TimeDelta,
kPartitionAllocMemoryReclaimerInterval,
&kPartitionAllocMemoryReclaimer,
"interval",
TimeDelta() // Defaults to zero.
);
// Configures whether we set a lower limit for renderers that do not have a main
// frame, similar to the limit that is already done for backgrounded renderers.
@ -281,52 +327,22 @@ BASE_FEATURE(kLowerPAMemoryLimitForNonMainRenderers,
"LowerPAMemoryLimitForNonMainRenderers",
FEATURE_DISABLED_BY_DEFAULT);
// If enabled, switches PCScan scheduling to a mutator-aware scheduler. Does not
// affect whether PCScan is enabled itself.
BASE_FEATURE(kPartitionAllocPCScanMUAwareScheduler,
"PartitionAllocPCScanMUAwareScheduler",
FEATURE_ENABLED_BY_DEFAULT);
// If enabled, PCScan frees unconditionally all quarantined objects.
// This is a performance testing feature.
BASE_FEATURE(kPartitionAllocPCScanImmediateFreeing,
"PartitionAllocPCScanImmediateFreeing",
FEATURE_DISABLED_BY_DEFAULT);
// If enabled, PCScan clears eagerly (synchronously) on free().
BASE_FEATURE(kPartitionAllocPCScanEagerClearing,
"PartitionAllocPCScanEagerClearing",
FEATURE_DISABLED_BY_DEFAULT);
// In addition to heap, scan also the stack of the current mutator.
BASE_FEATURE(kPartitionAllocPCScanStackScanning,
"PartitionAllocPCScanStackScanning",
#if BUILDFLAG(PCSCAN_STACK_SUPPORTED)
FEATURE_ENABLED_BY_DEFAULT
#else
FEATURE_DISABLED_BY_DEFAULT
#endif // BUILDFLAG(PCSCAN_STACK_SUPPORTED)
);
BASE_FEATURE(kPartitionAllocDCScan,
"PartitionAllocDCScan",
FEATURE_DISABLED_BY_DEFAULT);
// Whether to straighten free lists for larger slot spans in PurgeMemory() ->
// ... -> PartitionPurgeSlotSpan().
BASE_FEATURE(kPartitionAllocStraightenLargerSlotSpanFreeLists,
"PartitionAllocStraightenLargerSlotSpanFreeLists",
FEATURE_ENABLED_BY_DEFAULT);
const base::FeatureParam<
partition_alloc::StraightenLargerSlotSpanFreeListsMode>::Option
kPartitionAllocStraightenLargerSlotSpanFreeListsModeOption[] = {
const FeatureParam<partition_alloc::StraightenLargerSlotSpanFreeListsMode>::
Option kPartitionAllocStraightenLargerSlotSpanFreeListsModeOption[] = {
{partition_alloc::StraightenLargerSlotSpanFreeListsMode::
kOnlyWhenUnprovisioning,
"only-when-unprovisioning"},
{partition_alloc::StraightenLargerSlotSpanFreeListsMode::kAlways,
"always"},
};
const base::FeatureParam<partition_alloc::StraightenLargerSlotSpanFreeListsMode>
// Note: Do not use the prepared macro as of no need for a local cache.
constinit const FeatureParam<
partition_alloc::StraightenLargerSlotSpanFreeListsMode>
kPartitionAllocStraightenLargerSlotSpanFreeListsMode = {
&kPartitionAllocStraightenLargerSlotSpanFreeLists,
"mode",
@ -359,9 +375,11 @@ BASE_FEATURE(kPageAllocatorRetryOnCommitFailure,
// The feature: kPartialLowEndModeOnMidRangeDevices is defined in
// //base/features.cc. Since the following feature param is related to
// PartitionAlloc, define the param here.
const FeatureParam<bool> kPartialLowEndModeExcludePartitionAllocSupport{
&kPartialLowEndModeOnMidRangeDevices, "exclude-partition-alloc-support",
false};
BASE_FEATURE_PARAM(bool,
kPartialLowEndModeExcludePartitionAllocSupport,
&kPartialLowEndModeOnMidRangeDevices,
"exclude-partition-alloc-support",
false);
#endif
BASE_FEATURE(kEnableConfigurableThreadCacheMultiplier,
@ -379,19 +397,19 @@ MIRACLE_PARAMETER_FOR_DOUBLE(GetThreadCacheMultiplierForAndroid,
1.)
constexpr partition_alloc::internal::base::TimeDelta ToPartitionAllocTimeDelta(
base::TimeDelta time_delta) {
TimeDelta time_delta) {
return partition_alloc::internal::base::Microseconds(
time_delta.InMicroseconds());
}
constexpr base::TimeDelta FromPartitionAllocTimeDelta(
constexpr TimeDelta FromPartitionAllocTimeDelta(
partition_alloc::internal::base::TimeDelta time_delta) {
return base::Microseconds(time_delta.InMicroseconds());
return Microseconds(time_delta.InMicroseconds());
}
BASE_FEATURE(kEnableConfigurableThreadCachePurgeInterval,
"EnableConfigurableThreadCachePurgeInterval",
base::FEATURE_DISABLED_BY_DEFAULT);
FEATURE_DISABLED_BY_DEFAULT);
MIRACLE_PARAMETER_FOR_TIME_DELTA(
GetThreadCacheMinPurgeIntervalValue,
@ -428,7 +446,7 @@ GetThreadCacheDefaultPurgeInterval() {
BASE_FEATURE(kEnableConfigurableThreadCacheMinCachedMemoryForPurging,
"EnableConfigurableThreadCacheMinCachedMemoryForPurging",
base::FEATURE_DISABLED_BY_DEFAULT);
FEATURE_DISABLED_BY_DEFAULT);
MIRACLE_PARAMETER_FOR_INT(
GetThreadCacheMinCachedMemoryForPurgingBytes,
@ -442,67 +460,41 @@ MIRACLE_PARAMETER_FOR_INT(
// abundance of caution, we provide this toggle that allows us to
// wholly disable MiraclePtr in the buffer partition, if necessary.
//
// TODO(crbug.com/1444624): this is unneeded once
// TODO(crbug.com/40064499): this is unneeded once
// MiraclePtr-for-Renderer launches.
BASE_FEATURE(kPartitionAllocDisableBRPInBufferPartition,
"PartitionAllocDisableBRPInBufferPartition",
FEATURE_DISABLED_BY_DEFAULT);
#if BUILDFLAG(USE_FREELIST_POOL_OFFSETS)
BASE_FEATURE(kUsePoolOffsetFreelists,
"PartitionAllocUsePoolOffsetFreelists",
base::FEATURE_DISABLED_BY_DEFAULT);
#endif
BASE_FEATURE(kPartitionAllocMakeFreeNoOpOnShutdown,
"PartitionAllocMakeFreeNoOpOnShutdown",
FEATURE_DISABLED_BY_DEFAULT);
constexpr FeatureParam<WhenFreeBecomesNoOp>::Option
kPartitionAllocMakeFreeNoOpOnShutdownOptions[] = {
{
WhenFreeBecomesNoOp::kBeforeShutDownThreads,
"before-shutdown-threads",
},
{
WhenFreeBecomesNoOp::kInShutDownThreads,
"in-shutdown-threads",
},
{
WhenFreeBecomesNoOp::kAfterShutDownThreads,
"after-shutdown-threads",
},
};
const base::FeatureParam<WhenFreeBecomesNoOp>
kPartitionAllocMakeFreeNoOpOnShutdownParam{
&kPartitionAllocMakeFreeNoOpOnShutdown, "callsite",
WhenFreeBecomesNoOp::kBeforeShutDownThreads,
&kPartitionAllocMakeFreeNoOpOnShutdownOptions};
void MakeFreeNoOp(WhenFreeBecomesNoOp callsite) {
CHECK(base::FeatureList::GetInstance());
// Ignoring `free()` during Shutdown would allow developers to introduce new
// dangling pointers. So we want to avoid ignoring free when it is enabled.
// Note: For now, the DanglingPointerDetector is only enabled on 5 bots, and
// on linux non-official configuration.
// TODO(b/40802063): Reconsider this decision after the experiment.
#if BUILDFLAG(ENABLE_DANGLING_RAW_PTR_CHECKS)
if (base::FeatureList::IsEnabled(features::kPartitionAllocDanglingPtr)) {
return;
}
#endif // BUILDFLAG(ENABLE_DANGLING_RAW_PTR_CHECKS)
#if BUILDFLAG(USE_ALLOCATOR_SHIM)
if (base::FeatureList::IsEnabled(kPartitionAllocMakeFreeNoOpOnShutdown) &&
kPartitionAllocMakeFreeNoOpOnShutdownParam.Get() == callsite) {
allocator_shim::InsertNoOpOnFreeAllocatorShimOnShutDown();
}
#endif // BUILDFLAG(USE_ALLOCATOR_SHIM)
}
BASE_FEATURE(kPartitionAllocAdjustSizeWhenInForeground,
"PartitionAllocAdjustSizeWhenInForeground",
base::FEATURE_DISABLED_BY_DEFAULT);
#if BUILDFLAG(IS_MAC) || BUILDFLAG(IS_WIN)
FEATURE_ENABLED_BY_DEFAULT);
#else
FEATURE_DISABLED_BY_DEFAULT);
#endif
} // namespace features
} // namespace base
BASE_FEATURE(kPartitionAllocUseSmallSingleSlotSpans,
"PartitionAllocUseSmallSingleSlotSpans",
FEATURE_ENABLED_BY_DEFAULT);
#if PA_CONFIG(ENABLE_SHADOW_METADATA)
BASE_FEATURE(kPartitionAllocShadowMetadata,
"PartitionAllocShadowMetadata",
FEATURE_DISABLED_BY_DEFAULT);
constexpr FeatureParam<ShadowMetadataEnabledProcesses>::Option
kShadowMetadataEnabledProcessesOptions[] = {
{ShadowMetadataEnabledProcesses::kRendererOnly, kRendererOnlyStr},
{ShadowMetadataEnabledProcesses::kAllChildProcesses,
kAllChildProcessesStr}};
// Note: Do not use the prepared macro as of no need for a local cache.
constinit const FeatureParam<ShadowMetadataEnabledProcesses>
kShadowMetadataEnabledProcessesParam{
&kPartitionAllocShadowMetadata, kPAFeatureEnabledProcessesStr,
ShadowMetadataEnabledProcesses::kRendererOnly,
&kShadowMetadataEnabledProcessesOptions};
#endif // PA_CONFIG(ENABLE_SHADOW_METADATA)
} // namespace base::features

197
src/base/allocator/partition_alloc_features.h
View file

@ -9,23 +9,40 @@
#include "base/compiler_specific.h"
#include "base/feature_list.h"
#include "base/metrics/field_trial_params.h"
#include "base/strings/string_piece.h"
#include "base/time/time.h"
#include "build/build_config.h"
#include "partition_alloc/buildflags.h"
#include "partition_alloc/partition_alloc_base/time/time.h"
#include "partition_alloc/partition_alloc_buildflags.h"
#include "partition_alloc/partition_root.h"
namespace base {
namespace features {
namespace base::features {
extern const BASE_EXPORT Feature kPartitionAllocUnretainedDanglingPtr;
namespace internal {
enum class PAFeatureEnabledProcesses {
// Enabled only in the browser process.
kBrowserOnly,
// Enabled only in the browser and renderer processes.
kBrowserAndRenderer,
// Enabled in all processes, except renderer.
kNonRenderer,
// Enabled only in renderer processes.
kRendererOnly,
// Enabled in all child processes, except zygote.
kAllChildProcesses,
// Enabled in all processes.
kAllProcesses,
};
} // namespace internal
BASE_EXPORT BASE_DECLARE_FEATURE(kPartitionAllocUnretainedDanglingPtr);
enum class UnretainedDanglingPtrMode {
kCrash,
kDumpWithoutCrashing,
};
extern const BASE_EXPORT base::FeatureParam<UnretainedDanglingPtrMode>
kUnretainedDanglingPtrModeParam;
BASE_EXPORT BASE_DECLARE_FEATURE_PARAM(UnretainedDanglingPtrMode,
kUnretainedDanglingPtrModeParam);
// See /docs/dangling_ptr.md
BASE_EXPORT BASE_DECLARE_FEATURE(kPartitionAllocDanglingPtr);
@ -44,8 +61,7 @@ enum class DanglingPtrMode {
// Note: This will be extended with a single shot DumpWithoutCrashing.
};
extern const BASE_EXPORT base::FeatureParam<DanglingPtrMode>
kDanglingPtrModeParam;
BASE_EXPORT BASE_DECLARE_FEATURE_PARAM(DanglingPtrMode, kDanglingPtrModeParam);
enum class DanglingPtrType {
// Act on any dangling raw_ptr released after being freed.
kAll, // (default)
@ -56,39 +72,47 @@ enum class DanglingPtrType {
// Note: This will be extended with LongLived
};
extern const BASE_EXPORT base::FeatureParam<DanglingPtrType>
kDanglingPtrTypeParam;
BASE_EXPORT BASE_DECLARE_FEATURE_PARAM(DanglingPtrType, kDanglingPtrTypeParam);
#if BUILDFLAG(USE_STARSCAN)
BASE_EXPORT BASE_DECLARE_FEATURE(kPartitionAllocPCScan);
#endif
#if BUILDFLAG(USE_PARTITION_ALLOC_AS_MALLOC)
BASE_EXPORT BASE_DECLARE_FEATURE(kPartitionAllocPCScanBrowserOnly);
BASE_EXPORT BASE_DECLARE_FEATURE(kPartitionAllocPCScanRendererOnly);
using PartitionAllocWithAdvancedChecksEnabledProcesses =
internal::PAFeatureEnabledProcesses;
#if PA_BUILDFLAG(USE_PARTITION_ALLOC_AS_MALLOC)
BASE_EXPORT BASE_DECLARE_FEATURE(kPartitionAllocLargeThreadCacheSize);
BASE_EXPORT int GetPartitionAllocLargeThreadCacheSizeValue();
BASE_EXPORT int GetPartitionAllocLargeThreadCacheSizeValueForLowRAMAndroid();
BASE_EXPORT BASE_DECLARE_FEATURE(kPartitionAllocLargeEmptySlotSpanRing);
BASE_EXPORT BASE_DECLARE_FEATURE(kPartitionAllocWithAdvancedChecks);
BASE_EXPORT BASE_DECLARE_FEATURE_PARAM(
PartitionAllocWithAdvancedChecksEnabledProcesses,
kPartitionAllocWithAdvancedChecksEnabledProcessesParam);
BASE_EXPORT BASE_DECLARE_FEATURE(kPartitionAllocSchedulerLoopQuarantine);
// Scheduler Loop Quarantine's capacity in bytes.
extern const BASE_EXPORT base::FeatureParam<int>
kPartitionAllocSchedulerLoopQuarantineCapacity;
// Scheduler Loop Quarantine's per-thread capacity in bytes.
BASE_EXPORT BASE_DECLARE_FEATURE_PARAM(
int,
kPartitionAllocSchedulerLoopQuarantineBranchCapacity);
// Scheduler Loop Quarantine's capacity for the UI thread in bytes.
// TODO(https://crbug.com/387470567): Support more thread types.
BASE_EXPORT BASE_DECLARE_FEATURE_PARAM(
int,
kPartitionAllocSchedulerLoopQuarantineBrowserUICapacity);
BASE_EXPORT BASE_DECLARE_FEATURE(kPartitionAllocZappingByFreeFlags);
#endif // BUILDFLAG(USE_PARTITION_ALLOC_AS_MALLOC)
enum class BackupRefPtrEnabledProcesses {
// BRP enabled only in the browser process.
kBrowserOnly,
// BRP enabled only in the browser and renderer processes.
kBrowserAndRenderer,
// BRP enabled in all processes, except renderer.
kNonRenderer,
// BRP enabled in all processes.
kAllProcesses,
};
// Eventually zero out most PartitionAlloc memory. This is not meant as a
// security guarantee, but to increase the compression ratio of PartitionAlloc's
// fragmented super pages.
BASE_EXPORT BASE_DECLARE_FEATURE(kPartitionAllocEventuallyZeroFreedMemory);
// Whether to make PartitionAlloc use fewer memory regions. This matters on
// Linux-based systems, where there is a per-process limit that we hit in some
// cases. See the comment in PartitionBucket::SlotSpanCOmmitedSize() for detail.
BASE_EXPORT BASE_DECLARE_FEATURE(kPartitionAllocFewerMemoryRegions);
#endif // PA_BUILDFLAG(USE_PARTITION_ALLOC_AS_MALLOC)
using BackupRefPtrEnabledProcesses = internal::PAFeatureEnabledProcesses;
enum class BackupRefPtrMode {
// BRP is disabled across all partitions. Equivalent to the Finch flag being
@ -98,11 +122,6 @@ enum class BackupRefPtrMode {
// BRP is enabled in the main partition, as well as certain Renderer-only
// partitions (if enabled in Renderer at all).
kEnabled,
// As above, but "same slot" mode is used, as opposed to "previous slot".
// This means that ref-count is placed at the end of the same slot as the
// object it protects, as opposed to the end of the previous slot.
kEnabledInSameSlotMode,
};
enum class MemtagMode {
@ -112,75 +131,54 @@ enum class MemtagMode {
kAsync,
};
enum class MemoryTaggingEnabledProcesses {
// Memory tagging enabled only in the browser process.
kBrowserOnly,
// Memory tagging enabled in all processes, except renderer.
kNonRenderer,
// Memory tagging enabled in all processes.
kAllProcesses,
enum class RetagMode {
// Allocations are retagged by incrementing the current tag.
kIncrement,
// Allocations are retagged with a random tag.
kRandom,
};
using MemoryTaggingEnabledProcesses = internal::PAFeatureEnabledProcesses;
enum class BucketDistributionMode : uint8_t {
kDefault,
kDenser,
};
// Parameter for 'kPartitionAllocMakeFreeNoOpOnShutdown' feature which
// controls when free() becomes a no-op during Shutdown()
enum class WhenFreeBecomesNoOp {
// Allocator is inserted either before, in, or after shutdown threads
kBeforeShutDownThreads,
kInShutDownThreads,
kAfterShutDownThreads,
};
// Inserts a no-op on 'free()' allocator shim at the front of the
// dispatch chain if called from the appropriate callsite.
BASE_EXPORT void MakeFreeNoOp(WhenFreeBecomesNoOp callsite);
BASE_EXPORT BASE_DECLARE_FEATURE(kPartitionAllocMakeFreeNoOpOnShutdown);
extern const BASE_EXPORT base::FeatureParam<WhenFreeBecomesNoOp>
kPartitionAllocMakeFreeNoOpOnShutdownParam;
BASE_EXPORT BASE_DECLARE_FEATURE(kPartitionAllocBackupRefPtr);
extern const BASE_EXPORT base::FeatureParam<BackupRefPtrEnabledProcesses>
kBackupRefPtrEnabledProcessesParam;
extern const BASE_EXPORT base::FeatureParam<BackupRefPtrMode>
kBackupRefPtrModeParam;
BASE_EXPORT BASE_DECLARE_FEATURE_PARAM(BackupRefPtrEnabledProcesses,
kBackupRefPtrEnabledProcessesParam);
BASE_EXPORT BASE_DECLARE_FEATURE_PARAM(BackupRefPtrMode,
kBackupRefPtrModeParam);
BASE_EXPORT BASE_DECLARE_FEATURE_PARAM(int,
kBackupRefPtrExtraExtrasSizeParam);
BASE_EXPORT BASE_DECLARE_FEATURE(kPartitionAllocMemoryTagging);
extern const BASE_EXPORT base::FeatureParam<MemtagMode> kMemtagModeParam;
extern const BASE_EXPORT base::FeatureParam<MemoryTaggingEnabledProcesses>
kMemoryTaggingEnabledProcessesParam;
BASE_EXPORT BASE_DECLARE_FEATURE_PARAM(MemtagMode, kMemtagModeParam);
BASE_EXPORT BASE_DECLARE_FEATURE_PARAM(RetagMode, kRetagModeParam);
BASE_EXPORT BASE_DECLARE_FEATURE_PARAM(MemoryTaggingEnabledProcesses,
kMemoryTaggingEnabledProcessesParam);
// Kill switch for memory tagging. Skips any code related to memory tagging when
// enabled.
BASE_EXPORT BASE_DECLARE_FEATURE(kKillPartitionAllocMemoryTagging);
BASE_EXPORT BASE_DECLARE_FEATURE(kPartitionAllocPermissiveMte);
extern const BASE_EXPORT base::FeatureParam<bool>
kBackupRefPtrAsanEnableDereferenceCheckParam;
extern const BASE_EXPORT base::FeatureParam<bool>
kBackupRefPtrAsanEnableExtractionCheckParam;
extern const BASE_EXPORT base::FeatureParam<bool>
kBackupRefPtrAsanEnableInstantiationCheckParam;
extern const BASE_EXPORT base::FeatureParam<BucketDistributionMode>
kPartitionAllocBucketDistributionParam;
BASE_EXPORT BASE_DECLARE_FEATURE(kAsanBrpDereferenceCheck);
BASE_EXPORT BASE_DECLARE_FEATURE(kAsanBrpExtractionCheck);
BASE_EXPORT BASE_DECLARE_FEATURE(kAsanBrpInstantiationCheck);
BASE_EXPORT BASE_DECLARE_FEATURE_PARAM(BucketDistributionMode,
kPartitionAllocBucketDistributionParam);
BASE_EXPORT BASE_DECLARE_FEATURE(kLowerPAMemoryLimitForNonMainRenderers);
BASE_EXPORT BASE_DECLARE_FEATURE(kPartitionAllocPCScanMUAwareScheduler);
BASE_EXPORT BASE_DECLARE_FEATURE(kPartitionAllocPCScanStackScanning);
BASE_EXPORT BASE_DECLARE_FEATURE(kPartitionAllocDCScan);
BASE_EXPORT BASE_DECLARE_FEATURE(kPartitionAllocPCScanImmediateFreeing);
BASE_EXPORT BASE_DECLARE_FEATURE(kPartitionAllocPCScanEagerClearing);
BASE_EXPORT BASE_DECLARE_FEATURE(kPartitionAllocUseDenserDistribution);
BASE_EXPORT BASE_DECLARE_FEATURE(kPartitionAllocMemoryReclaimer);
extern const BASE_EXPORT base::FeatureParam<TimeDelta>
kPartitionAllocMemoryReclaimerInterval;
BASE_EXPORT BASE_DECLARE_FEATURE_PARAM(TimeDelta,
kPartitionAllocMemoryReclaimerInterval);
BASE_EXPORT BASE_DECLARE_FEATURE(
kPartitionAllocStraightenLargerSlotSpanFreeLists);
extern const BASE_EXPORT
base::FeatureParam<partition_alloc::StraightenLargerSlotSpanFreeListsMode>
kPartitionAllocStraightenLargerSlotSpanFreeListsMode;
BASE_EXPORT BASE_DECLARE_FEATURE_PARAM(
partition_alloc::StraightenLargerSlotSpanFreeListsMode,
kPartitionAllocStraightenLargerSlotSpanFreeListsMode);
BASE_EXPORT BASE_DECLARE_FEATURE(kPartitionAllocSortSmallerSlotSpanFreeLists);
BASE_EXPORT BASE_DECLARE_FEATURE(kPartitionAllocSortActiveSlotSpans);
@ -189,8 +187,9 @@ BASE_EXPORT BASE_DECLARE_FEATURE(kPageAllocatorRetryOnCommitFailure);
#endif
#if BUILDFLAG(IS_ANDROID) || BUILDFLAG(IS_CHROMEOS)
extern const base::FeatureParam<bool>
kPartialLowEndModeExcludePartitionAllocSupport;
BASE_EXPORT BASE_DECLARE_FEATURE_PARAM(
bool,
kPartialLowEndModeExcludePartitionAllocSupport);
#endif
BASE_EXPORT BASE_DECLARE_FEATURE(kEnableConfigurableThreadCacheMultiplier);
@ -211,18 +210,24 @@ BASE_EXPORT int GetThreadCacheMinCachedMemoryForPurgingBytes();
BASE_EXPORT BASE_DECLARE_FEATURE(kPartitionAllocDisableBRPInBufferPartition);
// This feature is additionally gated behind a buildflag because
// pool offset freelists cannot be represented when PartitionAlloc uses
// 32-bit pointers.
#if BUILDFLAG(USE_FREELIST_POOL_OFFSETS)
BASE_EXPORT BASE_DECLARE_FEATURE(kUsePoolOffsetFreelists);
#endif
// When set, partitions use a larger ring buffer and free memory less
// aggressively when in the foreground.
BASE_EXPORT BASE_DECLARE_FEATURE(kPartitionAllocAdjustSizeWhenInForeground);
} // namespace features
} // namespace base
// When enabled, uses a more nuanced heuristic to determine if slot
// spans can be treated as "single-slot."
//
// See also: https://crbug.com/333443437
BASE_EXPORT BASE_DECLARE_FEATURE(kPartitionAllocUseSmallSingleSlotSpans);
#if PA_CONFIG(ENABLE_SHADOW_METADATA)
using ShadowMetadataEnabledProcesses = internal::PAFeatureEnabledProcesses;
BASE_EXPORT BASE_DECLARE_FEATURE(kPartitionAllocShadowMetadata);
BASE_EXPORT BASE_DECLARE_FEATURE_PARAM(ShadowMetadataEnabledProcesses,
kShadowMetadataEnabledProcessesParam);
#endif // PA_CONFIG(ENABLE_SHADOW_METADATA)
} // namespace base::features
#endif // BASE_ALLOCATOR_PARTITION_ALLOC_FEATURES_H_

931
src/base/allocator/partition_alloc_support.cc
View file

File diff suppressed because it is too large Load diff

62
src/base/allocator/partition_alloc_support.h
View file

@ -9,20 +9,17 @@
#include <string>
#include "base/base_export.h"
#include "base/feature_list.h"
#include "base/memory/scoped_refptr.h"
#include "base/synchronization/lock.h"
#include "base/task/sequenced_task_runner.h"
#include "base/thread_annotations.h"
#include "partition_alloc/partition_alloc_buildflags.h"
#include "partition_alloc/buildflags.h"
#include "partition_alloc/partition_alloc_config.h"
#include "partition_alloc/thread_cache.h"
namespace base::allocator {
#if BUILDFLAG(USE_STARSCAN)
BASE_EXPORT void RegisterPCScanStatsReporter();
#endif
// Starts a periodic timer on the current thread to purge all thread caches.
BASE_EXPORT void StartThreadCachePeriodicPurge();
@ -40,13 +37,21 @@ BASE_EXPORT std::map<std::string, std::string> ProposeSyntheticFinchTrials();
BASE_EXPORT void InstallDanglingRawPtrChecks();
BASE_EXPORT void InstallUnretainedDanglingRawPtrChecks();
// Once called, makes `free()` do nothing. This is done to reduce
// shutdown hangs on CrOS.
// Does nothing if Dangling Pointer Detector (`docs/dangling_ptr.md`)
// is not active.
// Does nothing if allocator shim support is not built.
BASE_EXPORT void MakeFreeNoOp();
// Allows to re-configure PartitionAlloc at run-time.
class BASE_EXPORT PartitionAllocSupport {
public:
struct BrpConfiguration {
bool enable_brp = false;
bool in_slot_metadata_in_same_slot = false;
bool process_affected_by_brp_flag = false;
// TODO(https://crbug.com/371135823): Remove after the investigation.
size_t extra_extras_size = 0;
};
// Reconfigure* functions re-configure PartitionAlloc. It is impossible to
@ -81,10 +86,12 @@ class BASE_EXPORT PartitionAllocSupport {
void ReconfigureAfterTaskRunnerInit(const std::string& process_type);
// |has_main_frame| tells us if the renderer contains a main frame.
void OnForegrounded(bool has_main_frame);
// The default value is intended for other process types, where the parameter
// does not make sense.
void OnForegrounded(bool has_main_frame = false);
void OnBackgrounded();
#if BUILDFLAG(ENABLE_DANGLING_RAW_PTR_CHECKS)
#if PA_BUILDFLAG(ENABLE_DANGLING_RAW_PTR_CHECKS)
static std::string ExtractDanglingPtrSignatureForTests(
std::string stacktrace);
#endif
@ -100,6 +107,11 @@ class BASE_EXPORT PartitionAllocSupport {
// For calling from within third_party/blink/.
static bool ShouldEnableMemoryTaggingInRendererProcess();
// Returns true if PA advanced checks should be enabled if available for the
// given process type. May be called multiple times per process.
static bool ShouldEnablePartitionAllocWithAdvancedChecks(
const std::string& process_type);
private:
PartitionAllocSupport();
@ -112,12 +124,40 @@ class BASE_EXPORT PartitionAllocSupport {
std::string established_process_type_ GUARDED_BY(lock_) = "INVALID";
#if PA_CONFIG(THREAD_CACHE_SUPPORTED) && \
BUILDFLAG(USE_PARTITION_ALLOC_AS_MALLOC)
PA_BUILDFLAG(USE_PARTITION_ALLOC_AS_MALLOC)
size_t largest_cached_size_ =
::partition_alloc::ThreadCacheLimits::kDefaultSizeThreshold;
::partition_alloc::kThreadCacheDefaultSizeThreshold;
#endif
};
BASE_EXPORT BASE_DECLARE_FEATURE(kDisableMemoryReclaimerInBackground);
// Visible in header for testing.
class BASE_EXPORT MemoryReclaimerSupport {
public:
static MemoryReclaimerSupport& Instance();
MemoryReclaimerSupport();
~MemoryReclaimerSupport();
void Start(scoped_refptr<TaskRunner> task_runner);
void SetForegrounded(bool in_foreground);
void ResetForTesting();
bool has_pending_task_for_testing() const { return has_pending_task_; }
static TimeDelta GetInterval();
// Visible for testing
static constexpr base::TimeDelta kFirstPAPurgeOrReclaimDelay =
base::Minutes(1);
private:
void Run();
void MaybeScheduleTask(TimeDelta delay = TimeDelta());
scoped_refptr<TaskRunner> task_runner_;
bool in_foreground_ = true;
bool has_pending_task_ = false;
};
} // namespace base::allocator
#endif // BASE_ALLOCATOR_PARTITION_ALLOC_SUPPORT_H_

7
src/base/allocator/partition_allocator/.clang-tidy Normal file
View file

@ -0,0 +1,7 @@
---
Checks: 'google-build-namespaces,
readability-redundant-smartptr-get,
readability-static-accessed-through-instance'
InheritParentConfig: true
HeaderFilterRegex: 'partition_alloc/*'
...

8
src/base/allocator/partition_allocator/.gn Normal file
View file

@ -0,0 +1,8 @@
# Copyright 2024 The Chromium Authors
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
# This is partition_alloc root GN configuration. It is used when built as a
# standalone project. This is not used in production.
buildconfig = "//gn/BUILDCONFIG.gn"

8
src/base/allocator/partition_allocator/BUILD.gn
View file

@ -11,8 +11,14 @@ group("buildflags") {
public_deps = [ "src/partition_alloc:buildflags" ]
}
if (is_clang_or_gcc) {
if (use_partition_alloc && is_clang_or_gcc) {
group("partition_alloc") {
public_deps = [ "src/partition_alloc:partition_alloc" ]
}
}
if (use_allocator_shim) {
group("allocator_shim") {
public_deps = [ "src/partition_alloc:allocator_shim" ]
}
}

64
src/base/allocator/partition_allocator/DEPS
View file

@ -6,42 +6,52 @@
# project in order to be a standalone library.
noparent = True
include_rules = [
# `partition_alloc` can depends on itself, via the `include_dirs` it declares.
"+partition_alloc",
# Build flags to infer the architecture and operating system in use.
"+build/build_config.h",
"+build/buildflag.h",
]
# `partition_alloc` can depend only on itself, via its `include_dirs`.
include_rules = [ "+partition_alloc" ]
# TODO(crbug.com/40158212): Depending on what is tested, split the tests in
# between chromium and partition_alloc. Remove those exceptions:
specific_include_rules = {
".*_(perf|unit)test\.cc$": [
"+base/allocator/allocator_shim_default_dispatch_to_partition_alloc.h",
"+base/allocator/dispatcher/dispatcher.h",
"+base/debug/allocation_trace.h",
"+base/debug/debugging_buildflags.h",
"+base/debug/proc_maps_linux.h",
"+base/system/sys_info.h",
"+base/test/gtest_util.h",
"+base/timer/lap_timer.h",
"+base/win/windows_version.h",
# Dependencies on //testing:
".*_(perf|unit)?test.*\.(h|cc)": [
"+testing/gmock/include/gmock/gmock.h",
"+testing/gtest/include/gtest/gtest.h",
"+testing/perf/perf_result_reporter.h",
],
"extended_api\.cc$": [
"gtest_util.h": [
"+testing/gtest/include/gtest/gtest.h",
],
# Dependencies on //base:
"extended_api\.cc": [
"+base/allocator/allocator_shim_default_dispatch_to_partition_alloc.h",
],
"raw_(ptr|ref)_unittest\.cc$": [
"+base",
"+third_party/abseil-cpp/absl/types/optional.h",
"+third_party/abseil-cpp/absl/types/variant.h",
"partition_alloc_perftest\.cc": [
"+base/allocator/dispatcher/dispatcher.h",
"+base/debug/allocation_trace.h",
"+base/debug/debugging_buildflags.h",
"+base/timer/lap_timer.h",
],
"partition_lock_perftest\.cc": [
"+base/timer/lap_timer.h",
],
"raw_ptr_unittest\.cc": [
"+base/allocator/partition_alloc_features.h",
"+base/allocator/partition_alloc_support.h",
"+base/cpu.h",
"+base/debug/asan_service.h",
"+base/metrics/histogram_base.h",
"+base/test/bind.h",
"+base/test/gtest_util.h",
"+base/test/memory/dangling_ptr_instrumentation.h",
"+base/test/scoped_feature_list.h",
"+base/types/to_address.h",
],
"raw_ref_unittest\.cc": [
"+base/debug/asan_service.h",
"+base/memory/raw_ptr_asan_service.h",
"+base/test/gtest_util.h",
],
"raw_ptr_test_support\.h$": [
"+testing/gmock/include/gmock/gmock.h",
"+third_party/abseil-cpp/absl/types/optional.h",
]
}
# In the context of a module-level DEPS, the `deps` variable must be defined.

1
src/base/allocator/partition_allocator/OWNERS
View file

@ -1,4 +1,3 @@
bartekn@chromium.org
haraken@chromium.org
keishi@chromium.org
lizeb@chromium.org

249
src/base/allocator/partition_allocator/PRESUBMIT.py Normal file
View file

@ -0,0 +1,249 @@
# Copyright 2024 The Chromium Authors
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
"""Chromium presubmit script for base/allocator/partition_allocator.
See http://dev.chromium.org/developers/how-tos/depottools/presubmit-scripts
for more details on the presubmit API built into depot_tools.
"""
PRESUBMIT_VERSION = '2.0.0'
# This is the base path of the partition_alloc directory when stored inside the
# chromium repository. PRESUBMIT.py is executed from chromium.
_PARTITION_ALLOC_BASE_PATH = 'base/allocator/partition_allocator/src/'
# Pattern matching C/C++ source files, for use in allowlist args.
_SOURCE_FILE_PATTERN = r'.*\.(h|hpp|c|cc|cpp)$'
# Similar pattern, matching GN files.
_BUILD_FILE_PATTERN = r'.*\.(gn|gni)$'
# This is adapted from Chromium's PRESUBMIT.py. The differences are:
# - Base path: It is relative to the partition_alloc's source directory instead
# of chromium.
# - Stricter: A single format is allowed: `PATH_ELEM_FILE_NAME_H_`.
def CheckForIncludeGuards(input_api, output_api):
"""Check that header files have proper include guards"""
def guard_for_file(file):
local_path = file.LocalPath()
if input_api.is_windows:
local_path = local_path.replace('\\', '/')
assert local_path.startswith(_PARTITION_ALLOC_BASE_PATH)
guard = input_api.os_path.normpath(
local_path[len(_PARTITION_ALLOC_BASE_PATH):])
guard = guard + '_'
guard = guard.upper()
guard = input_api.re.sub(r'[+\\/.-]', '_', guard)
return guard
def is_partition_alloc_header_file(f):
# We only check header files.
return f.LocalPath().endswith('.h')
errors = []
for f in input_api.AffectedSourceFiles(is_partition_alloc_header_file):
expected_guard = guard_for_file(f)
# Unlike the Chromium's top-level PRESUBMIT.py, we enforce a stricter
# rule which accepts only `PATH_ELEM_FILE_NAME_H_` per coding style.
guard_name_pattern = input_api.re.escape(expected_guard)
guard_pattern = input_api.re.compile(r'#ifndef\s+(' +
guard_name_pattern + ')')
guard_name = None
guard_line_number = None
seen_guard_end = False
for line_number, line in enumerate(f.NewContents()):
if guard_name is None:
match = guard_pattern.match(line)
if match:
guard_name = match.group(1)
guard_line_number = line_number
continue
# The line after #ifndef should have a #define of the same name.
if line_number == guard_line_number + 1:
expected_line = '#define %s' % guard_name
if line != expected_line:
errors.append(
output_api.PresubmitPromptWarning(
'Missing "%s" for include guard' % expected_line,
['%s:%d' % (f.LocalPath(), line_number + 1)],
'Expected: %r\nGot: %r' % (expected_line, line)))
if not seen_guard_end and line == '#endif // %s' % guard_name:
seen_guard_end = True
continue
if seen_guard_end:
if line.strip() != '':
errors.append(
output_api.PresubmitPromptWarning(
'Include guard %s not covering the whole file' %
(guard_name), [f.LocalPath()]))
break # Nothing else to check and enough to warn once.
if guard_name is None:
errors.append(
output_api.PresubmitPromptWarning(
'Missing include guard in %s\n'
'Recommended name: %s\n' %
(f.LocalPath(), expected_guard)))
return errors
# In .gn and .gni files, check there are no unexpected dependencies on files
# located outside of the partition_alloc repository.
#
# This is important, because partition_alloc has no CQ bots on its own, but only
# through the chromium's CQ.
#
# Only //build_overrides/ is allowed, as it provides embedders, a way to
# overrides the default build settings and forward the dependencies to
# partition_alloc.
def CheckNoExternalImportInGn(input_api, output_api):
# Match and capture <path> from import("<path>").
import_re = input_api.re.compile(r'^ *import\("([^"]+)"\)')
sources = lambda affected_file: input_api.FilterSourceFile(
affected_file,
files_to_skip=[],
files_to_check=[_BUILD_FILE_PATTERN])
errors = []
for f in input_api.AffectedSourceFiles(sources):
for line_number, line in f.ChangedContents():
match = import_re.search(line)
if not match:
continue
import_path = match.group(1)
if import_path.startswith('//build_overrides/'):
continue
if not import_path.startswith('//'):
continue;
errors.append(output_api.PresubmitError(
'%s:%d\nPartitionAlloc disallow external import: %s' %
(f.LocalPath(), line_number + 1, import_path)))
return errors;
# partition_alloc still supports C++17, because Skia still uses C++17.
def CheckCpp17CompatibleHeaders(input_api, output_api):
CPP_20_HEADERS = [
"barrier",
"bit",
#"compare", Three-way comparison may be used under appropriate guards.
"format",
"numbers",
"ranges",
"semaphore",
"source_location",
"span",
"stop_token",
"syncstream",
"version",
]
CPP_23_HEADERS = [
"expected",
"flat_map",
"flat_set",
"generator",
"mdspan",
"print",
"spanstream",
"stacktrace",
"stdatomic.h",
"stdfloat",
]
sources = lambda affected_file: input_api.FilterSourceFile(
affected_file,
# compiler_specific.h may use these headers in guarded ways.
files_to_skip=[
r'.*partition_alloc_base/augmentations/compiler_specific\.h'
],
files_to_check=[_SOURCE_FILE_PATTERN])
errors = []
for f in input_api.AffectedSourceFiles(sources):
# for line_number, line in f.ChangedContents():
for line_number, line in enumerate(f.NewContents()):
for header in CPP_20_HEADERS:
if not "#include <%s>" % header in line:
continue
errors.append(
output_api.PresubmitError(
'%s:%d\nPartitionAlloc disallows C++20 headers: <%s>'
% (f.LocalPath(), line_number + 1, header)))
for header in CPP_23_HEADERS:
if not "#include <%s>" % header in line:
continue
errors.append(
output_api.PresubmitError(
'%s:%d\nPartitionAlloc disallows C++23 headers: <%s>'
% (f.LocalPath(), line_number + 1, header)))
return errors
def CheckCpp17CompatibleKeywords(input_api, output_api):
CPP_20_KEYWORDS = [
"concept",
"consteval",
"constinit",
"co_await",
"co_return",
"co_yield",
"requires",
"std::hardware_",
"std::is_constant_evaluated",
"std::bit_cast",
"std::midpoint",
"std::to_array",
]
# Note: C++23 doesn't introduce new keywords.
sources = lambda affected_file: input_api.FilterSourceFile(
affected_file,
# compiler_specific.h may use these keywords in guarded macros.
files_to_skip=[r'.*partition_alloc_base/compiler_specific\.h'],
files_to_check=[_SOURCE_FILE_PATTERN])
errors = []
for f in input_api.AffectedSourceFiles(sources):
for line_number, line in f.ChangedContents():
for keyword in CPP_20_KEYWORDS:
if not keyword in line:
continue
# Skip if part of a comment
if '//' in line and line.index('//') < line.index(keyword):
continue
# Make sure there are word separators around the keyword:
regex = r'\b%s\b' % keyword
if not input_api.re.search(regex, line):
continue
errors.append(
output_api.PresubmitError(
'%s:%d\nPartitionAlloc disallows C++20 keywords: %s'
% (f.LocalPath(), line_number + 1, keyword)))
return errors
# Check `NDEBUG` is not used inside partition_alloc. We prefer to use the
# buildflags `#if PA_BUILDFLAG(IS_DEBUG)` instead.
def CheckNoNDebug(input_api, output_api):
sources = lambda affected_file: input_api.FilterSourceFile(
affected_file,
files_to_skip=[],
files_to_check=[_SOURCE_FILE_PATTERN])
errors = []
for f in input_api.AffectedSourceFiles(sources):
for line_number, line in f.ChangedContents():
if 'NDEBUG' in line:
errors.append(output_api.PresubmitError('%s:%d\nPartitionAlloc'
% (f.LocalPath(), line_number + 1)
+ 'disallows NDEBUG, use PA_BUILDFLAG(IS_DEBUG) instead'))
return errors

83
src/base/allocator/partition_allocator/PRESUBMIT_test.py Executable file
View file

@ -0,0 +1,83 @@
#!/usr/bin/env python3
# Copyright 2024 The Chromium Authors
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
import os
import sys
import unittest
import PRESUBMIT
# Append chrome source root to import `PRESUBMIT_test_mocks.py`.
sys.path.append(
os.path.dirname(
os.path.dirname(
os.path.dirname(os.path.dirname(os.path.abspath(__file__))))))
from PRESUBMIT_test_mocks import MockAffectedFile, MockInputApi, MockOutputApi
_PARTITION_ALLOC_BASE_PATH = 'base/allocator/partition_allocator/src/'
class PartitionAllocIncludeGuardsTest(unittest.TestCase):
def _CheckForIncludeGuardsWithMock(self, filename, lines):
mock_input_api = MockInputApi()
mock_input_api.files = [MockAffectedFile(filename, lines)]
mock_output_api = MockOutputApi()
return PRESUBMIT.CheckForIncludeGuards(mock_input_api, mock_output_api)
def testExpectedGuardNameDoesNotError(self):
lines = [
'#ifndef PARTITION_ALLOC_RANDOM_H_',
'#define PARTITION_ALLOC_RANDOM_H_',
'#endif // PARTITION_ALLOC_RANDOM_H_'
]
errors = self._CheckForIncludeGuardsWithMock(
_PARTITION_ALLOC_BASE_PATH + 'partition_alloc/random.h', lines)
self.assertEqual(0, len(errors))
def testMissingGuardErrors(self):
lines = []
errors = self._CheckForIncludeGuardsWithMock(
_PARTITION_ALLOC_BASE_PATH + 'partition_alloc/random.h', lines)
self.assertEqual(1, len(errors))
self.assertIn('Missing include guard', errors[0].message)
self.assertIn('Recommended name: PARTITION_ALLOC_RANDOM_H_',
errors[0].message)
def testMissingGuardInNonHeaderFileDoesNotError(self):
lines = []
errors = self._CheckForIncludeGuardsWithMock(
_PARTITION_ALLOC_BASE_PATH + 'partition_alloc/random.cc', lines)
self.assertEqual(0, len(errors))
def testGuardNotCoveringWholeFileErrors(self):
lines = [
'#ifndef PARTITION_ALLOC_RANDOM_H_',
'#define PARTITION_ALLOC_RANDOM_H_',
'#endif // PARTITION_ALLOC_RANDOM_H_',
'int oh_i_forgot_to_guard_this;'
]
errors = self._CheckForIncludeGuardsWithMock(
_PARTITION_ALLOC_BASE_PATH + 'partition_alloc/random.h', lines)
self.assertEqual(1, len(errors))
self.assertIn('not covering the whole file', errors[0].message)
def testMissingDefineInGuardErrors(self):
lines = [
'#ifndef PARTITION_ALLOC_RANDOM_H_',
'int somehow_put_here;'
'#define PARTITION_ALLOC_RANDOM_H_',
'#endif // PARTITION_ALLOC_RANDOM_H_',
]
errors = self._CheckForIncludeGuardsWithMock(
_PARTITION_ALLOC_BASE_PATH + 'partition_alloc/random.h', lines)
self.assertEqual(1, len(errors))
self.assertIn(
'Missing "#define PARTITION_ALLOC_RANDOM_H_" for include guard',
errors[0].message)
if __name__ == '__main__':
unittest.main()

12
src/base/allocator/partition_allocator/PartitionAlloc.md
View file

@ -111,7 +111,7 @@ partition page that holds metadata (32B struct per partition page).
* Although only five colors are shown, in reality, a super page holds
tens of slot spans, some of which belong to the same bucket.
* The system page that holds metadata tracks each partition page with one 32B
[`PartitionPage` struct][PartitionPage], which is either
[`PartitionPageMetadata` struct][PartitionPage], which is either
* a [`SlotSpanMetadata`][SlotSpanMetadata] ("v"s in the diagram) or
* a [`SubsequentPageMetadata`][SubsequentPageMetadata] ("+"s in the
diagram).
@ -119,7 +119,7 @@ partition page that holds metadata (32B struct per partition page).
of each super page).
* In some configurations, PartitionAlloc stores more metadata than can
fit in the one system page at the front. These are the bitmaps for
StarScan and `MTECheckedPtr<T>`, and they are relegated to the head of
`MTECheckedPtr<T>`, and they are relegated to the head of
what would otherwise be usable space for slot spans. One, both, or
none of these bitmaps may be present, depending on build
configuration, runtime configuration, and type of allocation.
@ -197,7 +197,7 @@ the inaccuracy can't happen in the other direction, i.e. an active span can only
be on the active list, and an empty span can only be on the active or empty
list.
[PartitionPage]: https://source.chromium.org/chromium/chromium/src/+/main:base/allocator/partition_allocator/src/partition_alloc/partition_page.h;l=314;drc=e5b03e85ea180d1d1ab0dec471c7fd5d1706a9e4
[SlotSpanMetadata]: https://source.chromium.org/chromium/chromium/src/+/main:base/allocator/partition_allocator/src/partition_alloc/partition_page.h;l=120;drc=e5b03e85ea180d1d1ab0dec471c7fd5d1706a9e4
[SubsequentPageMetadata]: https://source.chromium.org/chromium/chromium/src/+/main:base/allocator/partition_allocator/src/partition_alloc/partition_page.h;l=295;drc=e5b03e85ea180d1d1ab0dec471c7fd5d1706a9e4
[payload-start]: https://source.chromium.org/chromium/chromium/src/+/35b2deed603dedd4abb37f204d516ed62aa2b85c:base/allocator/partition_allocator/src/partition_alloc/partition_page.h;l=454
[PartitionPage]: https://source.chromium.org/search?q=-file:third_party/(angle|dawn)%20class:PartitionPageMetadata%20file:partition_page.h&ss=chromium
[SlotSpanMetadata]: https://source.chromium.org/search?q=-file:third_party/(angle|dawn)%20class:SlotSpanMetadata%20file:partition_page.h&ss=chromium
[SubsequentPageMetadata]: https://source.chromium.org/search?q=-file:third_party/(angle|dawn)%20class:SubsequentPageMetadata%20file:partition_page.h&ss=chromium
[payload-start]: https://source.chromium.org/search?q=-file:third_party%2F(angle%7Cdawn)%20content:SuperPagePayloadBegin%20file:partition_page.h&ss=chromium

9
src/base/allocator/partition_allocator/build_overrides/build.gni
View file

@ -1,9 +0,0 @@
# Copyright 2022 The Chromium Authors
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
# This file will be used to check out PartitionAlloc and to build it as
# standalone library. In this case, PartitionAlloc needs to define
# build_with_chromium. If building PartitionAlloc as a part of chromium,
# chromium will provide build_with_chromium=true.
build_with_chromium = false

9
src/base/allocator/partition_allocator/build_overrides/partition_alloc.gni
View file

@ -2,7 +2,8 @@
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
import("//build_overrides/build.gni")
# By definition, PartitionAlloc standalone builds outside of chromium.
build_with_chromium = false
# This is the default build configuration when building PartitionAlloc
# as a standalone library.
@ -14,9 +15,13 @@ use_allocator_shim_default = false
enable_backup_ref_ptr_support_default = false
enable_backup_ref_ptr_slow_checks_default = false
enable_dangling_raw_ptr_checks_default = false
assert_cpp20_default = true
enable_ios_corruption_hardening_default = false
# This is the default build configuration for pointers/raw_ptr*.
raw_ptr_zero_on_construct_default = true
raw_ptr_zero_on_move_default = true
raw_ptr_zero_on_destruct_default = false
# PartitionAlloc needs to support cpp17 for standalone builds, as long as Skia
# supports it.
assert_cpp20_default = false

4
src/base/allocator/partition_allocator/external_builds.md
View file

@ -36,9 +36,9 @@ implementation of `raw_ptr<T>`.
PartitionAlloc provides APIs to
* reclaim memory (see [memory\_reclaimer.h](./memory_reclaimer.h)) and
* reclaim memory (see `memory_reclaimer.h`) and
* purge thread caches (see [thread\_cache.h](./thread_cache.h)).
* purge thread caches (see `thread_cache.h`).
Both of these must be called by the embedder external to PartitionAlloc.
PA provides neither an event loop nor timers of its own, delegating this

6
src/base/allocator/partition_allocator/glossary.md
View file

@ -169,7 +169,7 @@ tracking a non-contiguous set of allocations using a bitmap.
The usable area of a super page in which slot spans
reside. While generally this means "everything between the first
and last guard partition pages in a super page," the presence of
other metadata (e.g. StarScan bitmaps) can bump the starting offset
other metadata can bump the starting offset
forward. While this term is entrenched in the code, the team
considers it suboptimal and is actively looking for a replacement.
@ -239,7 +239,7 @@ As of 2022, PartitionAlloc-Everywhere is supported on
* macOS
* Fuchsia
[max-bucket-comment]: https://source.chromium.org/chromium/chromium/src/+/main:base/allocator/partition_allocator/src/partition_alloc/partition_alloc_constants.h;l=345;drc=667e6b001f438521e1c1a1bc3eabeead7aaa1f37
[pa-thread-cache]: https://source.chromium.org/chromium/chromium/src/+/main:base/allocator/partition_allocator/src/partition_alloc/thread_cache.h
[max-bucket-comment]: https://source.chromium.org/search?q=-file:third_party%2F(angle%7Cdawn)%20file:partition_alloc_constants.h%20symbol:kMaxBucketed$&ss=chromium
[pa-thread-cache]: https://source.chromium.org/search?q=-file:third_party%2F(angle%7Cdawn)%20file:partition_alloc/thread_cache.h&ss=chromium
[v8-sandbox]: https://docs.google.com/document/d/1FM4fQmIhEqPG8uGp5o9A-mnPB5BOeScZYpkHjo0KKA8/preview#
[v8-cfi]: https://docs.google.com/document/d/1O2jwK4dxI3nRcOJuPYkonhTkNQfbmwdvxQMyXgeaRHo/preview#

106
src/base/allocator/partition_allocator/gn/BUILDCONFIG.gn Normal file
View file

@ -0,0 +1,106 @@
# Copyright 2024 The Chromium Authors
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
# This is the BUILDCONFIG for building partition_alloc as a standalone project.
#
# The config is based on:
# - skia: //gn/BUILDCONFIG.gn
# - chromium: //build/config/BUILDCONFIG.gn
build_with_chromium = false
is_asan = false
# It's best to keep the names and defaults of is_foo flags consistent with:
# - Chrome
# - Skia.
declare_args() {
is_official_build = false
is_component_build = false
dcheck_always_on = true
}
declare_args() {
is_debug = !is_official_build
}
# Platform detection defaults:
if (target_os == "") {
target_os = host_os
}
if (current_os == "") {
current_os = target_os
}
if (target_cpu == "") {
target_cpu = host_cpu
}
if (target_cpu == "x86_64") {
target_cpu = "x64"
}
if (current_cpu == "") {
current_cpu = target_cpu
}
is_android = current_os == "android"
is_chromeos = false
is_fuchsia = current_os == "fuchsia"
is_ios = current_os == "ios"
is_linux = current_os == "linux"
is_mac = current_os == "mac"
is_nacl = false
is_win = current_os == "win" || current_os == "winuwp"
is_cast_android = false
is_castos = false
is_cronet_build = false
enable_expensive_dchecks = false
dcheck_is_configurable = false
can_unwind_with_frame_pointers = false
is_posix = !is_win && !is_fuchsia
is_apple = is_mac || is_ios
# TODO(crbug.com/41481467): Consider expanding the standalone configuration for
# additional OSes.
assert(is_linux, "PartitionAlloc standalone only support Linux for now")
is_clang = true
# A component is either:
# - A static library (is_component_build=false)
# - A shared library (is_component_build=true)
template("component") {
if (is_component_build) {
_component_mode = "shared_library"
} else {
_component_mode = "static_library"
}
target(_component_mode, target_name) {
forward_variables_from(invoker, "*")
}
}
# Default configs
default_configs = [
"//gn/partition_alloc:default",
"//gn/partition_alloc:no_exceptions",
"//gn/partition_alloc:no_rtti",
]
if (!is_debug) {
default_configs += [
"//gn/partition_alloc:optimize",
"//gn/partition_alloc:NDEBUG",
]
}
# GCC-like toolchains, including Clang.
set_default_toolchain("//gn/toolchain:clang")
default_toolchain_name = "clang"
set_defaults("source_set") {
configs = default_configs
}
set_defaults("component") {
configs = default_configs
}

2
src/base/allocator/partition_allocator/gn/OWNERS Normal file
View file

@ -0,0 +1,2 @@
arthursonzogni@chromium.org
tasak@google.com

33
src/base/allocator/partition_allocator/gn/README.md Normal file
View file

@ -0,0 +1,33 @@
# PartitionAlloc standalone GN config
This directory contains a GN configuration to build partition_alloc as a
standalone library.
This is not an official product that is supported by the Chromium project. There
are no guarantees that this will work in the future, or that it will work in
all configurations. There are no commit queue or trybots using it.
This is useful for verifying that partition_alloc can be built as a library, and
discover the formal dependencies that partition_alloc has on the rest of the
Chromium project. This is not intended to be used in production code, and is not
This is also provided as a convenience for chromium developers working on
partition_alloc who want to iterate on partition_alloc without having to build
the entire Chromium project.
/!\ This is under construction. /!\
## Building
```sh
gn gen out/Default
autoninja -C out/Default
```
## Supported configurations:
### Platforms
- Linux
### Toolchains
- Clang

25
src/base/allocator/partition_allocator/gn/cp.py Executable file
View file

@ -0,0 +1,25 @@
#!/usr/bin/env python3
# Copyright 2024 The Chromium Authors
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
# Copied from Skia's //gn/cp.py
import os
import shutil
import sys
src, dst = sys.argv[1:]
if os.path.exists(dst):
if os.path.isdir(dst):
shutil.rmtree(dst)
else:
os.remove(dst)
if os.path.isdir(src):
shutil.copytree(src, dst)
else:
shutil.copy2(src, dst)
#work around https://github.com/ninja-build/ninja/issues/1554
os.utime(dst, None)

45
src/base/allocator/partition_allocator/gn/partition_alloc/BUILD.gn Normal file
View file

@ -0,0 +1,45 @@
# Copyright 2024 The Chromium Authors
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
config("default") {
asmflags = []
cflags = []
cflags = [
"-Wno-return-type", # TODO(crbug.com/41481467): Fix this warning.
"-Wno-invalid-offsetof", # TODO(crbug.com/41481467): Fix this warning.
"-fstrict-aliasing",
"-fPIC",
"-fvisibility=hidden",
]
cflags_cc = [
"-std=c++17",
"-fvisibility-inlines-hidden",
]
cflags_objcc = cflags_cc
defines = []
ldflags = []
libs = [ "pthread" ]
# TODO(crbug.com/41481467): Consider creating a bot running partition_alloc
# with extra flags enforced only in the standalone configuration. Then we can
# remove the extra warnings when embedded.
}
config("no_exceptions") {
cflags_cc = [ "-fno-exceptions" ]
cflags_objcc = cflags_cc
}
config("no_rtti") {
cflags_cc = [ "-fno-rtti" ]
cflags_objcc = cflags_cc
}
config("optimize") {
cflags = [ "-O3" ]
}
config("NDEBUG") {
defines = [ "NDEBUG" ]
}

18
src/base/allocator/partition_allocator/gn/rm.py Executable file
View file

@ -0,0 +1,18 @@
#!/usr/bin/env python3
# Copyright 2024 The Chromium Authors
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
# Copied from Skia's //gn/rm.py
import os
import shutil
import sys
dst, = sys.argv[1:]
if os.path.exists(dst):
if os.path.isdir(dst):
shutil.rmtree(dst)
else:
os.remove(dst)

61
src/base/allocator/partition_allocator/gn/toolchain/BUILD.gn Normal file
View file

@ -0,0 +1,61 @@
# Copyright 2024 The Chromium Authors
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
toolchain("clang") {
ar = "llvm-ar"
cc = "clang"
cxx = "clang++"
link = "clang++"
tool("cc") {
depfile = "{{output}}.d"
command = "$cc -MD -MF $depfile {{defines}} {{include_dirs}} {{cflags}} {{cflags_c}} -c {{source}} -o {{output}}"
depsformat = "gcc"
outputs =
[ "{{source_out_dir}}/{{target_output_name}}.{{source_name_part}}.o" ]
description = "CC {{source}}"
}
tool("cxx") {
depfile = "{{output}}.d"
command = "$cxx -MD -MF $depfile {{defines}} {{include_dirs}} {{cflags}} {{cflags_cc}} -c {{source}} -o {{output}}"
depsformat = "gcc"
outputs =
[ "{{source_out_dir}}/{{target_output_name}}.{{source_name_part}}.o" ]
description = "CXX {{source}}"
}
tool("alink") {
rspfile = "{{output}}.rsp"
rspfile_content = "{{inputs}}"
rm_py = rebase_path("../rm.py")
command =
"python3 \"$rm_py\" \"{{output}}\" && $ar rcs {{output}} @$rspfile"
outputs = [ "{{root_out_dir}}/{{target_output_name}}{{output_extension}}" ]
default_output_extension = ".a"
output_prefix = "lib"
description = "LINK (static) {{output}}"
}
tool("solink") {
soname = "{{target_output_name}}{{output_extension}}"
rpath = "-Wl,-soname,$soname"
rspfile = "{{output}}.rsp"
rspfile_content = "{{inputs}}"
command = "$link -shared {{ldflags}} @$rspfile {{frameworks}} {{solibs}} {{libs}} $rpath -o {{output}}"
outputs = [ "{{root_out_dir}}/$soname" ]
output_prefix = "lib"
default_output_extension = ".so"
description = "LINK (shared) {{output}}"
}
tool("stamp") {
command = "touch {{output}}"
description = "STAMP {{output}}"
}
}

285
src/base/allocator/partition_allocator/partition_alloc.gni
View file

@ -2,10 +2,58 @@
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
import("//build/config/cronet/config.gni")
import("//build/config/sanitizers/sanitizers.gni")
import("//build_overrides/partition_alloc.gni")
# -----------------------------------------------------------------------------
# Note on the use of `xxx_default` variable in partition_alloc.
#
# GN provides default_args() instruction. It is meant to be used by embedders,
# to override the default args declared by the embeddees (e.g. partition_alloc).
# This is the intended way to use GN. It properly interacts with the args.gn
# user's file.
#
# Unfortunately, Chrome and others embedders aren't using it. Instead, they
# expect embeddees to import global '.gni' file from the embedder, e.g.
# `//build_overrides/partition_alloc.gni`. This file sets some `xxx_default`
# variable that will be transferred to the declared args. For instance
# a library would use:
# ```
# import("//build_overrides/library.gni")
# declare_args() {
# xxx = xxx_default
# }
# ```
#
# We don't really want to break embedders when introducing new args. Ideally,
# We would have liked to have defaults for default variables. That would be
# a recursive problem. To resolve it, we sometimes use the `defined(...)`
# instruction to check if the embedder has defined the `xxx_default` variable or
# not.
#
# In general, we should aim to support the embedders that are using GN normally,
# and avoid requiring them to define `xxx_default` in the `//build_overrides`
# -----------------------------------------------------------------------------
# Some embedders uses `is_debug`, it can be used to set the default value of
# `partition_alloc_is_debug_default`.
if (!defined(partition_alloc_is_debug_default)) {
if (defined(is_debug)) {
partition_alloc_is_debug_default = is_debug
} else {
partition_alloc_is_debug_default = false
}
}
# Some embedders uses `dcheck_always_on`, it can be used to set the default
# value of `partition_alloc_dcheck_always_on_default`.
if (!defined(partition_alloc_dcheck_always_on_default)) {
if (defined(dcheck_always_on)) {
partition_alloc_dcheck_always_on_default = dcheck_always_on
} else {
partition_alloc_dcheck_always_on_default = false
}
}
# PartitionAlloc have limited support for MSVC's cl.exe compiler. It can only
# access the generate "buildflags" and the "raw_ptr" definitions implemented
# with RawPtrNoOpImpl. Everything else is considered not supported.
@ -30,8 +78,16 @@ if (is_nacl) {
assert(false, "Unknown CPU: $current_cpu")
}
# Increases the size of the empty slot span ring.
use_large_empty_slot_span_ring = is_mac
# Makes the number of empty slot spans that can remain committed larger in
# foreground mode compared to background mode
# (see `PartitionRoot::AdjustFor(Background|Foreground)`).
#
# Foreground/background modes are used by default on macOS and Windows so this
# must be true on these platforms. It's also true on other platforms to allow
# experiments.
#
# TODO(crbug.com/329199197): Clean this up when experiments are complete.
use_large_empty_slot_span_ring = true
# Disables for Android ARM64 because it actually requires API 31+.
# See partition_alloc/tagging.cc:
@ -42,6 +98,12 @@ has_memory_tagging =
current_cpu == "arm64" && is_clang && !is_asan && is_linux && current_os != "openwrt"
declare_args() {
# Debug configuration.
partition_alloc_is_debug = partition_alloc_is_debug_default
# Enable PA_DCHECKs in PartitionAlloc in release mode.
partition_alloc_dcheck_always_on = partition_alloc_dcheck_always_on_default
# Causes all the allocations to be routed via allocator_shim.cc. Usually,
# the allocator shim will, in turn, route them to PartitionAlloc, but
# other allocators are also supported by the allocator shim.
@ -79,42 +141,63 @@ if (is_nacl) {
}
declare_args() {
# Turns on compiler optimizations in PartitionAlloc in Debug build.
# If enabling PartitionAlloc-Everywhere in Debug build for tests in Debug
# build, since all memory allocations and deallocations are executed by
# non-optimized PartitionAlloc, chrome (including tests) will be much
# slower. This will cause debug trybots' timeouts. If we want to debug
# PartitionAlloc itself, use partition_alloc_optimized_debug=false.
# Otherwise, use partition_alloc_optimized_debug=true to enable optimized
# PartitionAlloc.
partition_alloc_optimized_debug = true
# PartitionAlloc-Everywhere (PA-E). Causes allocator_shim.cc to route
# calls to PartitionAlloc, rather than some other platform allocator.
use_partition_alloc_as_malloc = use_partition_alloc && use_allocator_shim &&
use_partition_alloc_as_malloc_default
}
assert(!use_allocator_shim || (is_android || is_apple || is_chromeos ||
is_fuchsia || is_linux || is_win),
"The allocator shim does not (yet) support the platform.")
declare_args() {
# Whether PartitionAlloc dispatch can be replaced with another dispatch with
# some more safety checks at runtime or not. When true, the allocator shim
# provides an extended API to swap PartitionAlloc.
enable_allocator_shim_partition_alloc_dispatch_with_advanced_checks_support =
use_partition_alloc_as_malloc
}
declare_args() {
# This is a flag for binary experiment on iOS. When BRP for iOS is enabled,
# we see some un-actionable `DoubleFreeOrCorruptionDetected` crashes.
# This flag enables some extra `CHECK`s to get actionable crash reports.
# TODO(crbug.com/371135823): Remove upon completion of investigation.
enable_ios_corruption_hardening = use_partition_alloc_as_malloc && is_ios &&
enable_ios_corruption_hardening_default
}
assert(
!enable_allocator_shim_partition_alloc_dispatch_with_advanced_checks_support || use_partition_alloc_as_malloc,
"PartitionAlloc with advanced checks requires PartitionAlloc itself.")
assert(!use_allocator_shim || !is_nacl,
"The allocator shim supports every platform, except nacl")
if (use_allocator_shim && is_win) {
# It's hard to override CRT's malloc family in every case in the component
# build, and it's very easy to override it partially and to be inconsistent
# among allocations and deallocations. Then, we'll crash when PA deallocates
# a memory region allocated by the CRT's malloc or vice versa.
assert(!is_component_build,
"The allocator shim doesn't work for the component build on Windows.")
# Since PartitionAlloc depends on libc++, it is difficult to link libc++.dll
# with PartitionAlloc to replace its allocator with PartitionAlloc.
# If using libcxx_is_shared=true,
# a. since inline methods or inline functions defined in some libc++ headers,
# e.g. vector, use new, malloc(), and so on, the memory allocation will
# be done inside a client code.
# b. on the other hand, libc++.dll deallocates the memory allocated by the
# inline methods or inline functions. It will not be run inside the client
# code.
# So a.'s allocation is done by PartitionAlloc, but b.'s deallocation is
# done by system allocator. This will cause heap check failure (WinHeap
# doesn't know PartitionAlloc) and crash.
# If libcxx_is_shared=false, libc++ is a static library. All libc++ code
# will be run inside the client. The above issue will disappear.
assert(
!is_component_build || (!libcxx_is_shared && !partition_alloc_is_debug),
"The allocator shim for the Windows component build needs !libcxx_is_shared && !partition_alloc_is_debug.")
}
declare_args() {
use_freeslot_bitmap = false
# Puts the regular and BRP pools right next to each other, so that we can
# check "belongs to one of the two pools" with a single bitmask operation.
glue_core_pools = false
# Introduces pointer compression support in PA. These are 4-byte
# pointers that can point within the core pools (regular and BRP).
#
@ -136,6 +219,23 @@ declare_args() {
# through malloc. Useful for using with tools that intercept malloc, e.g.
# heaptrack.
forward_through_malloc = false
# Enable reentrancy checks at `partition_alloc::internal::Lock`.
# TODO(crbug.com/371135823): Remove upon completion of investigation.
enable_partition_lock_reentrancy_check = enable_ios_corruption_hardening
# This will write a fixed cookie pattern at the end of each allocation, and
# later verify the pattern remain unchanged to ensure there is no OOB write.
# It comes with performance and memory cost, hence enabled only in debug.
use_partition_cookie =
partition_alloc_is_debug || partition_alloc_dcheck_always_on ||
enable_ios_corruption_hardening
# This will change partition cookie size to 4B or 8B, whichever equivalent to
# size of InSlotMetadata. This option is useful for InSlotMetadata corruption
# investigation.
# TODO(crbug.com/371135823): Remove upon completion of investigation.
smaller_partition_cookie = enable_ios_corruption_hardening
}
declare_args() {
@ -161,6 +261,14 @@ assert(!enable_pointer_compression_support || glue_core_pools,
"Pointer compression relies on core pools being contiguous.")
declare_args() {
# We want to use RawPtrBackupRefImpl as the raw_ptr<> implementation
# iff BRP support is enabled. However, for purpose of performance
# investigations we want to be able to control each separately.
#
# TEST ONLY! Don't touch unless you think you know what you're doing. Play
# with enable_backup_ref_ptr_support instead.
use_raw_ptr_backup_ref_impl = enable_backup_ref_ptr_support
# Make explicit calls to ASAN at runtime, e.g. to mark quarrantined memory
# as poisoned. Allows ASAN to tell if a particular memory error is protected
# by BRP in its reports.
@ -173,12 +281,12 @@ declare_args() {
(is_win || is_android || is_linux || is_mac || is_chromeos)
# Use probe-on-destruct unowned ptr detection with ASAN.
use_asan_unowned_ptr = false
use_raw_ptr_asan_unowned_impl = false
}
# Use the version of raw_ptr<T> that allows the embedder to implement custom
# logic.
use_hookable_raw_ptr = use_asan_backup_ref_ptr
use_raw_ptr_hookable_impl = use_asan_backup_ref_ptr
declare_args() {
# - enable_backup_ref_ptr_slow_checks: enable additional safety checks that
@ -197,27 +305,44 @@ declare_args() {
# Enable the feature flag required to activate backup ref pointers. That is to
# say `PartitionAllocBackupRefPtr`.
#
# This is meant to be used primarily on bots. It is much easier to override
# the feature flags using a binary flag instead of updating multiple bots's
# scripts to pass command line arguments.
enable_backup_ref_ptr_feature_flag = false
# This is meant to be modified primarily on bots. It is much easier to
# override the feature flags using a binary flag instead of updating multiple
# bots's scripts to pass command line arguments.
#
# TODO(328104161): Remove this flag.
enable_backup_ref_ptr_feature_flag =
enable_backup_ref_ptr_support && use_raw_ptr_backup_ref_impl &&
# Platforms where BackupRefPtr hasn't shipped yet:
!is_castos && !is_ios
# While keeping BRP support, override a feature flag to make it disabled
# state. This will overwrite `enable_backup_ref_ptr_feature_flag`.
# TODO(https://crbug.com/372183586): Fix the bug and remove this arg.
force_disable_backup_ref_ptr_feature =
enable_backup_ref_ptr_support && enable_ios_corruption_hardening
# Build support for Dangling Ptr Detection (DPD) via BackupRefPtr (BRP),
# making the raw_ptr<T> implementation to RawPtrBackupRefImpl if active.
enable_dangling_raw_ptr_checks =
enable_dangling_raw_ptr_checks_default && enable_backup_ref_ptr_support
# Enable the feature flag required to check for dangling pointers. That is to
# say `PartitionAllocDanglingPtr`.
#
# This is meant to be used primarily on bots. It is much easier to override
# the feature flags using a binary flag instead of updating multiple bots's
# scripts to pass command line arguments.
enable_dangling_raw_ptr_feature_flag = false
enable_dangling_raw_ptr_checks_default && enable_backup_ref_ptr_support &&
use_raw_ptr_backup_ref_impl
enable_backup_ref_ptr_instance_tracer = false
backup_ref_ptr_extra_oob_checks = enable_backup_ref_ptr_support
backup_ref_ptr_extra_oob_checks =
enable_backup_ref_ptr_support && use_raw_ptr_backup_ref_impl
}
declare_args() {
# Enable the feature flag required to check for dangling pointers. That is to
# say `PartitionAllocDanglingPtr`.
#
# This is meant to be modified primarily on bots. It is much easier to
# override the feature flags using a binary flag instead of updating multiple
# bots's scripts to pass command line arguments.
#
# TODO(328104161): Remove this flag.
enable_dangling_raw_ptr_feature_flag = enable_dangling_raw_ptr_checks
}
declare_args() {
@ -228,7 +353,7 @@ declare_args() {
declare_args() {
# Shadow metadata is still under development and only supports Linux
# for now.
enable_shadow_metadata = false
enable_shadow_metadata = is_linux && has_64_bit_pointers
}
declare_args() {
@ -241,35 +366,44 @@ declare_args() {
use_full_mte = false
}
# *Scan is currently only used by Chromium, and supports only 64-bit.
use_starscan = build_with_chromium && has_64_bit_pointers
pcscan_stack_supported =
use_starscan &&
(current_cpu == "x64" || current_cpu == "x86" || current_cpu == "arm" ||
current_cpu == "arm64" || current_cpu == "riscv64")
stack_scan_supported =
current_cpu == "x64" || current_cpu == "x86" || current_cpu == "arm" ||
current_cpu == "arm64" || current_cpu == "riscv64"
# We want to provide assertions that guard against inconsistent build
# args, but there is no point in having them fire if we're not building
# PartitionAlloc at all. If `use_partition_alloc` is false, we jam all
# related args to `false`.
#
# We also disable PA-Everywhere and PA-based features in two types of
# toolchains:
# - Toolchains that disable PA-Everywhere explicitly.
# - The rust host build tools toochain, which builds DLLs to dlopen into the
# compiler for proc macros. We would want any allocations to use the same
# paths as the compiler.
#
# Do not clear the following, as they can function outside of PartitionAlloc
# - has_64_bit_pointers
# - has_memory_tagging
if (!use_partition_alloc) {
if (!use_partition_alloc ||
(defined(toolchain_allows_use_partition_alloc_as_malloc) &&
!toolchain_allows_use_partition_alloc_as_malloc) ||
(defined(toolchain_for_rust_host_build_tools) &&
toolchain_for_rust_host_build_tools)) {
use_partition_alloc_as_malloc = false
glue_core_pools = false
enable_backup_ref_ptr_support = false
use_raw_ptr_backup_ref_impl = false
use_asan_backup_ref_ptr = false
use_asan_unowned_ptr = false
use_hookable_raw_ptr = false
use_raw_ptr_asan_unowned_impl = false
use_raw_ptr_hookable_impl = false
enable_backup_ref_ptr_slow_checks = false
enable_dangling_raw_ptr_checks = false
enable_dangling_raw_ptr_feature_flag = false
enable_pointer_subtraction_check = false
backup_ref_ptr_poison_oob_ptr = false
backup_ref_ptr_extra_oob_checks = false
enable_backup_ref_ptr_instance_tracer = false
use_starscan = false
use_full_mte = false
}
@ -278,28 +412,34 @@ if (!has_memory_tagging) {
use_full_mte = false
}
# use_raw_ptr_backup_ref_impl can only be used if
# enable_backup_ref_ptr_support is true.
assert(enable_backup_ref_ptr_support || !use_raw_ptr_backup_ref_impl,
"Can't use RawPtrBackupRefImpl if BRP isn't enabled at all")
# enable_backup_ref_ptr_slow_checks can only be used if
# enable_backup_ref_ptr_support is true.
assert(enable_backup_ref_ptr_support || !enable_backup_ref_ptr_slow_checks,
"Can't enable additional BackupRefPtr checks if it isn't enabled at all")
"Can't enable additional BRP checks if it isn't enabled at all")
# enable_dangling_raw_ptr_checks can only be used if
# enable_backup_ref_ptr_support is true.
assert(
enable_backup_ref_ptr_support || !enable_dangling_raw_ptr_checks,
"Can't enable dangling raw_ptr checks if BackupRefPtr isn't enabled at all")
# enable_backup_ref_ptr_support & use_raw_ptr_backup_ref_impl are true.
assert((enable_backup_ref_ptr_support && use_raw_ptr_backup_ref_impl) ||
!enable_dangling_raw_ptr_checks,
"Can't enable dangling raw_ptr checks if BRP isn't enabled and used")
# It's meaningless to force on DPD (e.g. on bots) if the support isn't compiled
# in.
assert(enable_dangling_raw_ptr_checks || !enable_dangling_raw_ptr_feature_flag,
"Meaningless to enable DPD without it compiled.")
# To enable extra OOB checks for BackupRefPtr, the underlying feature must be
# To enable extra OOB checks for BRP, the underlying feature must be
# enabled, too.
assert(enable_backup_ref_ptr_support || !backup_ref_ptr_extra_oob_checks,
"Can't enable extra OOB checks if BackupRefPtr isn't enabled at all")
assert((enable_backup_ref_ptr_support && use_raw_ptr_backup_ref_impl) ||
!backup_ref_ptr_extra_oob_checks,
"Can't enable extra OOB checks if BRP isn't enabled and used")
# To poison OOB pointers for BackupRefPtr, the underlying feature must be
# To poison OOB pointers for BRP, the underlying feature must be
# enabled, too.
assert(backup_ref_ptr_extra_oob_checks || !backup_ref_ptr_poison_oob_ptr,
"Can't enable poisoning for OOB pointers if OOB checks aren't enabled " +
@ -310,7 +450,7 @@ assert(has_64_bit_pointers || !backup_ref_ptr_poison_oob_ptr,
# AsanBackupRefPtr and AsanUnownedPtr are mutually exclusive variants of
# raw_ptr.
assert(
!use_asan_unowned_ptr || !use_asan_backup_ref_ptr,
!use_raw_ptr_asan_unowned_impl || !use_asan_backup_ref_ptr,
"Both AsanUnownedPtr and AsanBackupRefPtr can't be enabled at the same " +
"time")
@ -320,27 +460,27 @@ assert(
"Both BackupRefPtr and AsanBackupRefPtr can't be enabled at the same time")
# BackupRefPtr and AsanUnownedPtr are mutually exclusive variants of raw_ptr.
assert(!enable_backup_ref_ptr_support || !use_asan_unowned_ptr,
assert(!enable_backup_ref_ptr_support || !use_raw_ptr_asan_unowned_impl,
"Both BackupRefPtr and AsanUnownedPtr can't be enabled at the same time")
# RawPtrHookableImpl and BackupRefPtr are mutually exclusive variants of
# raw_ptr.
assert(
!use_hookable_raw_ptr || !enable_backup_ref_ptr_support,
!use_raw_ptr_hookable_impl || !enable_backup_ref_ptr_support,
"Both RawPtrHookableImpl and BackupRefPtr can't be enabled at the same " +
"time")
# RawPtrHookableImpl and AsanUnownedPtr are mutually exclusive variants of
# raw_ptr.
assert(
!use_hookable_raw_ptr || !use_asan_unowned_ptr,
!use_raw_ptr_hookable_impl || !use_raw_ptr_asan_unowned_impl,
"Both RawPtrHookableImpl and AsanUnownedPtr can't be enabled at the same " +
"time")
assert(!use_asan_backup_ref_ptr || is_asan,
"AsanBackupRefPtr requires AddressSanitizer")
assert(!use_asan_unowned_ptr || is_asan,
assert(!use_raw_ptr_asan_unowned_impl || is_asan,
"AsanUnownedPtr requires AddressSanitizer")
# AsanBackupRefPtr is not supported outside Chromium. The implementation is
@ -349,17 +489,18 @@ assert(!use_asan_unowned_ptr || is_asan,
assert(build_with_chromium || !use_asan_backup_ref_ptr,
"AsanBackupRefPtr is not supported outside Chromium")
assert(!use_asan_backup_ref_ptr || use_hookable_raw_ptr,
assert(!use_asan_backup_ref_ptr || use_raw_ptr_hookable_impl,
"AsanBackupRefPtr requires RawPtrHookableImpl")
# pkeys support is explicitly disabled in all Cronet builds, as some test
# dependencies that use partition_allocator are compiled in AOSP against a
# version of glibc that does not include pkeys syscall numbers.
is_pkeys_available =
(is_linux || is_chromeos) && current_cpu == "x64" && !is_cronet_build
declare_args() {
# pkeys support is explicitly disabled in all Cronet builds, as some test
# dependencies that use partition_allocator are compiled in AOSP against a
# version of glibc that does not include pkeys syscall numbers.
enable_pkeys =
(is_linux || is_chromeos) && target_cpu == "x64" && !is_cronet_build
enable_pkeys = is_pkeys_available
}
assert(!enable_pkeys || ((is_linux || is_chromeos) && target_cpu == "x64"),
assert(!enable_pkeys || is_pkeys_available,
"Pkeys are only supported on x64 linux and ChromeOS")
# Some implementations of raw_ptr<>, like BackupRefPtr, require zeroing when

716
src/base/allocator/partition_allocator/src/partition_alloc/BUILD.gn
View file

@ -2,21 +2,52 @@
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
import("//build/buildflag_header.gni")
import("//build/config/android/config.gni")
import("//build/config/cast.gni")
import("//build/config/chromeos/ui_mode.gni")
import("//build/config/compiler/compiler.gni")
import("//build/config/dcheck_always_on.gni")
import("//build/config/logging.gni")
import("../../partition_alloc.gni")
import("buildflag_header.gni")
# Add partition_alloc.gni and import it for partition_alloc configs.
# //build_overrides/partition_alloc.gni should define partition_alloc_{
# add,remove}_configs. But if not defined (e.g. the embedder misses the config),
# define them here.
if (!defined(partition_alloc_add_configs)) {
partition_alloc_add_configs = []
}
if (!defined(partition_alloc_remove_configs)) {
partition_alloc_remove_configs = []
}
# TODO(https://crbug.com/1467773): Split PartitionAlloc into a public and
# Enables compilation of the freelist dispatcher, which we'll use to
# carry out runtime evaluation of PartitionAlloc's two freelist
# implementations: the existing encoded-next freelist and the new
# pool offset freelist. When false, the latter is not built.
use_freelist_dispatcher = has_64_bit_pointers
assert(has_64_bit_pointers || !use_freelist_dispatcher,
"freelist dispatcher can't be used without 64-bit pointers")
record_alloc_info = false
# GWP-ASan is tied to BRP's enablement.
enable_gwp_asan_support = enable_backup_ref_ptr_support
# Pointer compression requires 64-bit pointers.
enable_pointer_compression =
enable_pointer_compression_support && has_64_bit_pointers
# Duplicates the setup Chromium uses to define `DCHECK_IS_ON()`, but avails it
# as a buildflag.
partition_alloc_dchecks_are_on =
partition_alloc_is_debug || partition_alloc_dcheck_always_on
# Building PartitionAlloc for Windows component build.
# Currently use build_with_chromium not to affect any third_party code,
# but if any third_party code wants to use, remove build_with_chromium.
use_partition_alloc_as_malloc_on_win_component_build =
build_with_chromium && is_win && is_component_build
# TODO(crbug.com/40276913): Split PartitionAlloc into a public and
# private parts. The public config would include add the "./include" dir and
# the private config would add the "./src" dir.
# TODO(https://crbug.com/1467773): Move this config and several target into
# TODO(crbug.com/40276913): Move this config and several target into
# "../..".
config("public_includes") {
include_dirs = [
@ -50,6 +81,7 @@ config("dependants_extra_warnings") {
"-Wduplicate-enum",
"-Wextra-semi",
"-Wextra-semi-stmt",
"-Widiomatic-parentheses",
"-Wimplicit-fallthrough",
"-Winconsistent-missing-destructor-override",
"-Winvalid-offsetof",
@ -77,17 +109,114 @@ config("dependants_extra_warnings") {
}
}
_remove_configs = []
_add_configs = []
if (!is_debug || partition_alloc_optimized_debug) {
_remove_configs += [ "//build/config/compiler:default_optimization" ]
# This will generate warnings when using Clang if code generates exit-time
# destructors, which will slow down closing the program.
# TODO(thakis): Make this a blocklist instead, http://crbug.com/101600
config("wexit_time_destructors") {
if (is_clang) {
cflags = [ "-Wexit-time-destructors" ]
}
}
# PartitionAlloc is relatively hot (>1% of cycles for users of CrOS).
# Use speed-focused optimizations for it.
_add_configs += [ "//build/config/compiler:optimize_speed" ]
} else {
_remove_configs += [ "//build/config/compiler:default_optimization" ]
_add_configs += [ "//build/config/compiler:no_optimize" ]
source_set("buildflag_macro") {
sources = [ "buildflag.h" ]
public_configs = [ ":public_includes" ]
}
# When developers are repeatedly growing a buffer with `realloc`, they are
# expected to request a new size that is larger than the current size by
# some growth factor. This growth factor allows to amortize the cost of
# memcpy. Unfortunately, some nVidia drivers have a bug where they repeatedly
# increase the buffer by 4144 byte only.
#
# In particular, most Skia Linux bots are using the affected nVidia driver. So
# this flag is used as a workaround for Skia standalone, not in production.
#
# External link:
# https://forums.developer.nvidia.com/t/550-54-14-very-bad-performance-due-to-bunch-of-reallocations-during-glcore-initialization/287027
#
# Internal discussion at @chrome-memory-safety:
# https://groups.google.com/a/google.com/d/msgid/chrome-memory-safety/CAAzos5HrexY2njz2YzWrffTq1xEfkx15GVpSvHUyQED6wBSXvA%40mail.gmail.com?utm_medium=email&utm_source=footer
declare_args() {
partition_alloc_realloc_growth_factor_mitigation = false
}
pa_buildflag_header("buildflags") {
header = "buildflags.h"
flags = [
"ASSERT_CPP_20=$assert_cpp20",
"BACKUP_REF_PTR_EXTRA_OOB_CHECKS=$backup_ref_ptr_extra_oob_checks",
"BACKUP_REF_PTR_POISON_OOB_PTR=$backup_ref_ptr_poison_oob_ptr",
"CAN_UNWIND_WITH_FRAME_POINTERS=$can_unwind_with_frame_pointers",
"DCHECKS_ARE_ON=$partition_alloc_dchecks_are_on",
"DCHECK_IS_CONFIGURABLE=$dcheck_is_configurable",
"ENABLE_ALLOCATOR_SHIM_PARTITION_ALLOC_DISPATCH_WITH_ADVANCED_CHECKS_SUPPORT=$enable_allocator_shim_partition_alloc_dispatch_with_advanced_checks_support",
"ENABLE_BACKUP_REF_PTR_FEATURE_FLAG=$enable_backup_ref_ptr_feature_flag",
"ENABLE_BACKUP_REF_PTR_INSTANCE_TRACER=$enable_backup_ref_ptr_instance_tracer",
"ENABLE_BACKUP_REF_PTR_SLOW_CHECKS=$enable_backup_ref_ptr_slow_checks",
"ENABLE_BACKUP_REF_PTR_SUPPORT=$enable_backup_ref_ptr_support",
"ENABLE_DANGLING_RAW_PTR_CHECKS=$enable_dangling_raw_ptr_checks",
"ENABLE_DANGLING_RAW_PTR_FEATURE_FLAG=$enable_dangling_raw_ptr_feature_flag",
"ENABLE_GWP_ASAN_SUPPORT=$enable_gwp_asan_support",
"ENABLE_PARTITION_LOCK_REENTRANCY_CHECK=$enable_partition_lock_reentrancy_check",
"ENABLE_PKEYS=$enable_pkeys",
"ENABLE_POINTER_ARITHMETIC_TRAIT_CHECK=$enable_pointer_arithmetic_trait_check",
"ENABLE_POINTER_COMPRESSION=$enable_pointer_compression",
"ENABLE_POINTER_SUBTRACTION_CHECK=$enable_pointer_subtraction_check",
"ENABLE_SHADOW_METADATA_FOR_64_BITS_POINTERS=$enable_shadow_metadata",
"ENABLE_THREAD_ISOLATION=$enable_pkeys",
"EXPENSIVE_DCHECKS_ARE_ON=$enable_expensive_dchecks",
"FORCE_DISABLE_BACKUP_REF_PTR_FEATURE=$force_disable_backup_ref_ptr_feature",
"FORCE_ENABLE_RAW_PTR_EXCLUSION=$force_enable_raw_ptr_exclusion",
"FORWARD_THROUGH_MALLOC=$forward_through_malloc",
"HAS_64_BIT_POINTERS=$has_64_bit_pointers",
"HAS_MEMORY_TAGGING=$has_memory_tagging",
"IS_ANDROID=$is_android",
"IS_CASTOS=$is_castos",
"IS_CAST_ANDROID=$is_cast_android",
"IS_CHROMEOS=$is_chromeos",
"IS_DEBUG=$partition_alloc_is_debug",
"RAW_PTR_ZERO_ON_CONSTRUCT=$raw_ptr_zero_on_construct",
"RAW_PTR_ZERO_ON_DESTRUCT=$raw_ptr_zero_on_destruct",
"RAW_PTR_ZERO_ON_MOVE=$raw_ptr_zero_on_move",
"REALLOC_GROWTH_FACTOR_MITIGATION=$partition_alloc_realloc_growth_factor_mitigation",
"RECORD_ALLOC_INFO=$record_alloc_info",
"SMALLER_PARTITION_COOKIE=$smaller_partition_cookie",
"STACK_SCAN_SUPPORTED=$stack_scan_supported",
"USE_ALLOCATOR_SHIM=$use_allocator_shim",
"USE_ASAN_BACKUP_REF_PTR=$use_asan_backup_ref_ptr",
"USE_FREELIST_DISPATCHER=$use_freelist_dispatcher",
"USE_FREESLOT_BITMAP=$use_freeslot_bitmap",
"USE_FULL_MTE=$use_full_mte",
"USE_LARGE_EMPTY_SLOT_SPAN_RING=$use_large_empty_slot_span_ring",
"USE_PARTITION_ALLOC=$use_partition_alloc",
"USE_PARTITION_ALLOC_AS_MALLOC=$use_partition_alloc_as_malloc",
"USE_PARTITION_COOKIE=$use_partition_cookie",
"USE_RAW_PTR_ASAN_UNOWNED_IMPL=$use_raw_ptr_asan_unowned_impl",
"USE_RAW_PTR_BACKUP_REF_IMPL=$use_raw_ptr_backup_ref_impl",
"USE_RAW_PTR_HOOKABLE_IMPL=$use_raw_ptr_hookable_impl",
]
}
# TODO(crbug.com/41481467): Remove this alias.
# Temporary alias, the time to update partition_alloc dependants.
# Currently needed by pdfium and dawn.
source_set("partition_alloc_buildflags") {
public = [ "partition_alloc_buildflags.h" ]
public_deps = [ ":buildflags" ]
}
# Provides platform and architecture detections from the compiler defines.
source_set("build_config") {
sources = [
"build_config.h",
"buildflag.h",
]
public_deps = [
":buildflag_macro", # Provides 'PA_BUILDFLAG()' macro.
":buildflags", # Provides `IS_CHROMEOS` definition.
]
public_configs = [ ":public_includes" ]
}
component("raw_ptr") {
@ -104,19 +233,19 @@ component("raw_ptr") {
]
sources = [ "pointers/instance_tracer.cc" ]
public_configs = [ ":public_includes" ]
configs += [ "//build/config/compiler:wexit_time_destructors" ]
configs += [ ":wexit_time_destructors" ]
if (enable_backup_ref_ptr_support) {
if (use_raw_ptr_backup_ref_impl) {
sources += [
"pointers/raw_ptr_backup_ref_impl.cc",
"pointers/raw_ptr_backup_ref_impl.h",
]
} else if (use_hookable_raw_ptr) {
} else if (use_raw_ptr_hookable_impl) {
sources += [
"pointers/raw_ptr_hookable_impl.cc",
"pointers/raw_ptr_hookable_impl.h",
]
} else if (use_asan_unowned_ptr) {
} else if (use_raw_ptr_asan_unowned_impl) {
sources += [
"pointers/raw_ptr_asan_unowned_impl.cc",
"pointers/raw_ptr_asan_unowned_impl.h",
@ -125,145 +254,22 @@ component("raw_ptr") {
sources += [ "pointers/raw_ptr_noop_impl.h" ]
sources += [ "pointers/empty.cc" ]
}
public_deps = [
":build_config",
":buildflags",
]
if (use_partition_alloc) {
public_deps = [ ":partition_alloc" ]
public_deps += [ ":partition_alloc" ]
}
deps = [ ":buildflags" ]
# See also: `partition_alloc_base/component_export.h`
defines = [ "IS_RAW_PTR_IMPL" ]
configs -= _remove_configs
configs += _add_configs
configs -= partition_alloc_remove_configs
configs += partition_alloc_add_configs
configs += [ ":dependants_extra_warnings" ]
}
# Changes the freelist implementation to use pointer offsets in lieu
# of full-on pointers. Defaults to false, which implies the use of
# "encoded next" freelist entry.
#
# Only usable when pointers are 64-bit.
use_freelist_pool_offsets = has_64_bit_pointers && false
buildflag_header("partition_alloc_buildflags") {
header = "partition_alloc_buildflags.h"
_record_alloc_info = false
# GWP-ASan is tied to BRP's enablement.
_enable_gwp_asan_support = enable_backup_ref_ptr_support
# Pools are a logical concept when address space is 32-bit.
_glue_core_pools = glue_core_pools && has_64_bit_pointers
# Pointer compression requires 64-bit pointers.
_enable_pointer_compression =
enable_pointer_compression_support && has_64_bit_pointers
# TODO(crbug.com/1151236): Need to refactor the following buildflags.
# The buildflags (except RECORD_ALLOC_INFO) are used by both chrome and
# PartitionAlloc. For PartitionAlloc,
# gen/base/allocator/partition_allocator/src/partition_alloc/partition_alloc_buildflags.h
# defines and PartitionAlloc includes the header file. For chrome,
# gen/base/allocator/buildflags.h defines and chrome includes.
flags = [
"HAS_64_BIT_POINTERS=$has_64_bit_pointers",
"HAS_MEMORY_TAGGING=$has_memory_tagging",
"USE_ALLOCATOR_SHIM=$use_allocator_shim",
"USE_LARGE_EMPTY_SLOT_SPAN_RING=$use_large_empty_slot_span_ring",
"USE_PARTITION_ALLOC=$use_partition_alloc",
"USE_PARTITION_ALLOC_AS_MALLOC=$use_partition_alloc_as_malloc",
"ENABLE_BACKUP_REF_PTR_SUPPORT=$enable_backup_ref_ptr_support",
"ENABLE_BACKUP_REF_PTR_SLOW_CHECKS=$enable_backup_ref_ptr_slow_checks",
"ENABLE_BACKUP_REF_PTR_FEATURE_FLAG=$enable_backup_ref_ptr_feature_flag",
"ENABLE_BACKUP_REF_PTR_INSTANCE_TRACER=$enable_backup_ref_ptr_instance_tracer",
"ENABLE_DANGLING_RAW_PTR_CHECKS=$enable_dangling_raw_ptr_checks",
"ENABLE_DANGLING_RAW_PTR_FEATURE_FLAG=$enable_dangling_raw_ptr_feature_flag",
"ENABLE_POINTER_SUBTRACTION_CHECK=$enable_pointer_subtraction_check",
"ENABLE_POINTER_ARITHMETIC_TRAIT_CHECK=$enable_pointer_arithmetic_trait_check",
"BACKUP_REF_PTR_EXTRA_OOB_CHECKS=$backup_ref_ptr_extra_oob_checks",
"BACKUP_REF_PTR_POISON_OOB_PTR=$backup_ref_ptr_poison_oob_ptr",
"USE_ASAN_BACKUP_REF_PTR=$use_asan_backup_ref_ptr",
"USE_ASAN_UNOWNED_PTR=$use_asan_unowned_ptr",
"USE_HOOKABLE_RAW_PTR=$use_hookable_raw_ptr",
"ENABLE_GWP_ASAN_SUPPORT=$_enable_gwp_asan_support",
"FORCE_ENABLE_RAW_PTR_EXCLUSION=$force_enable_raw_ptr_exclusion",
"USE_FULL_MTE=$use_full_mte",
"RECORD_ALLOC_INFO=$_record_alloc_info",
"USE_FREESLOT_BITMAP=$use_freeslot_bitmap",
"GLUE_CORE_POOLS=$_glue_core_pools",
"ENABLE_POINTER_COMPRESSION=$_enable_pointer_compression",
"ENABLE_SHADOW_METADATA_FOR_64_BITS_POINTERS=$enable_shadow_metadata",
"USE_FREELIST_POOL_OFFSETS=$use_freelist_pool_offsets",
"USE_STARSCAN=$use_starscan",
"PCSCAN_STACK_SUPPORTED=$pcscan_stack_supported",
"ENABLE_PKEYS=$enable_pkeys",
"ENABLE_THREAD_ISOLATION=$enable_pkeys",
"FORWARD_THROUGH_MALLOC=$forward_through_malloc",
"ASSERT_CPP_20=$assert_cpp20",
]
}
buildflag_header("raw_ptr_buildflags") {
header = "raw_ptr_buildflags.h"
flags = [
"RAW_PTR_ZERO_ON_CONSTRUCT=$raw_ptr_zero_on_construct",
"RAW_PTR_ZERO_ON_MOVE=$raw_ptr_zero_on_move",
"RAW_PTR_ZERO_ON_DESTRUCT=$raw_ptr_zero_on_destruct",
]
}
buildflag_header("chromecast_buildflags") {
header = "chromecast_buildflags.h"
flags = [
"PA_IS_CAST_ANDROID=$is_cast_android",
"PA_IS_CASTOS=$is_castos",
]
}
buildflag_header("chromeos_buildflags") {
header = "chromeos_buildflags.h"
flags = [ "PA_IS_CHROMEOS_ASH=$is_chromeos_ash" ]
}
buildflag_header("debugging_buildflags") {
header = "debugging_buildflags.h"
header_dir = rebase_path(".", "//") + "/partition_alloc_base/debug"
# Duplicates the setup Chromium uses to define `DCHECK_IS_ON()`,
# but avails it as a buildflag.
_dcheck_is_on = is_debug || dcheck_always_on
flags = [
"PA_DCHECK_IS_ON=$_dcheck_is_on",
"PA_EXPENSIVE_DCHECKS_ARE_ON=$enable_expensive_dchecks",
"PA_DCHECK_IS_CONFIGURABLE=$dcheck_is_configurable",
"PA_CAN_UNWIND_WITH_FRAME_POINTERS=$can_unwind_with_frame_pointers",
]
}
group("buildflags") {
public_deps = [
":chromecast_buildflags",
":chromeos_buildflags",
":debugging_buildflags",
":partition_alloc_buildflags",
":raw_ptr_buildflags",
]
public_configs = [ ":public_includes" ]
}
if (is_clang_or_gcc) {
config("partition_alloc_implementation") {
# See also: `partition_alloc_base/component_export.h`
@ -344,7 +350,7 @@ if (is_clang_or_gcc) {
}
}
if (enable_pkeys && is_debug) {
if (enable_pkeys && partition_alloc_is_debug) {
config("no_stack_protector") {
cflags = [ "-fno-stack-protector" ]
}
@ -355,13 +361,42 @@ if (is_clang_or_gcc) {
":allocator_base",
":allocator_core",
":allocator_shim",
":buildflags",
]
}
if (is_win && is_component_build) {
group("win_component_build_adapter") {
# Currently guard this target by using build_with_chromium to avoid
# any issues on third_party build. But if any third_party code wants to
# use allocator_shim for its own component build, we will remove this
# guard.
if (build_with_chromium) {
if (use_allocator_shim) {
public_deps = [
":allocator_base",
":allocator_shim",
]
}
}
# If not with chromium, currently do nothing.
}
}
component("allocator_core") {
visibility = [ ":*" ]
if (use_partition_alloc_as_malloc_on_win_component_build) {
# Since common_deps defined in //build/config/BUILD.gn depends on
# PartitionAlloc for PartitionAlloc-Everywhere, we need no_default_deps
# here, because default deps includes common_deps dependency.
# Without no_defaults_deps=true, we will see cyclic deps:
# common_deps=>PartitionAlloc=>common_deps
no_default_deps = true
}
sources = [
"aarch64_support.h",
"address_pool_manager.cc",
"address_pool_manager.h",
"address_pool_manager_bitmap.cc",
@ -412,6 +447,7 @@ if (is_clang_or_gcc) {
"partition_bucket.cc",
"partition_bucket.h",
"partition_bucket_lookup.h",
"partition_cookie.cc",
"partition_cookie.h",
"partition_dcheck_helper.cc",
"partition_dcheck_helper.h",
@ -426,6 +462,7 @@ if (is_clang_or_gcc) {
"partition_page_constants.h",
"partition_root.cc",
"partition_root.h",
"partition_shared_mutex.h",
"partition_stats.cc",
"partition_stats.h",
"partition_superpage_extent_entry.h",
@ -437,6 +474,8 @@ if (is_clang_or_gcc) {
"reverse_bytes.h",
"spinning_mutex.cc",
"spinning_mutex.h",
"stack/stack.cc",
"stack/stack.h",
"tagging.cc",
"tagging.h",
"thread_cache.cc",
@ -449,31 +488,6 @@ if (is_clang_or_gcc) {
"yield_processor.h",
]
if (use_starscan) {
sources += [
"starscan/logging.h",
"starscan/pcscan.cc",
"starscan/pcscan.h",
"starscan/pcscan_internal.cc",
"starscan/pcscan_internal.h",
"starscan/pcscan_scheduling.cc",
"starscan/pcscan_scheduling.h",
"starscan/raceful_worklist.h",
"starscan/scan_loop.h",
"starscan/snapshot.cc",
"starscan/snapshot.h",
"starscan/stack/stack.cc",
"starscan/stack/stack.h",
"starscan/starscan_fwd.h",
"starscan/state_bitmap.h",
"starscan/stats_collector.cc",
"starscan/stats_collector.h",
"starscan/stats_reporter.h",
"starscan/write_protector.cc",
"starscan/write_protector.h",
]
}
defines = []
if (is_win) {
sources += [
@ -492,51 +506,52 @@ if (is_clang_or_gcc) {
# The Android NDK supports PR_MTE_* macros as of NDK r23.
defines += [ "HAS_PR_MTE_MACROS" ]
}
if (use_starscan) {
if (current_cpu == "x64") {
assert(pcscan_stack_supported)
sources += [ "starscan/stack/asm/x64/push_registers_asm.cc" ]
} else if (current_cpu == "x86") {
assert(pcscan_stack_supported)
sources += [ "starscan/stack/asm/x86/push_registers_asm.cc" ]
} else if (current_cpu == "arm") {
assert(pcscan_stack_supported)
sources += [ "starscan/stack/asm/arm/push_registers_asm.cc" ]
} else if (current_cpu == "arm64") {
assert(pcscan_stack_supported)
sources += [ "starscan/stack/asm/arm64/push_registers_asm.cc" ]
} else if (current_cpu == "riscv64") {
assert(pcscan_stack_supported)
sources += [ "starscan/stack/asm/riscv64/push_registers_asm.cc" ]
} else {
# To support a trampoline for another arch, please refer to v8/src/heap/base.
assert(!pcscan_stack_supported)
}
}
if (use_freelist_pool_offsets) {
sources += [ "pool_offset_freelist.h" ]
if (current_cpu == "x64") {
assert(stack_scan_supported)
sources += [ "stack/asm/x64/push_registers_asm.cc" ]
} else if (current_cpu == "x86") {
assert(stack_scan_supported)
sources += [ "stack/asm/x86/push_registers_asm.cc" ]
} else if (current_cpu == "arm") {
assert(stack_scan_supported)
sources += [ "stack/asm/arm/push_registers_asm.cc" ]
} else if (current_cpu == "arm64") {
assert(stack_scan_supported)
sources += [ "stack/asm/arm64/push_registers_asm.cc" ]
} else if (current_cpu == "riscv64") {
assert(stack_scan_supported)
sources += [ "stack/asm/riscv64/push_registers_asm.cc" ]
} else {
sources += [ "encoded_next_freelist.h" ]
# To support a trampoline for another arch, please refer to v8/src/heap/base.
assert(!stack_scan_supported)
}
# TODO(crbug.com/40274683): once we evaluate pool offset freelists,
# we should erase the dispatcher and compile (& use) exactly one
# freelist implementation.
if (use_freelist_dispatcher) {
sources += [ "pool_offset_freelist.h" ]
}
sources += [ "encoded_next_freelist.h" ]
public_deps = [
":chromecast_buildflags",
":chromeos_buildflags",
":debugging_buildflags",
":partition_alloc_buildflags",
":build_config",
":buildflags",
]
configs += [
":partition_alloc_implementation",
":memory_tagging",
"//build/config/compiler:wexit_time_destructors",
":wexit_time_destructors",
]
deps = [ ":allocator_base" ]
public_configs = []
if (is_android) {
# tagging.cc requires __arm_mte_set_* functions.
deps += [ "//third_party/cpu_features:ndk_compat" ]
if (use_partition_alloc_as_malloc_on_win_component_build) {
# We need to add explicit libc++ dependency here because of
# no_default_deps=true.
deps += [ "//buildtools/third_party/libc++:libc++" ]
}
public_configs = []
if (is_fuchsia) {
deps += [
"//third_party/fuchsia-sdk/sdk/fidl/fuchsia.kernel:fuchsia.kernel_cpp",
@ -566,19 +581,27 @@ if (is_clang_or_gcc) {
]
}
configs -= _remove_configs
configs += _add_configs
configs -= partition_alloc_remove_configs
configs += partition_alloc_add_configs
configs += [ ":dependants_extra_warnings" ]
# We want to be able to test pkey mode without access to the default pkey.
# This is incompatible with stack protectors since the TLS won't be pkey-tagged.
if (enable_pkeys && is_debug) {
if (enable_pkeys && partition_alloc_is_debug) {
configs += [ ":no_stack_protector" ]
}
}
component("allocator_base") {
visibility = [ ":*" ]
if (use_partition_alloc_as_malloc_on_win_component_build) {
# Since common_deps defined in //build/config/BUILD.gn depends on
# PartitionAlloc for PartitionAlloc-Everywhere, we need no_default_deps
# here, because default deps includes common_deps dependency.
# Without no_defaults_deps=true, we will see cyclic deps:
# common_deps=>PartitionAlloc=>common_deps
no_default_deps = true
}
sources = [
"partition_alloc_base/atomic_ref_count.h",
@ -597,6 +620,7 @@ if (is_clang_or_gcc) {
"partition_alloc_base/debug/stack_trace.cc",
"partition_alloc_base/debug/stack_trace.h",
"partition_alloc_base/export_template.h",
"partition_alloc_base/files/platform_file.h",
"partition_alloc_base/immediate_crash.h",
"partition_alloc_base/log_message.cc",
"partition_alloc_base/log_message.h",
@ -642,11 +666,13 @@ if (is_clang_or_gcc) {
"partition_alloc_base/time/time.h",
"partition_alloc_base/time/time_override.cc",
"partition_alloc_base/time/time_override.h",
"partition_alloc_base/types/same_as_any.h",
"partition_alloc_base/types/strong_alias.h",
"partition_alloc_base/win/win_handle_types.h",
"partition_alloc_base/win/win_handle_types_list.inc",
"partition_alloc_base/win/windows_types.h",
]
libs = []
if (is_win) {
sources += [
@ -658,7 +684,12 @@ if (is_clang_or_gcc) {
"partition_alloc_base/threading/platform_thread_win.cc",
"partition_alloc_base/time/time_win.cc",
]
} else if (is_posix) {
libs += [
"winmm.lib", # For timeGetTime.
]
}
if (is_posix) {
sources += [
"partition_alloc_base/debug/stack_trace_posix.cc",
"partition_alloc_base/files/file_util.h",
@ -677,9 +708,6 @@ if (is_clang_or_gcc) {
sources += [ "partition_alloc_base/debug/stack_trace_linux.cc" ]
}
if (is_android || is_chromeos_ash) {
sources += [ "partition_alloc_base/time/time_android.cc" ]
}
if (is_apple) {
# Request <dlfcn.h> to provide the `dladdr()` function. This is used to
# translate address to symbolic information.
@ -692,7 +720,9 @@ if (is_clang_or_gcc) {
} else {
sources += [ "partition_alloc_base/time/time_now_posix.cc" ]
}
} else if (is_fuchsia) {
}
if (is_fuchsia) {
sources += [
"partition_alloc_base/fuchsia/fuchsia_logging.cc",
"partition_alloc_base/fuchsia/fuchsia_logging.h",
@ -706,6 +736,7 @@ if (is_clang_or_gcc) {
"partition_alloc_base/time/time_fuchsia.cc",
]
}
if (is_android) {
# Only android build requires native_library, and native_library depends
# on file_path. So file_path is added if is_android = true.
@ -718,6 +749,7 @@ if (is_clang_or_gcc) {
"partition_alloc_base/native_library_posix.cc",
]
}
if (is_apple) {
# Apple-specific utilities
sources += [
@ -745,18 +777,21 @@ if (is_clang_or_gcc) {
}
public_deps = [
":chromecast_buildflags",
":chromeos_buildflags",
":debugging_buildflags",
":partition_alloc_buildflags",
":build_config",
":buildflags",
]
public_configs = [ ":public_includes" ]
configs += [
":partition_alloc_base_implementation",
"//build/config/compiler:wexit_time_destructors",
":wexit_time_destructors",
]
deps = []
if (use_partition_alloc_as_malloc_on_win_component_build) {
# We need to add explicit libc++ dependency here because of
# no_default_deps=true.
deps += [ "//buildtools/third_party/libc++:libc++" ]
}
if (is_fuchsia) {
public_deps += [ "//third_party/fuchsia-sdk/sdk/pkg/fit" ]
}
@ -769,26 +804,24 @@ if (is_clang_or_gcc) {
]
}
configs -= _remove_configs
configs += _add_configs
configs -= partition_alloc_remove_configs
configs += partition_alloc_add_configs
configs += [ ":dependants_extra_warnings" ]
}
component("allocator_shim") {
visibility = [ ":*" ]
sources = []
deps = []
all_dependent_configs = []
public_configs = [ ":public_includes" ]
configs += [
":allocator_shim_implementation",
"//build/config/compiler:wexit_time_destructors",
":wexit_time_destructors",
]
frameworks = []
configs -= _remove_configs
configs += _add_configs
configs -= partition_alloc_remove_configs
configs += partition_alloc_add_configs
configs += [ ":dependants_extra_warnings" ]
shim_headers = []
@ -807,14 +840,14 @@ if (is_clang_or_gcc) {
"shim/allocator_shim_dispatch_to_noop_on_free.h",
]
if (use_partition_alloc) {
shim_sources += [
"shim/allocator_shim_default_dispatch_to_partition_alloc.cc",
"shim/nonscannable_allocator.cc",
]
shim_headers += [
"shim/allocator_shim_default_dispatch_to_partition_alloc.h",
"shim/nonscannable_allocator.h",
]
shim_sources +=
[ "shim/allocator_shim_default_dispatch_to_partition_alloc.cc" ]
shim_headers +=
[ "shim/allocator_shim_default_dispatch_to_partition_alloc.h" ]
}
if (enable_allocator_shim_partition_alloc_dispatch_with_advanced_checks_support) {
shim_sources += [ "shim/allocator_shim_default_dispatch_to_partition_alloc_with_advanced_checks.cc" ]
shim_headers += [ "shim/allocator_shim_default_dispatch_to_partition_alloc_with_advanced_checks.h" ]
}
if (is_android) {
shim_headers += [
@ -848,7 +881,7 @@ if (is_clang_or_gcc) {
# Do not compile with ARC because this target has to interface with
# low-level Objective-C and having ARC would interfere.
configs -= [ "//build/config/compiler:enable_arc" ]
configs -= [ partition_alloc_enable_arc_config ]
}
}
if (is_chromeos || is_linux) {
@ -917,6 +950,199 @@ if (is_clang_or_gcc) {
]
}
} # if (is_clang_or_gcc)
# TODO(crbug.com/1151236): After making partition_alloc a standalone library,
# move test code here. i.e. test("partition_alloc_tests") { ... } and
# test("partition_alloc_perftests").
# TODO(crbug.com/40158212): Consider supporting building tests outside of
# chromium and having a dedicated 'partition_alloc_unittests' target.
if (build_with_chromium) {
source_set("unittests") {
testonly = true
sources = [ "partition_alloc_base/test/gtest_util.h" ]
if (is_linux || is_chromeos || is_android) {
sources += [
"partition_alloc_base/debug/proc_maps_linux.cc",
"partition_alloc_base/debug/proc_maps_linux.h",
]
}
if (is_android) {
sources += [
"partition_alloc_base/files/file_path_pa_unittest.cc",
"partition_alloc_base/native_library_pa_unittest.cc",
]
}
if (use_partition_alloc) {
sources += [
"address_pool_manager_unittest.cc",
"address_space_randomization_unittest.cc",
"compressed_pointer_unittest.cc",
"freeslot_bitmap_unittest.cc",
"hardening_unittest.cc",
"lightweight_quarantine_unittest.cc",
"memory_reclaimer_unittest.cc",
"page_allocator_unittest.cc",
"partition_alloc_base/bits_pa_unittest.cc",
"partition_alloc_base/component_export_pa_unittest.cc",
"partition_alloc_base/cpu_pa_unittest.cc",
"partition_alloc_base/logging_pa_unittest.cc",
"partition_alloc_base/no_destructor_pa_unittest.cc",
"partition_alloc_base/rand_util_pa_unittest.cc",
"partition_alloc_base/scoped_clear_last_error_pa_unittest.cc",
"partition_alloc_base/strings/cstring_builder_pa_unittest.cc",
"partition_alloc_base/strings/safe_sprintf_pa_unittest.cc",
"partition_alloc_base/strings/string_util_pa_unittest.cc",
"partition_alloc_base/strings/stringprintf_pa_unittest.cc",
"partition_alloc_base/thread_annotations_pa_unittest.cc",
"partition_alloc_unittest.cc",
"partition_lock_unittest.cc",
"reverse_bytes_unittest.cc",
"slot_start_unittest.cc",
"thread_cache_unittest.cc",
"use_death_tests.h",
]
}
if (is_fuchsia) {
sources +=
[ "partition_alloc_base/fuchsia/fuchsia_logging_pa_unittest.cc" ]
}
if (use_allocator_shim) {
sources += [
"shim/allocator_shim_default_dispatch_to_partition_alloc_unittest.cc",
]
if (is_win) {
sources += [ "shim/winheap_stubs_win_unittest.cc" ]
}
if (is_ios) {
sources += [
"shim/allocator_interception_apple_unittest.mm",
"shim/malloc_zone_functions_apple_unittest.cc",
]
}
}
if ((is_android || is_linux) && target_cpu == "arm64") {
cflags = [
"-Xclang",
"-target-feature",
"-Xclang",
"+mte",
]
}
if (enable_pkeys && partition_alloc_is_debug && !is_component_build) {
# This test requires RELRO, which is not enabled in component builds.
# Also, require a debug build, since we only disable stack protectors in
# debug builds in PartitionAlloc (see below why it's needed).
sources += [ "thread_isolation/pkey_unittest.cc" ]
# We want to test the pkey code without access to memory that is not
# pkey-tagged. This will allow us to catch unintended memory accesses
# that could break our security assumptions. The stack protector reads a
# value from the TLS which won't be pkey-tagged, hence disabling it for
# the test.
configs += [ ":no_stack_protector" ]
}
frameworks = []
if (is_mac) {
frameworks += [
"Foundation.framework",
"OpenCL.framework",
]
}
deps = [
":partition_alloc",
":test_support",
"//testing/gmock",
"//testing/gtest",
]
configs -= partition_alloc_remove_configs
configs += partition_alloc_add_configs
}
}
source_set("test_support") {
testonly = true
sources = [
"extended_api.cc",
"extended_api.h",
"partition_alloc_base/threading/platform_thread_for_testing.h",
"partition_alloc_for_testing.h",
"pointers/raw_ptr_counting_impl_for_test.h",
]
if (is_posix) {
sources += [
"partition_alloc_base/threading/platform_thread_posix_for_testing.cc",
]
}
if (is_fuchsia) {
sources += [
"partition_alloc_base/threading/platform_thread_fuchsia_for_testing.cc",
"partition_alloc_base/threading/platform_thread_posix_for_testing.cc",
]
}
if (is_win) {
sources +=
[ "partition_alloc_base/threading/platform_thread_win_for_testing.cc" ]
}
if (is_apple) {
sources += [
"partition_alloc_base/threading/platform_thread_apple_for_testing.mm",
]
}
if (is_linux || is_chromeos) {
sources += [
"partition_alloc_base/threading/platform_thread_linux_for_testing.cc",
]
}
if (is_android) {
sources += [
"partition_alloc_base/threading/platform_thread_android_for_testing.cc",
]
}
public_deps = [
":arm_bti_testfunctions",
":buildflags",
":partition_alloc",
":raw_ptr",
]
public_configs = []
if (is_fuchsia) {
public_deps += [
"//third_party/fuchsia-sdk/sdk/fidl/fuchsia.logger:fuchsia.logger_hlcpp",
"//third_party/fuchsia-sdk/sdk/pkg/fit",
"//third_party/fuchsia-sdk/sdk/pkg/sync",
"//third_party/fuchsia-sdk/sdk/pkg/sys_cpp",
"//third_party/fuchsia-sdk/sdk/pkg/zx",
]
# Needed for users of spinning_mutex.h, which for performance reasons,
# contains inlined calls to `libsync` inside the header file.
# It appends an entry to the "libs" section of the dependent target.
public_configs += [ ":fuchsia_sync_lib" ]
}
configs -= partition_alloc_remove_configs
configs += partition_alloc_add_configs
}
source_set("arm_bti_testfunctions") {
testonly = true
sources = []
if (target_cpu == "arm64" && (is_linux || is_android)) {
sources = [
"arm_bti_test_functions.S",
"arm_bti_test_functions.h",
]
}
}

51
src/base/allocator/partition_allocator/src/partition_alloc/aarch64_support.h Normal file
View file

@ -0,0 +1,51 @@
// Copyright 2024 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef PARTITION_ALLOC_AARCH64_SUPPORT_H_
#define PARTITION_ALLOC_AARCH64_SUPPORT_H_
#include <stdint.h>
#include "partition_alloc/build_config.h"
#include "partition_alloc/buildflags.h"
#if defined(__MUSL__)
// Musl does not support ifunc.
#elif PA_BUILDFLAG(IS_ANDROID) || PA_BUILDFLAG(IS_LINUX)
#define HAS_HW_CAPS
#endif
#if PA_BUILDFLAG(PA_ARCH_CPU_ARM64) && defined(HAS_HW_CAPS)
#include <asm/hwcap.h>
#include <sys/ifunc.h>
#else
struct __ifunc_arg_t;
#endif
namespace partition_alloc::internal {
constexpr bool IsBtiEnabled(uint64_t ifunc_hwcap,
struct __ifunc_arg_t* ifunc_hw) {
#if PA_BUILDFLAG(PA_ARCH_CPU_ARM64) && defined(HAS_HW_CAPS)
return (ifunc_hwcap & _IFUNC_ARG_HWCAP) && (ifunc_hw->_hwcap2 & HWCAP2_BTI);
#else
return false;
#endif
}
constexpr bool IsMteEnabled(uint64_t ifunc_hwcap,
struct __ifunc_arg_t* ifunc_hw) {
#if PA_BUILDFLAG(PA_ARCH_CPU_ARM64) && defined(HAS_HW_CAPS) && \
PA_BUILDFLAG(HAS_MEMORY_TAGGING)
return (ifunc_hwcap & _IFUNC_ARG_HWCAP) && (ifunc_hw->_hwcap2 & HWCAP2_MTE);
#else
return false;
#endif
}
} // namespace partition_alloc::internal
#undef HAS_HW_CAPS
#endif // PARTITION_ALLOC_AARCH64_SUPPORT_H_

45
src/base/allocator/partition_allocator/src/partition_alloc/address_pool_manager.cc
View file

@ -9,25 +9,24 @@
#include <cstdint>
#include <limits>
#include "build/build_config.h"
#include "partition_alloc/address_space_stats.h"
#include "partition_alloc/build_config.h"
#include "partition_alloc/buildflags.h"
#include "partition_alloc/page_allocator.h"
#include "partition_alloc/page_allocator_constants.h"
#include "partition_alloc/partition_alloc_base/debug/debugging_buildflags.h"
#include "partition_alloc/partition_alloc_base/notreached.h"
#include "partition_alloc/partition_alloc_buildflags.h"
#include "partition_alloc/partition_alloc_check.h"
#include "partition_alloc/partition_alloc_constants.h"
#include "partition_alloc/reservation_offset_table.h"
#include "partition_alloc/thread_isolation/alignment.h"
#if BUILDFLAG(IS_APPLE) || BUILDFLAG(ENABLE_THREAD_ISOLATION)
#if PA_BUILDFLAG(IS_APPLE) || PA_BUILDFLAG(ENABLE_THREAD_ISOLATION)
#include <sys/mman.h>
#endif
namespace partition_alloc::internal {
AddressPoolManager AddressPoolManager::singleton_;
PA_CONSTINIT AddressPoolManager AddressPoolManager::singleton_;
// static
AddressPoolManager& AddressPoolManager::GetInstance() {
@ -40,7 +39,7 @@ constexpr PageTag kPageTag = PageTag::kPartitionAlloc;
} // namespace
#if BUILDFLAG(HAS_64_BIT_POINTERS)
#if PA_BUILDFLAG(HAS_64_BIT_POINTERS)
namespace {
@ -125,7 +124,7 @@ void AddressPoolManager::Pool::Initialize(uintptr_t ptr, size_t length) {
PA_CHECK(!(ptr & kSuperPageOffsetMask));
PA_CHECK(!(length & kSuperPageOffsetMask));
address_begin_ = ptr;
#if BUILDFLAG(PA_DCHECK_IS_ON)
#if PA_BUILDFLAG(DCHECKS_ARE_ON)
address_end_ = ptr + length;
PA_DCHECK(address_begin_ < address_end_);
#endif
@ -204,7 +203,7 @@ uintptr_t AddressPoolManager::Pool::FindChunk(size_t requested_size) {
bit_hint_ = end_bit;
}
uintptr_t address = address_begin_ + beg_bit * kSuperPageSize;
#if BUILDFLAG(PA_DCHECK_IS_ON)
#if PA_BUILDFLAG(DCHECKS_ARE_ON)
PA_DCHECK(address + requested_size <= address_end_);
#endif
return address;
@ -246,7 +245,7 @@ void AddressPoolManager::Pool::FreeChunk(uintptr_t address, size_t free_size) {
PA_DCHECK(!(free_size & kSuperPageOffsetMask));
PA_DCHECK(address_begin_ <= address);
#if BUILDFLAG(PA_DCHECK_IS_ON)
#if PA_BUILDFLAG(DCHECKS_ARE_ON)
PA_DCHECK(address + free_size <= address_end_);
#endif
@ -301,19 +300,19 @@ void AddressPoolManager::GetPoolStats(const pool_handle handle,
bool AddressPoolManager::GetStats(AddressSpaceStats* stats) {
// Get 64-bit pool stats.
GetPoolStats(kRegularPoolHandle, &stats->regular_pool_stats);
#if BUILDFLAG(ENABLE_BACKUP_REF_PTR_SUPPORT)
#if PA_BUILDFLAG(ENABLE_BACKUP_REF_PTR_SUPPORT)
GetPoolStats(kBRPPoolHandle, &stats->brp_pool_stats);
#endif // BUILDFLAG(ENABLE_BACKUP_REF_PTR_SUPPORT)
#endif // PA_BUILDFLAG(ENABLE_BACKUP_REF_PTR_SUPPORT)
if (IsConfigurablePoolAvailable()) {
GetPoolStats(kConfigurablePoolHandle, &stats->configurable_pool_stats);
}
#if BUILDFLAG(ENABLE_THREAD_ISOLATION)
#if PA_BUILDFLAG(ENABLE_THREAD_ISOLATION)
GetPoolStats(kThreadIsolatedPoolHandle, &stats->thread_isolated_pool_stats);
#endif
return true;
}
#else // BUILDFLAG(HAS_64_BIT_POINTERS)
#else // PA_BUILDFLAG(HAS_64_BIT_POINTERS)
static_assert(
kSuperPageSize % AddressPoolManagerBitmap::kBytesPer1BitOfBRPPoolBitmap ==
@ -380,7 +379,7 @@ void AddressPoolManager::MarkUsed(pool_handle handle,
size_t length) {
ScopedGuard scoped_lock(AddressPoolManagerBitmap::GetLock());
// When ENABLE_BACKUP_REF_PTR_SUPPORT is off, BRP pool isn't used.
#if BUILDFLAG(ENABLE_BACKUP_REF_PTR_SUPPORT)
#if PA_BUILDFLAG(ENABLE_BACKUP_REF_PTR_SUPPORT)
if (handle == kBRPPoolHandle) {
PA_DCHECK(
(length % AddressPoolManagerBitmap::kBytesPer1BitOfBRPPoolBitmap) == 0);
@ -412,7 +411,7 @@ void AddressPoolManager::MarkUsed(pool_handle handle,
(length >> AddressPoolManagerBitmap::kBitShiftOfBRPPoolBitmap) -
AddressPoolManagerBitmap::kGuardBitsOfBRPPoolBitmap);
} else
#endif // BUILDFLAG(ENABLE_BACKUP_REF_PTR_SUPPORT)
#endif // PA_BUILDFLAG(ENABLE_BACKUP_REF_PTR_SUPPORT)
{
PA_DCHECK(handle == kRegularPoolHandle);
PA_DCHECK(
@ -434,7 +433,7 @@ void AddressPoolManager::MarkUnused(pool_handle handle,
ScopedGuard scoped_lock(AddressPoolManagerBitmap::GetLock());
// When ENABLE_BACKUP_REF_PTR_SUPPORT is off, BRP pool isn't used.
#if BUILDFLAG(ENABLE_BACKUP_REF_PTR_SUPPORT)
#if PA_BUILDFLAG(ENABLE_BACKUP_REF_PTR_SUPPORT)
if (handle == kBRPPoolHandle) {
PA_DCHECK(
(length % AddressPoolManagerBitmap::kBytesPer1BitOfBRPPoolBitmap) == 0);
@ -449,7 +448,7 @@ void AddressPoolManager::MarkUnused(pool_handle handle,
(length >> AddressPoolManagerBitmap::kBitShiftOfBRPPoolBitmap) -
AddressPoolManagerBitmap::kGuardBitsOfBRPPoolBitmap);
} else
#endif // BUILDFLAG(ENABLE_BACKUP_REF_PTR_SUPPORT)
#endif // PA_BUILDFLAG(ENABLE_BACKUP_REF_PTR_SUPPORT)
{
PA_DCHECK(handle == kRegularPoolHandle);
PA_DCHECK(
@ -520,7 +519,7 @@ bool AddressPoolManager::GetStats(AddressSpaceStats* stats) {
// Get 32-bit pool usage.
stats->regular_pool_stats.usage =
CountUsedSuperPages(regular_pool_bits, kRegularPoolBitsPerSuperPage);
#if BUILDFLAG(ENABLE_BACKUP_REF_PTR_SUPPORT)
#if PA_BUILDFLAG(ENABLE_BACKUP_REF_PTR_SUPPORT)
static_assert(
kSuperPageSize % AddressPoolManagerBitmap::kBytesPer1BitOfBRPPoolBitmap ==
0,
@ -542,11 +541,11 @@ bool AddressPoolManager::GetStats(AddressSpaceStats* stats) {
stats->blocklist_hit_count =
AddressPoolManagerBitmap::blocklist_hit_count_.load(
std::memory_order_relaxed);
#endif // BUILDFLAG(ENABLE_BACKUP_REF_PTR_SUPPORT)
#endif // PA_BUILDFLAG(ENABLE_BACKUP_REF_PTR_SUPPORT)
return true;
}
#endif // BUILDFLAG(HAS_64_BIT_POINTERS)
#endif // PA_BUILDFLAG(HAS_64_BIT_POINTERS)
void AddressPoolManager::DumpStats(AddressSpaceStatsDumper* dumper) {
AddressSpaceStats stats{};
@ -555,9 +554,9 @@ void AddressPoolManager::DumpStats(AddressSpaceStatsDumper* dumper) {
}
}
#if BUILDFLAG(ENABLE_THREAD_ISOLATION)
#if PA_BUILDFLAG(ENABLE_THREAD_ISOLATION)
// This function just exists to static_assert the layout of the private fields
// in Pool.
// in Pool. It is never called.
void AddressPoolManager::AssertThreadIsolatedLayout() {
constexpr size_t last_pool_offset =
offsetof(AddressPoolManager, pools_) + sizeof(Pool) * (kNumPools - 1);
@ -566,6 +565,6 @@ void AddressPoolManager::AssertThreadIsolatedLayout() {
static_assert(alloc_bitset_offset % PA_THREAD_ISOLATED_ALIGN_SZ == 0);
static_assert(sizeof(AddressPoolManager) % PA_THREAD_ISOLATED_ALIGN_SZ == 0);
}
#endif // BUILDFLAG(ENABLE_THREAD_ISOLATION)
#endif // PA_BUILDFLAG(ENABLE_THREAD_ISOLATION)
} // namespace partition_alloc::internal

41
src/base/allocator/partition_allocator/src/partition_alloc/address_pool_manager.h
View file

@ -2,27 +2,26 @@
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef BASE_ALLOCATOR_PARTITION_ALLOCATOR_SRC_PARTITION_ALLOC_ADDRESS_POOL_MANAGER_H_
#define BASE_ALLOCATOR_PARTITION_ALLOCATOR_SRC_PARTITION_ALLOC_ADDRESS_POOL_MANAGER_H_
#ifndef PARTITION_ALLOC_ADDRESS_POOL_MANAGER_H_
#define PARTITION_ALLOC_ADDRESS_POOL_MANAGER_H_
#include <bitset>
#include <limits>
#include "build/build_config.h"
#include "partition_alloc/address_pool_manager_types.h"
#include "partition_alloc/build_config.h"
#include "partition_alloc/buildflags.h"
#include "partition_alloc/partition_address_space.h"
#include "partition_alloc/partition_alloc_base/compiler_specific.h"
#include "partition_alloc/partition_alloc_base/component_export.h"
#include "partition_alloc/partition_alloc_base/debug/debugging_buildflags.h"
#include "partition_alloc/partition_alloc_base/thread_annotations.h"
#include "partition_alloc/partition_alloc_buildflags.h"
#include "partition_alloc/partition_alloc_check.h"
#include "partition_alloc/partition_alloc_constants.h"
#include "partition_alloc/partition_lock.h"
#include "partition_alloc/thread_isolation/alignment.h"
#include "partition_alloc/thread_isolation/thread_isolation.h"
#if !BUILDFLAG(HAS_64_BIT_POINTERS)
#if !PA_BUILDFLAG(HAS_64_BIT_POINTERS)
#include "partition_alloc/address_pool_manager_bitmap.h"
#endif
@ -59,7 +58,7 @@ class PA_COMPONENT_EXPORT(PARTITION_ALLOC)
AddressPoolManager(const AddressPoolManager&) = delete;
AddressPoolManager& operator=(const AddressPoolManager&) = delete;
#if BUILDFLAG(HAS_64_BIT_POINTERS)
#if PA_BUILDFLAG(HAS_64_BIT_POINTERS)
void Add(pool_handle handle, uintptr_t address, size_t length);
void Remove(pool_handle handle);
@ -69,7 +68,7 @@ class PA_COMPONENT_EXPORT(PARTITION_ALLOC)
// Return the base address of a pool.
uintptr_t GetPoolBaseAddress(pool_handle handle);
#endif // BUILDFLAG(HAS_64_BIT_POINTERS)
#endif // PA_BUILDFLAG(HAS_64_BIT_POINTERS)
// Reserves address space from the pool.
uintptr_t Reserve(pool_handle handle,
@ -82,7 +81,7 @@ class PA_COMPONENT_EXPORT(PARTITION_ALLOC)
size_t length);
void ResetForTesting();
#if !BUILDFLAG(HAS_64_BIT_POINTERS)
#if !PA_BUILDFLAG(HAS_64_BIT_POINTERS)
void MarkUsed(pool_handle handle, uintptr_t address, size_t size);
void MarkUnused(pool_handle handle, uintptr_t address, size_t size);
@ -93,13 +92,13 @@ class PA_COMPONENT_EXPORT(PARTITION_ALLOC)
static bool IsManagedByBRPPool(uintptr_t address) {
return AddressPoolManagerBitmap::IsManagedByBRPPool(address);
}
#endif // !BUILDFLAG(HAS_64_BIT_POINTERS)
#endif // !PA_BUILDFLAG(HAS_64_BIT_POINTERS)
void DumpStats(AddressSpaceStatsDumper* dumper);
private:
friend class AddressPoolManagerForTesting;
#if BUILDFLAG(ENABLE_THREAD_ISOLATION)
#if PA_BUILDFLAG(ENABLE_THREAD_ISOLATION)
// If we use a thread isolated pool, we need to write-protect its metadata.
// Allow the function to get access to the pool pointer.
friend void WriteProtectThreadIsolatedGlobals(ThreadIsolationOption);
@ -113,11 +112,13 @@ class PA_COMPONENT_EXPORT(PARTITION_ALLOC)
// if PartitionAlloc is wholly unused in this process.)
bool GetStats(AddressSpaceStats* stats);
#if BUILDFLAG(ENABLE_THREAD_ISOLATION)
#if PA_BUILDFLAG(ENABLE_THREAD_ISOLATION)
// This function just exists to static_assert the layout of the private fields
// in Pool. It is never called.
static void AssertThreadIsolatedLayout();
#endif // BUILDFLAG(ENABLE_THREAD_ISOLATION)
#endif // PA_BUILDFLAG(ENABLE_THREAD_ISOLATION)
#if BUILDFLAG(HAS_64_BIT_POINTERS)
#if PA_BUILDFLAG(HAS_64_BIT_POINTERS)
class Pool {
public:
@ -162,14 +163,14 @@ class PA_COMPONENT_EXPORT(PARTITION_ALLOC)
size_t total_bits_ = 0;
uintptr_t address_begin_ = 0;
#if BUILDFLAG(PA_DCHECK_IS_ON)
#if PA_BUILDFLAG(DCHECKS_ARE_ON)
uintptr_t address_end_ = 0;
#endif
#if BUILDFLAG(ENABLE_THREAD_ISOLATION)
#if PA_BUILDFLAG(ENABLE_THREAD_ISOLATION)
friend class AddressPoolManager;
friend void WriteProtectThreadIsolatedGlobals(ThreadIsolationOption);
#endif // BUILDFLAG(ENABLE_THREAD_ISOLATION)
#endif // PA_BUILDFLAG(ENABLE_THREAD_ISOLATION)
};
PA_ALWAYS_INLINE Pool* GetPool(pool_handle handle) {
@ -199,11 +200,11 @@ class PA_COMPONENT_EXPORT(PARTITION_ALLOC)
#endif
Pool pools_[kNumPools];
#endif // BUILDFLAG(HAS_64_BIT_POINTERS)
#endif // PA_BUILDFLAG(HAS_64_BIT_POINTERS)
static PA_CONSTINIT AddressPoolManager singleton_;
PA_CONSTINIT static AddressPoolManager singleton_;
};
} // namespace partition_alloc::internal
#endif // BASE_ALLOCATOR_PARTITION_ALLOCATOR_SRC_PARTITION_ALLOC_ADDRESS_POOL_MANAGER_H_
#endif // PARTITION_ALLOC_ADDRESS_POOL_MANAGER_H_

10
src/base/allocator/partition_allocator/src/partition_alloc/address_pool_manager_bitmap.cc
View file

@ -4,10 +4,10 @@
#include "partition_alloc/address_pool_manager_bitmap.h"
#include "partition_alloc/partition_alloc_buildflags.h"
#include "partition_alloc/buildflags.h"
#include "partition_alloc/partition_alloc_constants.h"
#if !BUILDFLAG(HAS_64_BIT_POINTERS)
#if !PA_BUILDFLAG(HAS_64_BIT_POINTERS)
namespace partition_alloc::internal {
@ -25,13 +25,13 @@ std::bitset<AddressPoolManagerBitmap::kRegularPoolBits>
AddressPoolManagerBitmap::regular_pool_bits_; // GUARDED_BY(GetLock())
std::bitset<AddressPoolManagerBitmap::kBRPPoolBits>
AddressPoolManagerBitmap::brp_pool_bits_; // GUARDED_BY(GetLock())
#if BUILDFLAG(ENABLE_BACKUP_REF_PTR_SUPPORT)
#if PA_BUILDFLAG(ENABLE_BACKUP_REF_PTR_SUPPORT)
std::array<std::atomic_bool,
AddressPoolManagerBitmap::kAddressSpaceSize / kSuperPageSize>
AddressPoolManagerBitmap::brp_forbidden_super_page_map_;
std::atomic_size_t AddressPoolManagerBitmap::blocklist_hit_count_;
#endif // BUILDFLAG(ENABLE_BACKUP_REF_PTR_SUPPORT)
#endif // PA_BUILDFLAG(ENABLE_BACKUP_REF_PTR_SUPPORT)
} // namespace partition_alloc::internal
#endif // !BUILDFLAG(HAS_64_BIT_POINTERS)
#endif // !PA_BUILDFLAG(HAS_64_BIT_POINTERS)

26
src/base/allocator/partition_allocator/src/partition_alloc/address_pool_manager_bitmap.h
View file

@ -2,23 +2,23 @@
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef BASE_ALLOCATOR_PARTITION_ALLOCATOR_SRC_PARTITION_ALLOC_ADDRESS_POOL_MANAGER_BITMAP_H_
#define BASE_ALLOCATOR_PARTITION_ALLOCATOR_SRC_PARTITION_ALLOC_ADDRESS_POOL_MANAGER_BITMAP_H_
#ifndef PARTITION_ALLOC_ADDRESS_POOL_MANAGER_BITMAP_H_
#define PARTITION_ALLOC_ADDRESS_POOL_MANAGER_BITMAP_H_
#include <array>
#include <atomic>
#include <bitset>
#include <limits>
#include "build/build_config.h"
#include "partition_alloc/build_config.h"
#include "partition_alloc/buildflags.h"
#include "partition_alloc/partition_alloc_base/compiler_specific.h"
#include "partition_alloc/partition_alloc_base/component_export.h"
#include "partition_alloc/partition_alloc_buildflags.h"
#include "partition_alloc/partition_alloc_check.h"
#include "partition_alloc/partition_alloc_constants.h"
#include "partition_alloc/partition_lock.h"
#if !BUILDFLAG(HAS_64_BIT_POINTERS)
#if !PA_BUILDFLAG(HAS_64_BIT_POINTERS)
namespace partition_alloc {
@ -102,7 +102,7 @@ class PA_COMPONENT_EXPORT(PARTITION_ALLOC) AddressPoolManagerBitmap {
brp_pool_bits_)[address >> kBitShiftOfBRPPoolBitmap];
}
#if BUILDFLAG(ENABLE_BACKUP_REF_PTR_SUPPORT)
#if PA_BUILDFLAG(ENABLE_BACKUP_REF_PTR_SUPPORT)
static void BanSuperPageFromBRPPool(uintptr_t address) {
brp_forbidden_super_page_map_[address >> kSuperPageShift].store(
true, std::memory_order_relaxed);
@ -126,7 +126,7 @@ class PA_COMPONENT_EXPORT(PARTITION_ALLOC) AddressPoolManagerBitmap {
}
static void IncrementBlocklistHitCount() { ++blocklist_hit_count_; }
#endif // BUILDFLAG(ENABLE_BACKUP_REF_PTR_SUPPORT)
#endif // PA_BUILDFLAG(ENABLE_BACKUP_REF_PTR_SUPPORT)
private:
friend class AddressPoolManager;
@ -136,11 +136,11 @@ class PA_COMPONENT_EXPORT(PARTITION_ALLOC) AddressPoolManagerBitmap {
static std::bitset<kRegularPoolBits> regular_pool_bits_
PA_GUARDED_BY(GetLock());
static std::bitset<kBRPPoolBits> brp_pool_bits_ PA_GUARDED_BY(GetLock());
#if BUILDFLAG(ENABLE_BACKUP_REF_PTR_SUPPORT)
#if PA_BUILDFLAG(ENABLE_BACKUP_REF_PTR_SUPPORT)
static std::array<std::atomic_bool, kAddressSpaceSize / kSuperPageSize>
brp_forbidden_super_page_map_;
static std::atomic_size_t blocklist_hit_count_;
#endif // BUILDFLAG(ENABLE_BACKUP_REF_PTR_SUPPORT)
#endif // PA_BUILDFLAG(ENABLE_BACKUP_REF_PTR_SUPPORT)
};
} // namespace internal
@ -150,11 +150,11 @@ PA_ALWAYS_INLINE bool IsManagedByPartitionAlloc(uintptr_t address) {
// When ENABLE_BACKUP_REF_PTR_SUPPORT is off, BRP pool isn't used.
// No need to add IsManagedByConfigurablePool, because Configurable Pool
// doesn't exist on 32-bit.
#if !BUILDFLAG(ENABLE_BACKUP_REF_PTR_SUPPORT)
#if !PA_BUILDFLAG(ENABLE_BACKUP_REF_PTR_SUPPORT)
PA_DCHECK(!internal::AddressPoolManagerBitmap::IsManagedByBRPPool(address));
#endif
return internal::AddressPoolManagerBitmap::IsManagedByRegularPool(address)
#if BUILDFLAG(ENABLE_BACKUP_REF_PTR_SUPPORT)
#if PA_BUILDFLAG(ENABLE_BACKUP_REF_PTR_SUPPORT)
|| internal::AddressPoolManagerBitmap::IsManagedByBRPPool(address)
#endif
;
@ -184,6 +184,6 @@ PA_ALWAYS_INLINE bool IsConfigurablePoolAvailable() {
} // namespace partition_alloc
#endif // !BUILDFLAG(HAS_64_BIT_POINTERS)
#endif // !PA_BUILDFLAG(HAS_64_BIT_POINTERS)
#endif // BASE_ALLOCATOR_PARTITION_ALLOCATOR_SRC_PARTITION_ALLOC_ADDRESS_POOL_MANAGER_BITMAP_H_
#endif // PARTITION_ALLOC_ADDRESS_POOL_MANAGER_BITMAP_H_

6
src/base/allocator/partition_allocator/src/partition_alloc/address_pool_manager_types.h
View file

@ -2,8 +2,8 @@
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef BASE_ALLOCATOR_PARTITION_ALLOCATOR_SRC_PARTITION_ALLOC_ADDRESS_POOL_MANAGER_TYPES_H_
#define BASE_ALLOCATOR_PARTITION_ALLOCATOR_SRC_PARTITION_ALLOC_ADDRESS_POOL_MANAGER_TYPES_H_
#ifndef PARTITION_ALLOC_ADDRESS_POOL_MANAGER_TYPES_H_
#define PARTITION_ALLOC_ADDRESS_POOL_MANAGER_TYPES_H_
namespace partition_alloc::internal {
@ -11,4 +11,4 @@ enum pool_handle : unsigned;
} // namespace partition_alloc::internal
#endif // BASE_ALLOCATOR_PARTITION_ALLOCATOR_SRC_PARTITION_ALLOC_ADDRESS_POOL_MANAGER_TYPES_H_
#endif // PARTITION_ALLOC_ADDRESS_POOL_MANAGER_TYPES_H_

16
src/base/allocator/partition_allocator/src/partition_alloc/address_space_randomization.cc
View file

@ -4,12 +4,12 @@
#include "partition_alloc/address_space_randomization.h"
#include "build/build_config.h"
#include "partition_alloc/partition_alloc_buildflags.h"
#include "partition_alloc/build_config.h"
#include "partition_alloc/buildflags.h"
#include "partition_alloc/partition_alloc_check.h"
#include "partition_alloc/random.h"
#if BUILDFLAG(IS_WIN)
#if PA_BUILDFLAG(IS_WIN)
#include <windows.h>
#endif
@ -18,7 +18,7 @@ namespace partition_alloc {
uintptr_t GetRandomPageBase() {
uintptr_t random = static_cast<uintptr_t>(internal::RandomValue());
#if BUILDFLAG(HAS_64_BIT_POINTERS)
#if PA_BUILDFLAG(HAS_64_BIT_POINTERS)
random <<= 32ULL;
random |= static_cast<uintptr_t>(internal::RandomValue());
@ -26,8 +26,8 @@ uintptr_t GetRandomPageBase() {
// OS and build configuration.
random &= internal::ASLRMask();
random += internal::ASLROffset();
#else // BUILDFLAG(HAS_64_BIT_POINTERS)
#if BUILDFLAG(IS_WIN)
#else // PA_BUILDFLAG(HAS_64_BIT_POINTERS)
#if PA_BUILDFLAG(IS_WIN)
// On win32 host systems the randomization plus huge alignment causes
// excessive fragmentation. Plus most of these systems lack ASLR, so the
// randomization isn't buying anything. In that case we just skip it.
@ -39,10 +39,10 @@ uintptr_t GetRandomPageBase() {
if (!is_wow64) {
return 0;
}
#endif // BUILDFLAG(IS_WIN)
#endif // PA_BUILDFLAG(IS_WIN)
random &= internal::ASLRMask();
random += internal::ASLROffset();
#endif // BUILDFLAG(HAS_64_BIT_POINTERS)
#endif // PA_BUILDFLAG(HAS_64_BIT_POINTERS)
PA_DCHECK(!(random & internal::PageAllocationGranularityOffsetMask()));
return random;

85
src/base/allocator/partition_allocator/src/partition_alloc/address_space_randomization.h
View file

@ -2,12 +2,12 @@
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef BASE_ALLOCATOR_PARTITION_ALLOCATOR_SRC_PARTITION_ALLOC_ADDRESS_SPACE_RANDOMIZATION_H_
#define BASE_ALLOCATOR_PARTITION_ALLOCATOR_SRC_PARTITION_ALLOC_ADDRESS_SPACE_RANDOMIZATION_H_
#ifndef PARTITION_ALLOC_ADDRESS_SPACE_RANDOMIZATION_H_
#define PARTITION_ALLOC_ADDRESS_SPACE_RANDOMIZATION_H_
#include <cstdint>
#include "build/build_config.h"
#include "partition_alloc/build_config.h"
#include "partition_alloc/page_allocator_constants.h"
#include "partition_alloc/partition_alloc_base/compiler_specific.h"
#include "partition_alloc/partition_alloc_base/component_export.h"
@ -36,7 +36,7 @@ AslrMask(uintptr_t bits) {
//
// clang-format off
#if defined(ARCH_CPU_64_BITS)
#if PA_BUILDFLAG(PA_ARCH_CPU_64_BITS)
#if defined(MEMORY_TOOL_REPLACES_ALLOCATOR)
@ -54,7 +54,7 @@ AslrMask(uintptr_t bits) {
return AslrAddress(0x7e8000000000ULL);
}
#elif BUILDFLAG(IS_WIN)
#elif PA_BUILDFLAG(IS_WIN)
// Windows 8.10 and newer support the full 48 bit address range. Since
// ASLROffset() is non-zero and may cause a carry, use 47 bit masks. See
@ -67,7 +67,7 @@ AslrMask(uintptr_t bits) {
return 0x80000000ULL;
}
#elif BUILDFLAG(IS_APPLE)
#elif PA_BUILDFLAG(IS_APPLE)
// macOS as of 10.12.5 does not clean up entries in page map levels 3/4
// [PDP/PML4] created from mmap or mach_vm_allocate, even after the region
@ -80,8 +80,8 @@ AslrMask(uintptr_t bits) {
// https://chromium-review.googlesource.com/c/v8/v8/+/557958. The difference
// is that here we clamp to 39 bits, not 32.
//
// TODO(crbug.com/738925): Remove this limitation if/when the macOS behavior
// changes.
// TODO(crbug.com/40528509): Remove this limitation if/when the macOS
// behavior changes.
PA_ALWAYS_INLINE PAGE_ALLOCATOR_CONSTANTS_DECLARE_CONSTEXPR uintptr_t
ASLRMask() {
return AslrMask(38);
@ -98,9 +98,9 @@ AslrMask(uintptr_t bits) {
return AslrAddress(0x10000000000ULL);
}
#elif BUILDFLAG(IS_POSIX) || BUILDFLAG(IS_FUCHSIA)
#elif PA_BUILDFLAG(IS_POSIX) || PA_BUILDFLAG(IS_FUCHSIA)
#if defined(ARCH_CPU_X86_64)
#if PA_BUILDFLAG(PA_ARCH_CPU_X86_64)
// Linux (and macOS) support the full 47-bit user space of x64 processors.
// Use only 46 to allow the kernel a chance to fulfill the request.
@ -113,10 +113,7 @@ AslrMask(uintptr_t bits) {
return AslrAddress(0);
}
#elif defined(ARCH_CPU_ARM64)
#if BUILDFLAG(IS_ANDROID)
#elif PA_BUILDFLAG(IS_ANDROID) && (PA_BUILDFLAG(PA_ARCH_CPU_ARM64) || PA_BUILDFLAG(PA_ARCH_CPU_RISCV64))
// Restrict the address range on Android to avoid a large performance
// regression in single-process WebViews. See https://crbug.com/837640.
PA_ALWAYS_INLINE PAGE_ALLOCATOR_CONSTANTS_DECLARE_CONSTEXPR uintptr_t
@ -127,8 +124,8 @@ AslrMask(uintptr_t bits) {
ASLROffset() {
return AslrAddress(0x20000000ULL);
}
#elif BUILDFLAG(IS_LINUX)
#elif PA_BUILDFLAG(PA_ARCH_CPU_ARM64)
#if PA_BUILDFLAG(IS_LINUX)
// Linux on arm64 can use 39, 42, 48, or 52-bit user space, depending on
// page size and number of levels of translation pages used. We use
@ -156,9 +153,9 @@ AslrMask(uintptr_t bits) {
#endif
#elif defined(ARCH_CPU_PPC64)
#elif PA_BUILDFLAG(PA_ARCH_CPU_PPC64)
#if BUILDFLAG(IS_AIX)
#if PA_BUILDFLAG(IS_AIX)
// AIX has 64 bits of virtual addressing, but we limit the address range
// to (a) minimize segment lookaside buffer (SLB) misses; and (b) use
@ -170,7 +167,7 @@ AslrMask(uintptr_t bits) {
return AslrAddress(0x400000000000ULL);
}
#elif defined(ARCH_CPU_BIG_ENDIAN)
#elif PA_BUILDFLAG(PA_ARCH_CPU_BIG_ENDIAN)
// Big-endian Linux PPC has 44 bits of virtual addressing. Use 42.
PA_ALWAYS_INLINE constexpr uintptr_t ASLRMask() {
@ -180,9 +177,19 @@ AslrMask(uintptr_t bits) {
return AslrAddress(0);
}
#else // !BUILDFLAG(IS_AIX) && !defined(ARCH_CPU_BIG_ENDIAN)
#else // !PA_BUILDFLAG(IS_AIX) && !PA_BUILDFLAG(PA_ARCH_CPU_BIG_ENDIAN)
#if PA_BUILDFLAG(IS_LINUX)
// Little-endian Linux PPC has 48 bits of virtual addressing. Use 46.
PA_ALWAYS_INLINE PAGE_ALLOCATOR_CONSTANTS_DECLARE_CONSTEXPR uintptr_t ASLRMask() {
return AslrMask(46);
}
PA_ALWAYS_INLINE PAGE_ALLOCATOR_CONSTANTS_DECLARE_CONSTEXPR uintptr_t ASLROffset() {
return AslrAddress(0);
}
#else
PA_ALWAYS_INLINE constexpr uintptr_t ASLRMask() {
return AslrMask(46);
}
@ -190,9 +197,11 @@ AslrMask(uintptr_t bits) {
return AslrAddress(0);
}
#endif // !BUILDFLAG(IS_AIX) && !defined(ARCH_CPU_BIG_ENDIAN)
#endif
#elif defined(ARCH_CPU_S390X)
#endif // !PA_BUILDFLAG(IS_AIX) && !PA_BUILDFLAG(PA_ARCH_CPU_BIG_ENDIAN)
#elif PA_BUILDFLAG(PA_ARCH_CPU_S390X)
// Linux on Z uses bits 22 - 32 for Region Indexing, which translates to
// 42 bits of virtual addressing. Truncate to 40 bits to allow kernel a
@ -204,7 +213,7 @@ AslrMask(uintptr_t bits) {
return AslrAddress(0);
}
#elif defined(ARCH_CPU_S390)
#elif PA_BUILDFLAG(PA_ARCH_CPU_S390)
// 31 bits of virtual addressing. Truncate to 29 bits to allow the kernel
// a chance to fulfill the request.
@ -215,15 +224,16 @@ AslrMask(uintptr_t bits) {
return AslrAddress(0);
}
#else // !defined(ARCH_CPU_X86_64) && !defined(ARCH_CPU_PPC64) &&
// !defined(ARCH_CPU_S390X) && !defined(ARCH_CPU_S390)
#else // !PA_BUILDFLAG(PA_ARCH_CPU_X86_64) && !PA_BUILDFLAG(PA_ARCH_CPU_PPC64) &&
// !PA_BUILDFLAG(PA_ARCH_CPU_S390X) && !PA_BUILDFLAG(PA_ARCH_CPU_S390)
// For all other POSIX variants, use 30 bits.
PA_ALWAYS_INLINE constexpr uintptr_t ASLRMask() {
PA_ALWAYS_INLINE PAGE_ALLOCATOR_CONSTANTS_DECLARE_CONSTEXPR uintptr_t
ASLRMask() {
return AslrMask(30);
}
#if BUILDFLAG(IS_SOLARIS)
#if PA_BUILDFLAG(IS_SOLARIS)
// For our Solaris/illumos mmap hint, we pick a random address in the
// bottom half of the top half of the address space (that is, the third
@ -239,7 +249,7 @@ AslrMask(uintptr_t bits) {
return AslrAddress(0x80000000ULL);
}
#elif BUILDFLAG(IS_AIX)
#elif PA_BUILDFLAG(IS_AIX)
// The range 0x30000000 - 0xD0000000 is available on AIX; choose the
// upper range.
@ -247,23 +257,24 @@ AslrMask(uintptr_t bits) {
return AslrAddress(0x90000000ULL);
}
#else // !BUILDFLAG(IS_SOLARIS) && !BUILDFLAG(IS_AIX)
#else // !PA_BUILDFLAG(IS_SOLARIS) && !PA_BUILDFLAG(IS_AIX)
// The range 0x20000000 - 0x60000000 is relatively unpopulated across a
// variety of ASLR modes (PAE kernel, NX compat mode, etc) and on macOS
// 10.6 and 10.7.
PA_ALWAYS_INLINE constexpr uintptr_t ASLROffset() {
PA_ALWAYS_INLINE PAGE_ALLOCATOR_CONSTANTS_DECLARE_CONSTEXPR uintptr_t
ASLROffset() {
return AslrAddress(0x20000000ULL);
}
#endif // !BUILDFLAG(IS_SOLARIS) && !BUILDFLAG(IS_AIX)
#endif // !PA_BUILDFLAG(IS_SOLARIS) && !PA_BUILDFLAG(IS_AIX)
#endif // !defined(ARCH_CPU_X86_64) && !defined(ARCH_CPU_PPC64) &&
// !defined(ARCH_CPU_S390X) && !defined(ARCH_CPU_S390)
#endif // !PA_BUILDFLAG(PA_ARCH_CPU_X86_64) && !PA_BUILDFLAG(PA_ARCH_CPU_PPC64) &&
// !PA_BUILDFLAG(PA_ARCH_CPU_S390X) && !PA_BUILDFLAG(PA_ARCH_CPU_S390)
#endif // BUILDFLAG(IS_POSIX)
#endif // PA_BUILDFLAG(IS_POSIX)
#elif defined(ARCH_CPU_32_BITS)
#elif PA_BUILDFLAG(PA_ARCH_CPU_32_BITS)
// This is a good range on 32-bit Windows and Android (the only platforms on
// which we support 32-bitness). Allocates in the 0.5 - 1.5 GiB region. There
@ -279,7 +290,7 @@ AslrMask(uintptr_t bits) {
#error Please tell us about your exotic hardware! Sounds interesting.
#endif // defined(ARCH_CPU_32_BITS)
#endif // PA_BUILDFLAG(PA_ARCH_CPU_32_BITS)
// clang-format on
@ -287,4 +298,4 @@ AslrMask(uintptr_t bits) {
} // namespace partition_alloc
#endif // BASE_ALLOCATOR_PARTITION_ALLOCATOR_SRC_PARTITION_ALLOC_ADDRESS_SPACE_RANDOMIZATION_H_
#endif // PARTITION_ALLOC_ADDRESS_SPACE_RANDOMIZATION_H_

24
src/base/allocator/partition_allocator/src/partition_alloc/address_space_stats.h
View file

@ -2,13 +2,13 @@
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef BASE_ALLOCATOR_PARTITION_ALLOCATOR_SRC_PARTITION_ALLOC_ADDRESS_SPACE_STATS_H_
#define BASE_ALLOCATOR_PARTITION_ALLOCATOR_SRC_PARTITION_ALLOC_ADDRESS_SPACE_STATS_H_
#ifndef PARTITION_ALLOC_ADDRESS_SPACE_STATS_H_
#define PARTITION_ALLOC_ADDRESS_SPACE_STATS_H_
#include <cstddef>
#include "partition_alloc/buildflags.h"
#include "partition_alloc/partition_alloc_base/component_export.h"
#include "partition_alloc/partition_alloc_buildflags.h"
namespace partition_alloc {
@ -19,25 +19,25 @@ struct PoolStats {
// On 32-bit, pools are mainly logical entities, intermingled with
// allocations not managed by PartitionAlloc. The "largest available
// reservation" is not possible to measure in that case.
#if BUILDFLAG(HAS_64_BIT_POINTERS)
#if PA_BUILDFLAG(HAS_64_BIT_POINTERS)
size_t largest_available_reservation = 0;
#endif
};
struct AddressSpaceStats {
PoolStats regular_pool_stats;
#if BUILDFLAG(ENABLE_BACKUP_REF_PTR_SUPPORT)
#if PA_BUILDFLAG(ENABLE_BACKUP_REF_PTR_SUPPORT)
PoolStats brp_pool_stats;
#endif // BUILDFLAG(ENABLE_BACKUP_REF_PTR_SUPPORT)
#if BUILDFLAG(HAS_64_BIT_POINTERS)
#endif // PA_BUILDFLAG(ENABLE_BACKUP_REF_PTR_SUPPORT)
#if PA_BUILDFLAG(HAS_64_BIT_POINTERS)
PoolStats configurable_pool_stats;
#else
#if BUILDFLAG(ENABLE_BACKUP_REF_PTR_SUPPORT)
#if PA_BUILDFLAG(ENABLE_BACKUP_REF_PTR_SUPPORT)
size_t blocklist_size; // measured in super pages
size_t blocklist_hit_count;
#endif // BUILDFLAG(ENABLE_BACKUP_REF_PTR_SUPPORT)
#endif // BUILDFLAG(HAS_64_BIT_POINTERS)
#if BUILDFLAG(ENABLE_THREAD_ISOLATION)
#endif // PA_BUILDFLAG(ENABLE_BACKUP_REF_PTR_SUPPORT)
#endif // PA_BUILDFLAG(HAS_64_BIT_POINTERS)
#if PA_BUILDFLAG(ENABLE_THREAD_ISOLATION)
PoolStats thread_isolated_pool_stats;
#endif
};
@ -52,4 +52,4 @@ class PA_COMPONENT_EXPORT(PARTITION_ALLOC) AddressSpaceStatsDumper {
} // namespace partition_alloc
#endif // BASE_ALLOCATOR_PARTITION_ALLOCATOR_SRC_PARTITION_ALLOC_ADDRESS_SPACE_STATS_H_
#endif // PARTITION_ALLOC_ADDRESS_SPACE_STATS_H_

1
src/base/allocator/partition_allocator/src/partition_alloc/allocation_guard.cc
View file

@ -3,6 +3,7 @@
// found in the LICENSE file.
#include "partition_alloc/allocation_guard.h"
#include "partition_alloc/partition_alloc_base/immediate_crash.h"
#include "partition_alloc/partition_alloc_config.h"

8
src/base/allocator/partition_allocator/src/partition_alloc/allocation_guard.h
View file

@ -2,10 +2,10 @@
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef BASE_ALLOCATOR_PARTITION_ALLOCATOR_SRC_PARTITION_ALLOC_ALLOCATION_GUARD_H_
#define BASE_ALLOCATOR_PARTITION_ALLOCATOR_SRC_PARTITION_ALLOC_ALLOCATION_GUARD_H_
#ifndef PARTITION_ALLOC_ALLOCATION_GUARD_H_
#define PARTITION_ALLOC_ALLOCATION_GUARD_H_
#include "build/build_config.h"
#include "partition_alloc/build_config.h"
#include "partition_alloc/partition_alloc_base/component_export.h"
#include "partition_alloc/partition_alloc_config.h"
@ -46,4 +46,4 @@ using ::partition_alloc::ScopedDisallowAllocations;
} // namespace base::internal
#endif // BASE_ALLOCATOR_PARTITION_ALLOCATOR_SRC_PARTITION_ALLOC_ALLOCATION_GUARD_H_
#endif // PARTITION_ALLOC_ALLOCATION_GUARD_H_

12
src/base/allocator/partition_allocator/src/partition_alloc/arm_bti_test_functions.h
View file

@ -2,12 +2,12 @@
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef BASE_ALLOCATOR_PARTITION_ALLOCATOR_SRC_PARTITION_ALLOC_ARM_BTI_TEST_FUNCTIONS_H_
#define BASE_ALLOCATOR_PARTITION_ALLOCATOR_SRC_PARTITION_ALLOC_ARM_BTI_TEST_FUNCTIONS_H_
#ifndef PARTITION_ALLOC_ARM_BTI_TEST_FUNCTIONS_H_
#define PARTITION_ALLOC_ARM_BTI_TEST_FUNCTIONS_H_
#include "build/build_config.h"
#include "partition_alloc/build_config.h"
#if defined(ARCH_CPU_ARM64)
#if PA_BUILDFLAG(PA_ARCH_CPU_ARM64)
extern "C" {
/**
* A valid BTI function. Jumping to this funtion should not cause any problem in
@ -26,6 +26,6 @@ int64_t arm_bti_test_function_invalid_offset(int64_t);
**/
void arm_bti_test_function_end(void);
}
#endif // defined(ARCH_CPU_ARM64)
#endif // PA_BUILDFLAG(PA_ARCH_CPU_ARM64)
#endif // BASE_ALLOCATOR_PARTITION_ALLOCATOR_SRC_PARTITION_ALLOC_ARM_BTI_TEST_FUNCTIONS_H_
#endif // PARTITION_ALLOC_ARM_BTI_TEST_FUNCTIONS_H_

508
src/base/allocator/partition_allocator/src/partition_alloc/build_config.h Normal file
View file

@ -0,0 +1,508 @@
// Copyright 2024 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef PARTITION_ALLOC_BUILD_CONFIG_H_
#define PARTITION_ALLOC_BUILD_CONFIG_H_
// This file is derived from chromium's //build/build_config.h.
//
// Differences:
// - Only the definition used by partition_alloc are included.
// - The definition can only be consumed PA_BUILDFLAG(...) macro. This avoids
// silent failure when developers forget to include this file. This avoids the
// need of a PRESUBMIT.py to enforce the inclusion of this file.
//
//
// This files contains the following definition:
//
// Operating system:
// IS_IOS / IS_AIX / IS_ASMJS / IS_FREEBSD / IS_FUCHSIA / IS_LINUX / IS_MAC /
// IS_NACL / IS_NETBSD / IS_OPENBSD / IS_QNX / IS_SOLARIS / IS_WIN
//
// Operating system family:
// IS_APPLE / IS_BSD / IS_POSIX
//
// Compiler:
// PA_COMPILER_GCC / PA_COMPILER_MSVC
//
// Processor:
// PA_ARCH_CPU_ARM64 / PA_ARCH_CPU_ARMEL / PA_ARCH_CPU_BIG_ENDIAN /
// PA_ARCH_CPU_LITTLE_ENDIAN / PA_ARCH_CPU_MIPS / PA_ARCH_CPU_MIPS64 /
// PA_ARCH_CPU_MIPS64EL / PA_ARCH_CPU_MIPSEL / PA_ARCH_CPU_PPC64 /
// PA_ARCH_CPU_RISCV64 / PA_ARCH_CPU_S390 / PA_ARCH_CPU_S390X /
// PA_ARCH_CPU_X86 / PA_ARCH_CPU_X86_64
//
// Processor Family:
// PA_ARCH_CPU_32_BITS / PA_ARCH_CPU_64_BITS / PA_ARCH_CPU_ARM_FAMILY /
// PA_ARCH_CPU_LOONGPA_ARCH64 / PA_ARCH_CPU_PPC64_FAMILY /
// PA_ARCH_CPU_S390_FAMILY / PA_ARCH_CPU_X86_FAMILY
//
// Compiler:
// PA_COMPILER_GCC / PA_COMPILER_MSVC
//
// Standard library:
// PA_LIBC_GLIBC
// Definition of PA_BUILDFLAG(...) macro.
#include "partition_alloc/buildflag.h" // IWYU pragma: export
// Definition of PA_BUILDFLAG(IS_CHROMEOS).
#include "partition_alloc/buildflags.h" // IWYU pragma: export
// Clangd does not detect PA_BUILDFLAG_INTERNAL_* indirect usage, so mark the
// header as "always_keep" to avoid "unused include" warning.
//
// IWYU pragma: always_keep
// A set of macros to use for platform detection.
#if defined(__native_client__)
// __native_client__ must be first, so that other IS_ defines are not set.
#define PA_IS_NACL
#elif PA_BUILDFLAG(IS_ANDROID)
// The IS_ANDROID PA_BUILDFLAG macro is defined in buildflags.h.
//
// PartitionAlloc's embedders (Chromium, Dawn, Pdfium, Skia) define different
// macros for Android builds: "ANDROID" or "SK_BUILD_FOR_ANDROID".
//
// To avoid relying on these external definitions, PartitionAlloc uses its own
// dedicated build flag.
#elif defined(__APPLE__)
// Only include TargetConditionals after testing ANDROID as some Android builds
// on the Mac have this header available and it's not needed unless the target
// is really an Apple platform.
#include <TargetConditionals.h>
#if defined(TARGET_OS_IPHONE) && TARGET_OS_IPHONE
#define PA_IS_IOS
#else
#define PA_IS_MAC
#endif // defined(TARGET_OS_IPHONE) && TARGET_OS_IPHONE
#elif defined(__linux__)
#if !PA_BUILDFLAG(IS_CHROMEOS)
// Do not define PA_IS_LINUX on Chrome OS build.
// The IS_CHROMEOS PA_BUILDFLAG macro is defined in buildflags.h.
#define PA_IS_LINUX
#endif // !PA_BUILDFLAG(IS_CHROMEOS)
// Include a system header to pull in features.h for glibc/uclibc macros.
#include <assert.h>
#if defined(__GLIBC__) && !defined(__UCLIBC__)
// We really are using glibc, not uClibc pretending to be glibc.
#define PA_LIBC_GLIBC
#endif
#elif defined(_WIN32)
#define PA_IS_WIN
#elif defined(__Fuchsia__)
#define PA_IS_FUCHSIA
#elif defined(__FreeBSD__)
#define PA_IS_FREEBSD
#elif defined(__NetBSD__)
#define PA_IS_NETBSD
#elif defined(__OpenBSD__)
#define PA_IS_OPENBSD
#elif defined(__sun)
#define PA_IS_SOLARIS
#elif defined(__QNXNTO__)
#define PA_IS_QNX
#elif defined(_AIX)
#define PA_IS_AIX
#elif defined(__asmjs__) || defined(__wasm__)
#define PA_IS_ASMJS
#endif
// NOTE: Adding a new port? Please follow
// https://chromium.googlesource.com/chromium/src/+/main/docs/new_port_policy.md
#if defined(PA_IS_MAC) || defined(PA_IS_IOS)
#define PA_IS_APPLE
#endif
#if defined(PA_IS_FREEBSD) || defined(PA_IS_NETBSD) || defined(PA_IS_OPENBSD)
#define PA_IS_BSD
#endif
#if defined(PA_IS_AIX) || defined(PA_IS_ASMJS) || defined(PA_IS_FREEBSD) || \
defined(PA_IS_IOS) || defined(PA_IS_LINUX) || defined(PA_IS_CHROMEOS) || \
defined(PA_IS_MAC) || defined(PA_IS_NACL) || defined(PA_IS_NETBSD) || \
defined(PA_IS_OPENBSD) || defined(PA_IS_QNX) || defined(PA_IS_SOLARIS) || \
PA_BUILDFLAG(IS_ANDROID) || PA_BUILDFLAG(IS_CHROMEOS)
#define PA_IS_POSIX
#endif
// Compiler detection. Note: clang masquerades as GCC on POSIX and as MSVC on
// Windows.
#if defined(__GNUC__)
#define PA_COMPILER_GCC
#elif defined(_MSC_VER)
#define PA_COMPILER_MSVC
#endif
// ------
// Processor architecture detection. For more info on what's defined, see:
// http://msdn.microsoft.com/en-us/library/b0084kay.aspx
// http://www.agner.org/optimize/calling_conventions.pdf
// or with gcc, run: "echo | gcc -E -dM -"
#if defined(_M_X64) || defined(__x86_64__)
#define PA_ARCH_CPU_X86_FAMILY
#define PA_ARCH_CPU_X86_64
#define PA_ARCH_CPU_64_BITS
#define PA_ARCH_CPU_LITTLE_ENDIAN
#elif defined(_M_IX86) || defined(__i386__)
#define PA_ARCH_CPU_X86_FAMILY
#define PA_ARCH_CPU_X86
#define PA_ARCH_CPU_32_BITS
#define PA_ARCH_CPU_LITTLE_ENDIAN
#elif defined(__s390x__)
#define PA_ARCH_CPU_S390_FAMILY
#define PA_ARCH_CPU_S390X
#define PA_ARCH_CPU_64_BITS
#define PA_ARCH_CPU_BIG_ENDIAN
#elif defined(__s390__)
#define PA_ARCH_CPU_S390_FAMILY
#define PA_ARCH_CPU_S390
#define PA_ARCH_CPU_BIG_ENDIAN
#elif (defined(__PPC64__) || defined(__PPC__)) && defined(__BIG_ENDIAN__)
#define PA_ARCH_CPU_PPC64_FAMILY
#define PA_ARCH_CPU_PPC64
#define PA_ARCH_CPU_64_BITS
#define PA_ARCH_CPU_BIG_ENDIAN
#elif defined(__PPC64__)
#define PA_ARCH_CPU_PPC64_FAMILY
#define PA_ARCH_CPU_PPC64
#define PA_ARCH_CPU_64_BITS
#define PA_ARCH_CPU_LITTLE_ENDIAN
#elif defined(__ARMEL__)
#define PA_ARCH_CPU_ARM_FAMILY
#define PA_ARCH_CPU_ARMEL
#define PA_ARCH_CPU_32_BITS
#define PA_ARCH_CPU_LITTLE_ENDIAN
#elif defined(__aarch64__) || defined(_M_ARM64)
#define PA_ARCH_CPU_ARM_FAMILY
#define PA_ARCH_CPU_ARM64
#define PA_ARCH_CPU_64_BITS
#define PA_ARCH_CPU_LITTLE_ENDIAN
#elif defined(__pnacl__) || defined(__asmjs__) || defined(__wasm__)
#define PA_ARCH_CPU_32_BITS
#define PA_ARCH_CPU_LITTLE_ENDIAN
#elif defined(__MIPSEL__)
#if defined(__LP64__)
#define PA_ARCH_CPU_MIPS64EL
#define PA_ARCH_CPU_64_BITS
#define PA_ARCH_CPU_LITTLE_ENDIAN
#else
#define PA_ARCH_CPU_MIPSEL
#define PA_ARCH_CPU_32_BITS
#define PA_ARCH_CPU_LITTLE_ENDIAN
#endif
#elif defined(__MIPSEB__)
#if defined(__LP64__)
#define PA_ARCH_CPU_MIPS64
#define PA_ARCH_CPU_64_BITS
#define PA_ARCH_CPU_BIG_ENDIAN
#else
#define PA_ARCH_CPU_MIPS
#define PA_ARCH_CPU_32_BITS
#define PA_ARCH_CPU_BIG_ENDIAN
#endif
#elif defined(__loongarch__)
#define PA_ARCH_CPU_LITTLE_ENDIAN
#if __loongarch_grlen == 64
#define PA_ARCH_CPU_LOONGARCH64
#define PA_ARCH_CPU_64_BITS
#else
#define PA_ARCH_CPU_32_BITS
#endif
#elif defined(__riscv) && (__riscv_xlen == 64)
#define PA_ARCH_CPU_RISCV64
#define PA_ARCH_CPU_64_BITS
#define PA_ARCH_CPU_LITTLE_ENDIAN
#endif
// The part below can be generated with the following script:
// https://paste.googleplex.com/6324671838683136
//
// It transform the defines above into PA_BUILDFLAG_INTERNAL_* defines, then
// undef the original define.
//
// Usage of PA_BUILDFLAG(...) macro is better than raw define, because it avoids
// silent failure when developers forget to include this file.
#if defined(PA_ARCH_CPU_32_BITS)
#define PA_BUILDFLAG_INTERNAL_PA_ARCH_CPU_32_BITS() (1)
#else
#define PA_BUILDFLAG_INTERNAL_PA_ARCH_CPU_32_BITS() (0)
#endif
#undef PA_ARCH_CPU_32_BITS
#if defined(PA_ARCH_CPU_64_BITS)
#define PA_BUILDFLAG_INTERNAL_PA_ARCH_CPU_64_BITS() (1)
#else
#define PA_BUILDFLAG_INTERNAL_PA_ARCH_CPU_64_BITS() (0)
#endif
#undef PA_ARCH_CPU_64_BITS
#if defined(PA_ARCH_CPU_ARM64)
#define PA_BUILDFLAG_INTERNAL_PA_ARCH_CPU_ARM64() (1)
#else
#define PA_BUILDFLAG_INTERNAL_PA_ARCH_CPU_ARM64() (0)
#endif
#undef PA_ARCH_CPU_ARM64
#if defined(PA_ARCH_CPU_ARMEL)
#define PA_BUILDFLAG_INTERNAL_PA_ARCH_CPU_ARMEL() (1)
#else
#define PA_BUILDFLAG_INTERNAL_PA_ARCH_CPU_ARMEL() (0)
#endif
#undef PA_ARCH_CPU_ARMEL
#if defined(PA_ARCH_CPU_ARM_FAMILY)
#define PA_BUILDFLAG_INTERNAL_PA_ARCH_CPU_ARM_FAMILY() (1)
#else
#define PA_BUILDFLAG_INTERNAL_PA_ARCH_CPU_ARM_FAMILY() (0)
#endif
#undef PA_ARCH_CPU_ARM_FAMILY
#if defined(PA_ARCH_CPU_BIG_ENDIAN)
#define PA_BUILDFLAG_INTERNAL_PA_ARCH_CPU_BIG_ENDIAN() (1)
#else
#define PA_BUILDFLAG_INTERNAL_PA_ARCH_CPU_BIG_ENDIAN() (0)
#endif
#undef PA_ARCH_CPU_BIG_ENDIAN
#if defined(PA_ARCH_CPU_LITTLE_ENDIAN)
#define PA_BUILDFLAG_INTERNAL_PA_ARCH_CPU_LITTLE_ENDIAN() (1)
#else
#define PA_BUILDFLAG_INTERNAL_PA_ARCH_CPU_LITTLE_ENDIAN() (0)
#endif
#undef PA_ARCH_CPU_LITTLE_ENDIAN
#if defined(PA_ARCH_CPU_LOONGARCH64)
#define PA_BUILDFLAG_INTERNAL_PA_ARCH_CPU_LOONGARCH64() (1)
#else
#define PA_BUILDFLAG_INTERNAL_PA_ARCH_CPU_LOONGARCH64() (0)
#endif
#undef PA_ARCH_CPU_LOONGARCH64
#if defined(PA_ARCH_CPU_MIPS)
#define PA_BUILDFLAG_INTERNAL_PA_ARCH_CPU_MIPS() (1)
#else
#define PA_BUILDFLAG_INTERNAL_PA_ARCH_CPU_MIPS() (0)
#endif
#undef PA_ARCH_CPU_MIPS
#if defined(PA_ARCH_CPU_MIPS64)
#define PA_BUILDFLAG_INTERNAL_PA_ARCH_CPU_MIPS64() (1)
#else
#define PA_BUILDFLAG_INTERNAL_PA_ARCH_CPU_MIPS64() (0)
#endif
#undef PA_ARCH_CPU_MIPS64
#if defined(PA_ARCH_CPU_MIPS64EL)
#define PA_BUILDFLAG_INTERNAL_PA_ARCH_CPU_MIPS64EL() (1)
#else
#define PA_BUILDFLAG_INTERNAL_PA_ARCH_CPU_MIPS64EL() (0)
#endif
#undef PA_ARCH_CPU_MIPS64EL
#if defined(PA_ARCH_CPU_MIPSEL)
#define PA_BUILDFLAG_INTERNAL_PA_ARCH_CPU_MIPSEL() (1)
#else
#define PA_BUILDFLAG_INTERNAL_PA_ARCH_CPU_MIPSEL() (0)
#endif
#undef PA_ARCH_CPU_MIPSEL
#if defined(PA_ARCH_CPU_PPC64)
#define PA_BUILDFLAG_INTERNAL_PA_ARCH_CPU_PPC64() (1)
#else
#define PA_BUILDFLAG_INTERNAL_PA_ARCH_CPU_PPC64() (0)
#endif
#undef PA_ARCH_CPU_PPC64
#if defined(PA_ARCH_CPU_PPC64_FAMILY)
#define PA_BUILDFLAG_INTERNAL_PA_ARCH_CPU_PPC64_FAMILY() (1)
#else
#define PA_BUILDFLAG_INTERNAL_PA_ARCH_CPU_PPC64_FAMILY() (0)
#endif
#undef PA_ARCH_CPU_PPC64_FAMILY
#if defined(PA_ARCH_CPU_RISCV64)
#define PA_BUILDFLAG_INTERNAL_PA_ARCH_CPU_RISCV64() (1)
#else
#define PA_BUILDFLAG_INTERNAL_PA_ARCH_CPU_RISCV64() (0)
#endif
#undef PA_ARCH_CPU_RISCV64
#if defined(PA_ARCH_CPU_S390)
#define PA_BUILDFLAG_INTERNAL_PA_ARCH_CPU_S390() (1)
#else
#define PA_BUILDFLAG_INTERNAL_PA_ARCH_CPU_S390() (0)
#endif
#undef PA_ARCH_CPU_S390
#if defined(PA_ARCH_CPU_S390_FAMILY)
#define PA_BUILDFLAG_INTERNAL_PA_ARCH_CPU_S390_FAMILY() (1)
#else
#define PA_BUILDFLAG_INTERNAL_PA_ARCH_CPU_S390_FAMILY() (0)
#endif
#undef PA_ARCH_CPU_S390_FAMILY
#if defined(PA_ARCH_CPU_S390X)
#define PA_BUILDFLAG_INTERNAL_PA_ARCH_CPU_S390X() (1)
#else
#define PA_BUILDFLAG_INTERNAL_PA_ARCH_CPU_S390X() (0)
#endif
#undef PA_ARCH_CPU_S390X
#if defined(PA_ARCH_CPU_X86)
#define PA_BUILDFLAG_INTERNAL_PA_ARCH_CPU_X86() (1)
#else
#define PA_BUILDFLAG_INTERNAL_PA_ARCH_CPU_X86() (0)
#endif
#undef PA_ARCH_CPU_X86
#if defined(PA_ARCH_CPU_X86_64)
#define PA_BUILDFLAG_INTERNAL_PA_ARCH_CPU_X86_64() (1)
#else
#define PA_BUILDFLAG_INTERNAL_PA_ARCH_CPU_X86_64() (0)
#endif
#undef PA_ARCH_CPU_X86_64
#if defined(PA_ARCH_CPU_X86_FAMILY)
#define PA_BUILDFLAG_INTERNAL_PA_ARCH_CPU_X86_FAMILY() (1)
#else
#define PA_BUILDFLAG_INTERNAL_PA_ARCH_CPU_X86_FAMILY() (0)
#endif
#undef PA_ARCH_CPU_X86_FAMILY
#if defined(PA_COMPILER_GCC)
#define PA_BUILDFLAG_INTERNAL_PA_COMPILER_GCC() (1)
#else
#define PA_BUILDFLAG_INTERNAL_PA_COMPILER_GCC() (0)
#endif
#undef PA_COMPILER_GCC
#if defined(PA_COMPILER_MSVC)
#define PA_BUILDFLAG_INTERNAL_PA_COMPILER_MSVC() (1)
#else
#define PA_BUILDFLAG_INTERNAL_PA_COMPILER_MSVC() (0)
#endif
#undef PA_COMPILER_MSVC
#if defined(PA_IS_AIX)
#define PA_BUILDFLAG_INTERNAL_IS_AIX() (1)
#else
#define PA_BUILDFLAG_INTERNAL_IS_AIX() (0)
#endif
#undef PA_IS_AIX
#if defined(PA_IS_APPLE)
#define PA_BUILDFLAG_INTERNAL_IS_APPLE() (1)
#else
#define PA_BUILDFLAG_INTERNAL_IS_APPLE() (0)
#endif
#undef PA_IS_APPLE
#if defined(PA_IS_ASMJS)
#define PA_BUILDFLAG_INTERNAL_IS_ASMJS() (1)
#else
#define PA_BUILDFLAG_INTERNAL_IS_ASMJS() (0)
#endif
#undef PA_IS_ASMJS
#if defined(PA_IS_BSD)
#define PA_BUILDFLAG_INTERNAL_IS_BSD() (1)
#else
#define PA_BUILDFLAG_INTERNAL_IS_BSD() (0)
#endif
#undef PA_IS_BSD
#if defined(PA_IS_FREEBSD)
#define PA_BUILDFLAG_INTERNAL_IS_FREEBSD() (1)
#else
#define PA_BUILDFLAG_INTERNAL_IS_FREEBSD() (0)
#endif
#undef PA_IS_FREEBSD
#if defined(PA_IS_FUCHSIA)
#define PA_BUILDFLAG_INTERNAL_IS_FUCHSIA() (1)
#else
#define PA_BUILDFLAG_INTERNAL_IS_FUCHSIA() (0)
#endif
#undef PA_IS_FUCHSIA
#if defined(PA_IS_IOS)
#define PA_BUILDFLAG_INTERNAL_IS_IOS() (1)
#else
#define PA_BUILDFLAG_INTERNAL_IS_IOS() (0)
#endif
#undef PA_IS_IOS
#if defined(PA_IS_LINUX)
#define PA_BUILDFLAG_INTERNAL_IS_LINUX() (1)
#else
#define PA_BUILDFLAG_INTERNAL_IS_LINUX() (0)
#endif
#undef PA_IS_LINUX
#if defined(PA_IS_MAC)
#define PA_BUILDFLAG_INTERNAL_IS_MAC() (1)
#else
#define PA_BUILDFLAG_INTERNAL_IS_MAC() (0)
#endif
#undef PA_IS_MAC
#if defined(PA_IS_NACL)
#define PA_BUILDFLAG_INTERNAL_IS_NACL() (1)
#else
#define PA_BUILDFLAG_INTERNAL_IS_NACL() (0)
#endif
#undef PA_IS_NACL
#if defined(PA_IS_NETBSD)
#define PA_BUILDFLAG_INTERNAL_IS_NETBSD() (1)
#else
#define PA_BUILDFLAG_INTERNAL_IS_NETBSD() (0)
#endif
#undef PA_IS_NETBSD
#if defined(PA_IS_OPENBSD)
#define PA_BUILDFLAG_INTERNAL_IS_OPENBSD() (1)
#else
#define PA_BUILDFLAG_INTERNAL_IS_OPENBSD() (0)
#endif
#undef PA_IS_OPENBSD
#if defined(PA_IS_POSIX)
#define PA_BUILDFLAG_INTERNAL_IS_POSIX() (1)
#else
#define PA_BUILDFLAG_INTERNAL_IS_POSIX() (0)
#endif
#undef PA_IS_POSIX
#if defined(PA_IS_QNX)
#define PA_BUILDFLAG_INTERNAL_IS_QNX() (1)
#else
#define PA_BUILDFLAG_INTERNAL_IS_QNX() (0)
#endif
#undef PA_IS_QNX
#if defined(PA_IS_SOLARIS)
#define PA_BUILDFLAG_INTERNAL_IS_SOLARIS() (1)
#else
#define PA_BUILDFLAG_INTERNAL_IS_SOLARIS() (0)
#endif
#undef PA_IS_SOLARIS
#if defined(PA_IS_WIN)
#define PA_BUILDFLAG_INTERNAL_IS_WIN() (1)
#else
#define PA_BUILDFLAG_INTERNAL_IS_WIN() (0)
#endif
#undef PA_IS_WIN
#if defined(PA_LIBC_GLIBC)
#define PA_BUILDFLAG_INTERNAL_PA_LIBC_GLIBC() (1)
#else
#define PA_BUILDFLAG_INTERNAL_PA_LIBC_GLIBC() (0)
#endif
#undef PA_LIBC_GLIBC
#endif // PARTITION_ALLOC_BUILD_CONFIG_H_

17
src/base/allocator/partition_allocator/src/partition_alloc/buildflag.h Normal file
View file

@ -0,0 +1,17 @@
// Copyright 2024 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef PARTITION_ALLOC_BUILDFLAG_H_
#define PARTITION_ALLOC_BUILDFLAG_H_
// This was copied from chromium's and adapted to partition_alloc.
// Please refer to chromium's //build/buildflag.h original comments.
//
// Using a different macro and internal define allows partition_alloc and
// chromium to cohabit without affecting each other.
#define PA_BUILDFLAG_CAT_INDIRECT(a, b) a##b
#define PA_BUILDFLAG_CAT(a, b) PA_BUILDFLAG_CAT_INDIRECT(a, b)
#define PA_BUILDFLAG(flag) (PA_BUILDFLAG_CAT(PA_BUILDFLAG_INTERNAL_, flag)())
#endif // PARTITION_ALLOC_BUILDFLAG_H_

121
src/base/allocator/partition_allocator/src/partition_alloc/buildflag_header.gni Normal file
View file

@ -0,0 +1,121 @@
# Copyright 2024 The Chromium Authors
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
# This was copied from chromium's and adapted to partition_alloc.
# Please refer to chromium's //build/buildflag_header.gni
# Generates a header with preprocessor defines specified by the build file.
#
# The flags are converted to function-style defines with mangled names and
# code uses an accessor macro to access the values. This is to try to
# minimize bugs where code checks whether something is defined or not, and
# the proper header isn't included, meaning the answer will always be silently
# false or might vary across the code base.
#
# In the GN template, specify build flags in the template as a list
# of strings that encode key/value pairs like this:
#
# flags = [ "ENABLE_FOO=1", "ENABLE_BAR=$enable_bar" ]
#
# The GN values "true" and "false" will be mapped to 0 and 1 for boolean
# #if flags to be expressed naturally. This means you can't directly make a
# define that generates C++ value of true or false for use in code. If you
# REALLY need this, you can also use the string "(true)" and "(false)" to
# prevent the rewriting.
# The `template` creates a closure. It is important to capture the dependency
# from outside, because the template is executed from the context of the
# invoker, who uses a different current directory.
_current_dir = get_path_info(".", "abspath")
# To check the value of the flag in C code:
#
# #include "path/to/here/header_file.h"
#
# #if PA_BUILDFLAG(ENABLE_FOO)
# ...
# #endif
#
# const char kSpamServerUrl[] = BUILDFLAG(SPAM_SERVER_URL);
#
# There will be no #define called ENABLE_FOO so if you accidentally test for
# that in an ifdef it will always be negative.
#
#
# Template parameters
#
# flags [required, list of strings]
# Flag values as described above.
#
# header [required, string]
# File name for generated header. By default, this will go in the
# generated file directory for this target, and you would include it
# with:
# #include "<path_to_this_BUILD_file>/<header>"
#
# header_dir [optional, string]
# Override the default location of the generated header. The string will
# be treated as a subdirectory of the root_gen_dir. For example:
# header_dir = "foo/bar"
# Then you can include the header as:
# #include "foo/bar/baz.h"
#
# Example
#
# pa_buildflag_header("foo_buildflags") {
# header = "foo_buildflags.h"
#
# flags = [
# # This uses the GN build flag enable_doom_melon as the definition.
# "ENABLE_DOOM_MELON=$enable_doom_melon",
#
# # This force-enables the flag.
# "ENABLE_SPACE_LASER=true",
#
# # This will expand to the quoted C string when used in source code.
# "SPAM_SERVER_URL=\"http://www.example.com/\"",
# ]
# }
template("pa_buildflag_header") {
action(target_name) {
script = "./write_buildflag_header.py"
if (defined(invoker.header_dir)) {
header_file = "${invoker.header_dir}/${invoker.header}"
} else {
# Compute the path from the root to this file.
header_file = rebase_path(".", "//") + "/${invoker.header}"
}
outputs = [ "$root_gen_dir/$header_file" ]
# Always write --flags to the file so it's not empty. Empty will confuse GN
# into thinking the response file isn't used.
response_file_contents = [ "--flags" ]
if (defined(invoker.flags)) {
response_file_contents += invoker.flags
}
args = [
"--output",
header_file, # Not rebased.
"--rulename",
get_label_info(":$target_name", "label_no_toolchain"),
"--gen-dir",
rebase_path(root_gen_dir, root_build_dir),
"--definitions",
"{{response_file_name}}",
]
forward_variables_from(invoker,
[
"deps",
"public_deps",
"testonly",
"visibility",
])
public_deps = [ "${_current_dir}:buildflag_macro" ]
}
}

7
src/base/allocator/partition_allocator/src/partition_alloc/compressed_pointer.cc
View file

@ -3,9 +3,10 @@
// found in the LICENSE file.
#include "partition_alloc/compressed_pointer.h"
#include "partition_alloc/partition_alloc_buildflags.h"
#if BUILDFLAG(ENABLE_POINTER_COMPRESSION)
#include "partition_alloc/buildflags.h"
#if PA_BUILDFLAG(ENABLE_POINTER_COMPRESSION)
namespace partition_alloc::internal {
@ -26,4 +27,4 @@ void CompressedPointerBaseGlobal::ResetBaseForTesting() {
} // namespace partition_alloc::internal
#endif // BUILDFLAG(ENABLE_POINTER_COMPRESSION)
#endif // PA_BUILDFLAG(ENABLE_POINTER_COMPRESSION)

44
src/base/allocator/partition_allocator/src/partition_alloc/compressed_pointer.h
View file

@ -2,28 +2,28 @@
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef BASE_ALLOCATOR_PARTITION_ALLOCATOR_SRC_PARTITION_ALLOC_COMPRESSED_POINTER_H_
#define BASE_ALLOCATOR_PARTITION_ALLOCATOR_SRC_PARTITION_ALLOC_COMPRESSED_POINTER_H_
#ifndef PARTITION_ALLOC_COMPRESSED_POINTER_H_
#define PARTITION_ALLOC_COMPRESSED_POINTER_H_
#include <bit>
#include <climits>
#include <type_traits>
#include "partition_alloc/buildflags.h"
#include "partition_alloc/partition_address_space.h"
#include "partition_alloc/partition_alloc_base/bits.h"
#include "partition_alloc/partition_alloc_base/compiler_specific.h"
#include "partition_alloc/partition_alloc_base/component_export.h"
#include "partition_alloc/partition_alloc_buildflags.h"
#if BUILDFLAG(ENABLE_POINTER_COMPRESSION)
#if PA_BUILDFLAG(ENABLE_POINTER_COMPRESSION)
#if !BUILDFLAG(GLUE_CORE_POOLS)
#if !PA_BUILDFLAG(GLUE_CORE_POOLS)
#error "Pointer compression only works with glued pools"
#endif
#if PA_CONFIG(DYNAMICALLY_SELECT_POOL_SIZE)
#error "Pointer compression currently supports constant pool size"
#endif
#endif // BUILDFLAG(ENABLE_POINTER_COMPRESSION)
#endif // PA_BUILDFLAG(ENABLE_POINTER_COMPRESSION)
namespace partition_alloc {
@ -33,7 +33,7 @@ template <typename T1, typename T2>
constexpr bool IsDecayedSame =
std::is_same_v<std::decay_t<T1>, std::decay_t<T2>>;
#if BUILDFLAG(ENABLE_POINTER_COMPRESSION)
#if PA_BUILDFLAG(ENABLE_POINTER_COMPRESSION)
// Pointer compression works by storing only the 'useful' 32-bit part of the
// pointer. The other half (the base) is stored in a global variable
@ -78,7 +78,7 @@ constexpr bool IsDecayedSame =
class CompressedPointerBaseGlobal final {
public:
static constexpr size_t kUsefulBits =
std::countr_zero(PartitionAddressSpace::CorePoolsSize());
base::bits::CountrZero(PartitionAddressSpace::CorePoolsSize());
static_assert(kUsefulBits >= sizeof(uint32_t) * CHAR_BIT);
static constexpr size_t kBitsToShift =
kUsefulBits - sizeof(uint32_t) * CHAR_BIT;
@ -102,11 +102,11 @@ class CompressedPointerBaseGlobal final {
static constexpr uintptr_t kUsefulBitsMask =
PartitionAddressSpace::CorePoolsSize() - 1;
static union alignas(kPartitionCachelineSize)
PA_CONSTINIT static union alignas(kPartitionCachelineSize)
PA_COMPONENT_EXPORT(PARTITION_ALLOC) Base {
uintptr_t base;
char cache_line[kPartitionCachelineSize];
} g_base_ PA_CONSTINIT;
} g_base_;
PA_ALWAYS_INLINE static bool IsBaseConsistent() {
return kUsefulBitsMask == (g_base_.base & kUsefulBitsMask);
@ -118,11 +118,11 @@ class CompressedPointerBaseGlobal final {
friend class PartitionAddressSpace;
};
#endif // BUILDFLAG(ENABLE_POINTER_COMPRESSION)
#endif // PA_BUILDFLAG(ENABLE_POINTER_COMPRESSION)
} // namespace internal
#if BUILDFLAG(ENABLE_POINTER_COMPRESSION)
#if PA_BUILDFLAG(ENABLE_POINTER_COMPRESSION)
template <typename T>
class PA_TRIVIAL_ABI CompressedPointer final {
@ -150,7 +150,7 @@ class PA_TRIVIAL_ABI CompressedPointer final {
} else {
// When the types are different, perform the round, because the pointer
// may need to be adjusted.
// TODO(1376980): Avoid the cycle here.
// TODO(crbug.com/40243421): Avoid the cycle here.
value_ = Compress(other.get());
}
}
@ -232,7 +232,7 @@ class PA_TRIVIAL_ABI CompressedPointer final {
static constexpr size_t kMinimalRequiredAlignment = 8;
static_assert((1 << kOverallBitsToShift) == kMinimalRequiredAlignment);
#if BUILDFLAG(PA_DCHECK_IS_ON)
#if PA_BUILDFLAG(DCHECKS_ARE_ON)
PA_DCHECK(reinterpret_cast<uintptr_t>(ptr) % kMinimalRequiredAlignment ==
0);
PA_DCHECK(internal::CompressedPointerBaseGlobal::IsSet());
@ -243,7 +243,7 @@ class PA_TRIVIAL_ABI CompressedPointer final {
PA_DCHECK(!ptr ||
(base & kCorePoolsBaseMask) ==
(reinterpret_cast<uintptr_t>(ptr) & kCorePoolsBaseMask));
#endif // BUILDFLAG(PA_DCHECK_IS_ON)
#endif // PA_BUILDFLAG(DCHECKS_ARE_ON)
const auto uptr = reinterpret_cast<uintptr_t>(ptr);
// Shift the pointer and truncate.
@ -252,7 +252,7 @@ class PA_TRIVIAL_ABI CompressedPointer final {
// it on decompression. Assuming compression is a significantly less
// frequent operation, we let more work here in favor of faster
// decompression.
// TODO(1376980): Avoid this by overreserving the heap.
// TODO(crbug.com/40243421): Avoid this by overreserving the heap.
if (compressed) {
compressed |= (1u << (sizeof(uint32_t) * CHAR_BIT - 1));
}
@ -292,7 +292,7 @@ PA_ALWAYS_INLINE bool operator==(CompressedPointer<T> a,
} else {
// When the types are different, compare decompressed pointers, because the
// pointers may need to be adjusted.
// TODO(1376980): Avoid decompression here.
// TODO(crbug.com/40243421): Avoid decompression here.
return a.get() == b.get();
}
}
@ -361,7 +361,7 @@ PA_ALWAYS_INLINE constexpr bool operator<(CompressedPointer<T> a,
} else {
// When the types are different, compare decompressed pointers, because the
// pointers may need to be adjusted.
// TODO(1376980): Avoid decompression here.
// TODO(crbug.com/40243421): Avoid decompression here.
return a.get() < b.get();
}
}
@ -389,7 +389,7 @@ PA_ALWAYS_INLINE constexpr bool operator<=(CompressedPointer<T> a,
} else {
// When the types are different, compare decompressed pointers, because the
// pointers may need to be adjusted.
// TODO(1376980): Avoid decompression here.
// TODO(crbug.com/40243421): Avoid decompression here.
return a.get() <= b.get();
}
}
@ -444,7 +444,7 @@ PA_ALWAYS_INLINE constexpr bool operator>=(T* a, CompressedPointer<U> b) {
return static_cast<CompressedPointer<T>>(a) >= b;
}
#endif // BUILDFLAG(ENABLE_POINTER_COMPRESSION)
#endif // PA_BUILDFLAG(ENABLE_POINTER_COMPRESSION)
// Simple wrapper over the raw pointer.
template <typename T>
@ -665,4 +665,4 @@ PA_ALWAYS_INLINE constexpr bool operator>=(T* a, UncompressedPointer<U> b) {
} // namespace partition_alloc
#endif // BASE_ALLOCATOR_PARTITION_ALLOCATOR_SRC_PARTITION_ALLOC_COMPRESSED_POINTER_H_
#endif // PARTITION_ALLOC_COMPRESSED_POINTER_H_

6
src/base/allocator/partition_allocator/src/partition_alloc/dangling_raw_ptr_checks.h
View file

@ -2,8 +2,8 @@
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef BASE_ALLOCATOR_PARTITION_ALLOCATOR_SRC_PARTITION_ALLOC_DANGLING_RAW_PTR_CHECKS_H_
#define BASE_ALLOCATOR_PARTITION_ALLOCATOR_SRC_PARTITION_ALLOC_DANGLING_RAW_PTR_CHECKS_H_
#ifndef PARTITION_ALLOC_DANGLING_RAW_PTR_CHECKS_H_
#define PARTITION_ALLOC_DANGLING_RAW_PTR_CHECKS_H_
#include <cstdint>
@ -64,4 +64,4 @@ bool IsUnretainedDanglingRawPtrCheckEnabled();
} // namespace internal
} // namespace partition_alloc
#endif // BASE_ALLOCATOR_PARTITION_ALLOCATOR_SRC_PARTITION_ALLOC_DANGLING_RAW_PTR_CHECKS_H_
#endif // PARTITION_ALLOC_DANGLING_RAW_PTR_CHECKS_H_

17
src/base/allocator/partition_allocator/src/partition_alloc/dot/windows_crt_static_local_ouroboros.dot Normal file
View file

@ -0,0 +1,17 @@
digraph {
layout = "circo"
dpi = 156
node[shape=box]
crt[shape=circle, label="(not yet fully\ninitialized)\nWindows\nCRT"]
malloc[label="malloc()"]
crt->malloc[label="calls"]
malloc->PartitionAlloc[label="intercepted\nby"]
static_local[label="nontrivial\nfunction-local\nstatic"]
PartitionAlloc->static_local[label="initializes"]
lock[label="critical section\n(implicit lock)"]
static_local->lock[label="enters"]
lock->crt[label="attempts\nre-entry\ninto", style=dotted]
}

BIN
src/base/allocator/partition_allocator/src/partition_alloc/dot/windows_crt_static_local_ouroboros.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 34 KiB

186
src/base/allocator/partition_allocator/src/partition_alloc/encoded_next_freelist.h
View file

@ -2,27 +2,23 @@
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef BASE_ALLOCATOR_PARTITION_ALLOCATOR_SRC_PARTITION_ALLOC_ENCODED_NEXT_FREELIST_H_
#define BASE_ALLOCATOR_PARTITION_ALLOCATOR_SRC_PARTITION_ALLOC_ENCODED_NEXT_FREELIST_H_
#ifndef PARTITION_ALLOC_ENCODED_NEXT_FREELIST_H_
#define PARTITION_ALLOC_ENCODED_NEXT_FREELIST_H_
#include <cstddef>
#include <cstdint>
#include "build/build_config.h"
#include "partition_alloc/build_config.h"
#include "partition_alloc/buildflags.h"
#include "partition_alloc/freeslot_bitmap.h"
#include "partition_alloc/in_slot_metadata.h"
#include "partition_alloc/partition_alloc-inl.h"
#include "partition_alloc/partition_alloc_base/compiler_specific.h"
#include "partition_alloc/partition_alloc_base/debug/debugging_buildflags.h"
#include "partition_alloc/partition_alloc_base/immediate_crash.h"
#include "partition_alloc/partition_alloc_buildflags.h"
#include "partition_alloc/partition_alloc_check.h"
#include "partition_alloc/partition_alloc_config.h"
#include "partition_alloc/partition_alloc_constants.h"
#if !defined(ARCH_CPU_BIG_ENDIAN)
#if !PA_BUILDFLAG(PA_ARCH_CPU_BIG_ENDIAN)
#include "partition_alloc/reverse_bytes.h"
#endif // !defined(ARCH_CPU_BIG_ENDIAN)
#endif
namespace partition_alloc::internal {
@ -52,7 +48,7 @@ class EncodedFreelistPtr {
// encoding and decoding.
PA_ALWAYS_INLINE static constexpr uintptr_t Transform(uintptr_t address) {
// We use bswap on little endian as a fast transformation for two reasons:
// 1) On 64 bit architectures, the pointer is very unlikely to be a
// 1) On 64 bit architectures, the swapped pointer is very unlikely to be a
// canonical address. Therefore, if an object is freed and its vtable is
// used where the attacker doesn't get the chance to run allocations
// between the free and use, the vtable dereference is likely to fault.
@ -60,7 +56,7 @@ class EncodedFreelistPtr {
// corrupt a freelist pointer, partial pointer overwrite attacks are
// thwarted.
// For big endian, similar guarantees are arrived at with a negation.
#if defined(ARCH_CPU_BIG_ENDIAN)
#if PA_BUILDFLAG(PA_ARCH_CPU_BIG_ENDIAN)
uintptr_t transformed = ~address;
#else
uintptr_t transformed = ReverseBytes(address);
@ -155,19 +151,24 @@ class EncodedNextFreelistEntry {
// corruption. Meant to be used to report the failed allocation size.
template <bool crash_on_corruption>
PA_ALWAYS_INLINE EncodedNextFreelistEntry* GetNextForThreadCache(
size_t slot_size) const;
PA_ALWAYS_INLINE EncodedNextFreelistEntry* GetNext(size_t slot_size) const;
size_t slot_size) const {
return GetNextInternal<crash_on_corruption, /*for_thread_cache=*/true>(
slot_size);
}
PA_ALWAYS_INLINE EncodedNextFreelistEntry* GetNext(size_t slot_size) const {
return GetNextInternal<true, /*for_thread_cache=*/false>(slot_size);
}
PA_NOINLINE void CheckFreeList(size_t slot_size) const {
for (auto* entry = this; entry; entry = entry->GetNext(slot_size)) {
// |GetNext()| checks freelist integrity.
// `GetNext()` calls `IsWellFormed()`.
}
}
PA_NOINLINE void CheckFreeListForThreadCache(size_t slot_size) const {
for (auto* entry = this; entry;
entry = entry->GetNextForThreadCache<true>(slot_size)) {
// |GetNextForThreadCache()| checks freelist integrity.
// `GetNextForThreadCache()` calls `IsWellFormed()`.
}
}
@ -175,16 +176,16 @@ class EncodedNextFreelistEntry {
// SetNext() is either called on the freelist head, when provisioning new
// slots, or when GetNext() has been called before, no need to pass the
// size.
#if BUILDFLAG(PA_DCHECK_IS_ON)
#if PA_BUILDFLAG(DCHECKS_ARE_ON)
// Regular freelists always point to an entry within the same super page.
//
// This is most likely a PartitionAlloc bug if this triggers.
if (PA_UNLIKELY(entry &&
(SlotStartPtr2Addr(this) & kSuperPageBaseMask) !=
(SlotStartPtr2Addr(entry) & kSuperPageBaseMask))) {
if (entry && (SlotStartPtr2Addr(this) & kSuperPageBaseMask) !=
(SlotStartPtr2Addr(entry) & kSuperPageBaseMask))
[[unlikely]] {
FreelistCorruptionDetected(0);
}
#endif // BUILDFLAG(PA_DCHECK_IS_ON)
#endif // PA_BUILDFLAG(DCHECKS_ARE_ON)
encoded_next_ = EncodedFreelistPtr(entry);
#if PA_CONFIG(HAS_FREELIST_SHADOW_ENTRY)
@ -208,52 +209,85 @@ class EncodedNextFreelistEntry {
}
private:
template <bool crash_on_corruption>
template <bool crash_on_corruption, bool for_thread_cache>
PA_ALWAYS_INLINE EncodedNextFreelistEntry* GetNextInternal(
size_t slot_size,
bool for_thread_cache) const;
size_t slot_size) const {
// GetNext() can be called on discarded memory, in which case
// |encoded_next_| is 0, and none of the checks apply. Don't prefetch
// nullptr either.
if (IsEncodedNextPtrZero()) {
return nullptr;
}
PA_ALWAYS_INLINE static bool IsSane(const EncodedNextFreelistEntry* here,
const EncodedNextFreelistEntry* next,
bool for_thread_cache) {
// Don't allow the freelist to be blindly followed to any location.
// Checks two constraints:
// - here and next must belong to the same superpage, unless this is in the
// thread cache (they even always belong to the same slot span).
// - next cannot point inside the metadata area.
auto* ret = encoded_next_.Decode();
if (!IsWellFormed<for_thread_cache>(this, ret)) [[unlikely]] {
if constexpr (crash_on_corruption) {
// Put the corrupted data on the stack, it may give us more information
// about what kind of corruption that was.
PA_DEBUG_DATA_ON_STACK("first",
static_cast<size_t>(encoded_next_.encoded_));
#if PA_CONFIG(HAS_FREELIST_SHADOW_ENTRY)
PA_DEBUG_DATA_ON_STACK("second", static_cast<size_t>(shadow_));
#endif
FreelistCorruptionDetected(slot_size);
}
return nullptr;
}
// In real-world profiles, the load of |encoded_next_| above is responsible
// for a large fraction of the allocation cost. However, we cannot
// anticipate it enough since it is accessed right after we know its
// address.
//
// Also, the lightweight UaF detection (pointer shadow) is checked.
// In the case of repeated allocations, we can prefetch the access that will
// be done at the *next* allocation, which will touch *ret, prefetch it.
PA_PREFETCH(ret);
return ret;
}
uintptr_t here_address = SlotStartPtr2Addr(here);
uintptr_t next_address = SlotStartPtr2Addr(next);
template <bool for_thread_cache>
PA_ALWAYS_INLINE static bool IsWellFormed(
const EncodedNextFreelistEntry* here,
const EncodedNextFreelistEntry* next) {
// Don't allow the freelist to be blindly followed to any location.
// Checks following constraints:
// - `here->shadow_` must match an inversion of `here->next_` (if present).
// - `next` mustn't point inside the super page metadata area.
// - Unless this is a thread-cache freelist, `here` and `next` must belong
// to the same super page (as a matter of fact, they must belong to the
// same slot span, but that'd be too expensive to check here).
// - `next` is marked as free in the free slot bitmap (if present).
const uintptr_t here_address = SlotStartPtr2Addr(here);
const uintptr_t next_address = SlotStartPtr2Addr(next);
#if PA_CONFIG(HAS_FREELIST_SHADOW_ENTRY)
bool shadow_ptr_ok = here->encoded_next_.Inverted() == here->shadow_;
#else
bool shadow_ptr_ok = true;
#endif
bool same_superpage = (here_address & kSuperPageBaseMask) ==
(next_address & kSuperPageBaseMask);
#if BUILDFLAG(USE_FREESLOT_BITMAP)
bool marked_as_free_in_bitmap =
for_thread_cache ? true : !FreeSlotBitmapSlotIsUsed(next_address);
#else
bool marked_as_free_in_bitmap = true;
constexpr bool shadow_ptr_ok = true;
#endif
// This is necessary but not sufficient when quarantine is enabled, see
// SuperPagePayloadBegin() in partition_page.h. However we don't want to
// fetch anything from the root in this function.
bool not_in_metadata =
const bool not_in_metadata =
(next_address & kSuperPageOffsetMask) >= PartitionPageSize();
if (for_thread_cache) {
if constexpr (for_thread_cache) {
return shadow_ptr_ok & not_in_metadata;
} else {
return shadow_ptr_ok & same_superpage & marked_as_free_in_bitmap &
not_in_metadata;
}
const bool same_super_page = (here_address & kSuperPageBaseMask) ==
(next_address & kSuperPageBaseMask);
#if PA_BUILDFLAG(USE_FREESLOT_BITMAP)
bool marked_as_free_in_bitmap = !FreeSlotBitmapSlotIsUsed(next_address);
#else
constexpr bool marked_as_free_in_bitmap = true;
#endif
return shadow_ptr_ok & same_super_page & marked_as_free_in_bitmap &
not_in_metadata;
}
EncodedFreelistPtr encoded_next_;
@ -265,56 +299,6 @@ class EncodedNextFreelistEntry {
#endif
};
template <bool crash_on_corruption>
PA_ALWAYS_INLINE EncodedNextFreelistEntry*
EncodedNextFreelistEntry::GetNextInternal(size_t slot_size,
bool for_thread_cache) const {
// GetNext() can be called on discarded memory, in which case |encoded_next_|
// is 0, and none of the checks apply. Don't prefetch nullptr either.
if (IsEncodedNextPtrZero()) {
return nullptr;
}
auto* ret = encoded_next_.Decode();
// We rely on constant propagation to remove the branches coming from
// |for_thread_cache|, since the argument is always a compile-time constant.
if (PA_UNLIKELY(!IsSane(this, ret, for_thread_cache))) {
if constexpr (crash_on_corruption) {
// Put the corrupted data on the stack, it may give us more information
// about what kind of corruption that was.
PA_DEBUG_DATA_ON_STACK("first",
static_cast<size_t>(encoded_next_.encoded_));
#if PA_CONFIG(HAS_FREELIST_SHADOW_ENTRY)
PA_DEBUG_DATA_ON_STACK("second", static_cast<size_t>(shadow_));
#endif
FreelistCorruptionDetected(slot_size);
} else {
return nullptr;
}
}
// In real-world profiles, the load of |encoded_next_| above is responsible
// for a large fraction of the allocation cost. However, we cannot anticipate
// it enough since it is accessed right after we know its address.
//
// In the case of repeated allocations, we can prefetch the access that will
// be done at the *next* allocation, which will touch *ret, prefetch it.
PA_PREFETCH(ret);
return ret;
}
template <bool crash_on_corruption>
PA_ALWAYS_INLINE EncodedNextFreelistEntry*
EncodedNextFreelistEntry::GetNextForThreadCache(size_t slot_size) const {
return GetNextInternal<crash_on_corruption>(slot_size, true);
}
PA_ALWAYS_INLINE EncodedNextFreelistEntry* EncodedNextFreelistEntry::GetNext(
size_t slot_size) const {
return GetNextInternal<true>(slot_size, false);
}
} // namespace partition_alloc::internal
#endif // BASE_ALLOCATOR_PARTITION_ALLOCATOR_SRC_PARTITION_ALLOC_ENCODED_NEXT_FREELIST_H_
#endif // PARTITION_ALLOC_ENCODED_NEXT_FREELIST_H_

27
src/base/allocator/partition_allocator/src/partition_alloc/extended_api.cc
View file

@ -4,7 +4,7 @@
#include "partition_alloc/extended_api.h"
#include "partition_alloc/partition_alloc_buildflags.h"
#include "partition_alloc/buildflags.h"
#include "partition_alloc/partition_alloc_config.h"
#include "partition_alloc/shim/allocator_shim_default_dispatch_to_partition_alloc.h"
#include "partition_alloc/thread_cache.h"
@ -36,7 +36,7 @@ void EnablePartitionAllocThreadCacheForRootIfDisabled(PartitionRoot* root) {
root->settings.with_thread_cache = true;
}
#if BUILDFLAG(USE_PARTITION_ALLOC_AS_MALLOC)
#if PA_BUILDFLAG(USE_PARTITION_ALLOC_AS_MALLOC)
void DisablePartitionAllocThreadCacheForProcess() {
PA_CHECK(allocator_shim::internal::PartitionAllocMalloc::
AllocatorConfigurationFinalized());
@ -45,7 +45,7 @@ void DisablePartitionAllocThreadCacheForProcess() {
DisableThreadCacheForRootIfEnabled(
allocator_shim::internal::PartitionAllocMalloc::OriginalAllocator());
}
#endif // BUILDFLAG(USE_PARTITION_ALLOC_AS_MALLOC)
#endif // PA_BUILDFLAG(USE_PARTITION_ALLOC_AS_MALLOC)
} // namespace
@ -63,7 +63,7 @@ ThreadAllocStats GetAllocStatsForCurrentThread() {
ThreadCacheProcessScopeForTesting::ThreadCacheProcessScopeForTesting(
PartitionRoot* root)
: root_(root) {
#if BUILDFLAG(USE_PARTITION_ALLOC_AS_MALLOC)
#if PA_BUILDFLAG(USE_PARTITION_ALLOC_AS_MALLOC)
auto* regular_allocator =
allocator_shim::internal::PartitionAllocMalloc::Allocator();
regular_was_enabled_ =
@ -77,7 +77,17 @@ ThreadCacheProcessScopeForTesting::ThreadCacheProcessScopeForTesting(
// Replace ThreadCache's PartitionRoot.
ThreadCache::SwapForTesting(root_);
} else {
if (!regular_was_enabled_) {
bool regular_was_disabled = !regular_was_enabled_;
#if PA_BUILDFLAG(IS_WIN)
// ThreadCache may be tombstone because of the previous test. In the
// case, we have to remove tombstone and re-create ThreadCache for
// a new test.
if (ThreadCache::IsTombstone(ThreadCache::Get())) {
ThreadCache::RemoveTombstoneForTesting();
regular_was_disabled = true;
}
#endif
if (regular_was_disabled) {
EnablePartitionAllocThreadCacheForRootIfDisabled(root_);
ThreadCache::SwapForTesting(root_);
}
@ -86,13 +96,14 @@ ThreadCacheProcessScopeForTesting::ThreadCacheProcessScopeForTesting(
PA_CHECK(!ThreadCache::IsValid(ThreadCache::Get()));
EnablePartitionAllocThreadCacheForRootIfDisabled(root_);
ThreadCache::SwapForTesting(root_);
#endif // BUILDFLAG(USE_PARTITION_ALLOC_AS_MALLOC)
#endif // PA_BUILDFLAG(USE_PARTITION_ALLOC_AS_MALLOC)
PA_CHECK(ThreadCache::Get());
PA_CHECK(!ThreadCache::IsTombstone(ThreadCache::Get()));
}
ThreadCacheProcessScopeForTesting::~ThreadCacheProcessScopeForTesting() {
#if BUILDFLAG(USE_PARTITION_ALLOC_AS_MALLOC)
#if PA_BUILDFLAG(USE_PARTITION_ALLOC_AS_MALLOC)
auto* regular_allocator =
allocator_shim::internal::PartitionAllocMalloc::Allocator();
bool regular_enabled =
@ -122,7 +133,7 @@ ThreadCacheProcessScopeForTesting::~ThreadCacheProcessScopeForTesting() {
DisableThreadCacheForRootIfEnabled(root_);
ThreadCache::SwapForTesting(nullptr);
#endif // BUILDFLAG(USE_PARTITION_ALLOC_AS_MALLOC)
#endif // PA_BUILDFLAG(USE_PARTITION_ALLOC_AS_MALLOC)
}
#endif // PA_CONFIG(THREAD_CACHE_SUPPORTED)

10
src/base/allocator/partition_allocator/src/partition_alloc/extended_api.h
View file

@ -2,10 +2,10 @@
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef BASE_ALLOCATOR_PARTITION_ALLOCATOR_SRC_PARTITION_ALLOC_EXTENDED_API_H_
#define BASE_ALLOCATOR_PARTITION_ALLOCATOR_SRC_PARTITION_ALLOC_EXTENDED_API_H_
#ifndef PARTITION_ALLOC_EXTENDED_API_H_
#define PARTITION_ALLOC_EXTENDED_API_H_
#include "partition_alloc/partition_alloc_buildflags.h"
#include "partition_alloc/buildflags.h"
#include "partition_alloc/partition_root.h"
#include "partition_alloc/partition_stats.h"
#include "partition_alloc/thread_cache.h"
@ -32,11 +32,11 @@ class ThreadCacheProcessScopeForTesting {
private:
PartitionRoot* root_ = nullptr;
#if BUILDFLAG(USE_PARTITION_ALLOC_AS_MALLOC)
#if PA_BUILDFLAG(USE_PARTITION_ALLOC_AS_MALLOC)
bool regular_was_enabled_ = false;
#endif
};
} // namespace partition_alloc::internal
#endif // BASE_ALLOCATOR_PARTITION_ALLOCATOR_SRC_PARTITION_ALLOC_EXTENDED_API_H_
#endif // PARTITION_ALLOC_EXTENDED_API_H_

12
src/base/allocator/partition_allocator/src/partition_alloc/flags.h
View file

@ -11,8 +11,8 @@
// other enum value and passed on to a function that takes an int or unsigned
// int.
#ifndef BASE_ALLOCATOR_PARTITION_ALLOCATOR_SRC_PARTITION_ALLOC_FLAGS_H_
#define BASE_ALLOCATOR_PARTITION_ALLOCATOR_SRC_PARTITION_ALLOC_FLAGS_H_
#ifndef PARTITION_ALLOC_FLAGS_H_
#define PARTITION_ALLOC_FLAGS_H_
#include <type_traits>
@ -46,12 +46,6 @@ constexpr inline IfEnum<EnumType, bool> ContainsFlags(EnumType superset,
return (superset & subset) == subset;
}
// Removes flags `target` from `from`.
template <typename EnumType>
constexpr inline IfEnum<EnumType> RemoveFlags(EnumType from, EnumType target) {
return from & ~target;
}
// A macro to define binary arithmetic over `EnumType`.
// Use inside `namespace partition_alloc::internal`.
#define PA_DEFINE_OPERATORS_FOR_FLAGS(EnumType) \
@ -98,4 +92,4 @@ constexpr inline IfEnum<EnumType> RemoveFlags(EnumType from, EnumType target) {
} // namespace partition_alloc::internal
#endif // BASE_ALLOCATOR_PARTITION_ALLOCATOR_SRC_PARTITION_ALLOC_FLAGS_H_
#endif // PARTITION_ALLOC_FLAGS_H_

16
src/base/allocator/partition_allocator/src/partition_alloc/freeslot_bitmap.h
View file

@ -2,20 +2,20 @@
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef BASE_ALLOCATOR_PARTITION_ALLOCATOR_SRC_PARTITION_ALLOC_FREESLOT_BITMAP_H_
#define BASE_ALLOCATOR_PARTITION_ALLOCATOR_SRC_PARTITION_ALLOC_FREESLOT_BITMAP_H_
#ifndef PARTITION_ALLOC_FREESLOT_BITMAP_H_
#define PARTITION_ALLOC_FREESLOT_BITMAP_H_
#include <climits>
#include <cstdint>
#include <utility>
#include "partition_alloc/buildflags.h"
#include "partition_alloc/freeslot_bitmap_constants.h"
#include "partition_alloc/partition_alloc_base/bits.h"
#include "partition_alloc/partition_alloc_base/compiler_specific.h"
#include "partition_alloc/partition_alloc_buildflags.h"
#include "partition_alloc/partition_alloc_constants.h"
#if BUILDFLAG(USE_FREESLOT_BITMAP)
#if PA_BUILDFLAG(USE_FREESLOT_BITMAP)
namespace partition_alloc::internal {
@ -92,7 +92,7 @@ PA_ALWAYS_INLINE void FreeSlotBitmapReset(uintptr_t begin_addr,
*cell &= ~CellWithAOne(bit_index);
}
#if BUILDFLAG(PA_DCHECK_IS_ON)
#if PA_BUILDFLAG(DCHECKS_ARE_ON)
// Checks if the cells that are meant to contain only unset bits are really 0.
auto [begin_cell, begin_bit_index] =
GetFreeSlotBitmapCellPtrAndBitIndex(begin_addr);
@ -131,11 +131,11 @@ PA_ALWAYS_INLINE void FreeSlotBitmapReset(uintptr_t begin_addr,
for (FreeSlotBitmapCellType* cell = begin_cell; cell < end_cell; ++cell) {
PA_DCHECK(*cell == 0u);
}
#endif // BUILDFLAG(PA_DCHECK_IS_ON)
#endif // PA_BUILDFLAG(DCHECKS_ARE_ON)
}
} // namespace partition_alloc::internal
#endif // BUILDFLAG(USE_FREESLOT_BITMAP)
#endif // PA_BUILDFLAG(USE_FREESLOT_BITMAP)
#endif // BASE_ALLOCATOR_PARTITION_ALLOCATOR_SRC_PARTITION_ALLOC_FREESLOT_BITMAP_H_
#endif // PARTITION_ALLOC_FREESLOT_BITMAP_H_

14
src/base/allocator/partition_allocator/src/partition_alloc/freeslot_bitmap_constants.h
View file

@ -2,14 +2,14 @@
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef BASE_ALLOCATOR_PARTITION_ALLOCATOR_SRC_PARTITION_ALLOC_FREESLOT_BITMAP_CONSTANTS_H_
#define BASE_ALLOCATOR_PARTITION_ALLOCATOR_SRC_PARTITION_ALLOC_FREESLOT_BITMAP_CONSTANTS_H_
#ifndef PARTITION_ALLOC_FREESLOT_BITMAP_CONSTANTS_H_
#define PARTITION_ALLOC_FREESLOT_BITMAP_CONSTANTS_H_
#include <cstdint>
#include "partition_alloc/buildflags.h"
#include "partition_alloc/partition_alloc_base/bits.h"
#include "partition_alloc/partition_alloc_base/compiler_specific.h"
#include "partition_alloc/partition_alloc_buildflags.h"
#include "partition_alloc/partition_alloc_constants.h"
#include "partition_alloc/partition_alloc_forward.h"
#include "partition_alloc/reservation_offset_table.h"
@ -28,7 +28,7 @@ constexpr size_t kFreeSlotBitmapSize =
PA_ALWAYS_INLINE PAGE_ALLOCATOR_CONSTANTS_DECLARE_CONSTEXPR size_t
ReservedFreeSlotBitmapSize() {
#if BUILDFLAG(USE_FREESLOT_BITMAP)
#if PA_BUILDFLAG(USE_FREESLOT_BITMAP)
return base::bits::AlignUp(kFreeSlotBitmapSize, PartitionPageSize());
#else
return 0;
@ -37,7 +37,7 @@ ReservedFreeSlotBitmapSize() {
PA_ALWAYS_INLINE PAGE_ALLOCATOR_CONSTANTS_DECLARE_CONSTEXPR size_t
CommittedFreeSlotBitmapSize() {
#if BUILDFLAG(USE_FREESLOT_BITMAP)
#if PA_BUILDFLAG(USE_FREESLOT_BITMAP)
return base::bits::AlignUp(kFreeSlotBitmapSize, SystemPageSize());
#else
return 0;
@ -49,7 +49,7 @@ NumPartitionPagesPerFreeSlotBitmap() {
return ReservedFreeSlotBitmapSize() / PartitionPageSize();
}
#if BUILDFLAG(USE_FREESLOT_BITMAP)
#if PA_BUILDFLAG(USE_FREESLOT_BITMAP)
PA_ALWAYS_INLINE uintptr_t SuperPageFreeSlotBitmapAddr(uintptr_t super_page) {
PA_DCHECK(!(super_page % kSuperPageAlignment));
return super_page + PartitionPageSize();
@ -58,4 +58,4 @@ PA_ALWAYS_INLINE uintptr_t SuperPageFreeSlotBitmapAddr(uintptr_t super_page) {
} // namespace partition_alloc::internal
#endif // BASE_ALLOCATOR_PARTITION_ALLOCATOR_SRC_PARTITION_ALLOC_FREESLOT_BITMAP_CONSTANTS_H_
#endif // PARTITION_ALLOC_FREESLOT_BITMAP_CONSTANTS_H_

36
src/base/allocator/partition_allocator/src/partition_alloc/gwp_asan_support.cc
View file

@ -4,9 +4,9 @@
#include "partition_alloc/gwp_asan_support.h"
#if BUILDFLAG(ENABLE_GWP_ASAN_SUPPORT)
#if PA_BUILDFLAG(ENABLE_GWP_ASAN_SUPPORT)
#include "build/build_config.h"
#include "partition_alloc/build_config.h"
#include "partition_alloc/freeslot_bitmap_constants.h"
#include "partition_alloc/in_slot_metadata.h"
#include "partition_alloc/page_allocator_constants.h"
@ -19,17 +19,21 @@
namespace partition_alloc {
namespace {
PartitionOptions GwpAsanPartitionOptions() {
PartitionOptions options;
options.backup_ref_ptr = PartitionOptions::kEnabled;
return options;
}
} // namespace
// static
void* GwpAsanSupport::MapRegion(size_t slot_count,
std::vector<uint16_t>& free_list) {
PA_CHECK(slot_count > 0);
constexpr PartitionOptions kConfig = []() {
PartitionOptions opts;
opts.backup_ref_ptr = PartitionOptions::kEnabled;
return opts;
}();
static internal::base::NoDestructor<PartitionRoot> root(kConfig);
static internal::base::NoDestructor<PartitionRoot> root(
GwpAsanPartitionOptions());
const size_t kSlotSize = 2 * internal::SystemPageSize();
uint16_t bucket_index = PartitionRoot::SizeToBucketIndex(
@ -38,8 +42,7 @@ void* GwpAsanSupport::MapRegion(size_t slot_count,
const size_t kSuperPagePayloadStartOffset =
internal::SuperPagePayloadStartOffset(
/* is_managed_by_normal_buckets = */ true,
/* with_quarantine = */ false);
/* is_managed_by_normal_buckets = */ true);
PA_CHECK(kSuperPagePayloadStartOffset % kSlotSize == 0);
const size_t kSuperPageGwpAsanSlotAreaBeginOffset =
kSuperPagePayloadStartOffset;
@ -64,14 +67,14 @@ void* GwpAsanSupport::MapRegion(size_t slot_count,
return nullptr;
}
#if defined(ARCH_CPU_64_BITS)
#if PA_BUILDFLAG(PA_ARCH_CPU_64_BITS)
// Mapping the GWP-ASan region in to the lower 32-bits of address space
// makes it much more likely that a bad pointer dereference points into
// our region and triggers a false positive report. We rely on the fact
// that PA address pools are never allocated in the first 4GB due to
// their alignment requirements.
PA_CHECK(super_page_span_start >= (1ULL << 32));
#endif // defined(ARCH_CPU_64_BITS)
#endif // PA_BUILDFLAG(PA_ARCH_CPU_64_BITS)
uintptr_t super_page_span_end =
super_page_span_start + super_page_count * kSuperPageSize;
@ -90,15 +93,16 @@ void* GwpAsanSupport::MapRegion(size_t slot_count,
partition_page_idx += bucket->get_pages_per_slot_span()) {
auto* slot_span_metadata =
&page_metadata[partition_page_idx].slot_span_metadata;
bucket->InitializeSlotSpanForGwpAsan(slot_span_metadata);
bucket->InitializeSlotSpanForGwpAsan(slot_span_metadata, root.get());
auto slot_span_start =
internal::SlotSpanMetadata::ToSlotSpanStart(slot_span_metadata);
internal::SlotSpanMetadata<internal::MetadataKind::kReadOnly>::
ToSlotSpanStart(slot_span_metadata);
for (uintptr_t slot_idx = 0; slot_idx < kSlotsPerSlotSpan; ++slot_idx) {
auto slot_start = slot_span_start + slot_idx * kSlotSize;
PartitionRoot::InSlotMetadataPointerFromSlotStartAndSize(slot_start,
kSlotSize)
->InitalizeForGwpAsan();
->InitializeForGwpAsan();
size_t global_slot_idx = (slot_start - super_page_span_start -
kSuperPageGwpAsanSlotAreaBeginOffset) /
kSlotSize;
@ -129,4 +133,4 @@ bool GwpAsanSupport::CanReuse(uintptr_t slot_start) {
} // namespace partition_alloc
#endif // BUILDFLAG(ENABLE_GWP_ASAN_SUPPORT)
#endif // PA_BUILDFLAG(ENABLE_GWP_ASAN_SUPPORT)

12
src/base/allocator/partition_allocator/src/partition_alloc/gwp_asan_support.h
View file

@ -2,13 +2,13 @@
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef BASE_ALLOCATOR_PARTITION_ALLOCATOR_SRC_PARTITION_ALLOC_GWP_ASAN_SUPPORT_H_
#define BASE_ALLOCATOR_PARTITION_ALLOCATOR_SRC_PARTITION_ALLOC_GWP_ASAN_SUPPORT_H_
#ifndef PARTITION_ALLOC_GWP_ASAN_SUPPORT_H_
#define PARTITION_ALLOC_GWP_ASAN_SUPPORT_H_
#include "partition_alloc/buildflags.h"
#include "partition_alloc/partition_alloc_base/component_export.h"
#include "partition_alloc/partition_alloc_buildflags.h"
#if BUILDFLAG(ENABLE_GWP_ASAN_SUPPORT)
#if PA_BUILDFLAG(ENABLE_GWP_ASAN_SUPPORT)
#include <cstddef>
#include <cstdint>
@ -115,6 +115,6 @@ class PA_COMPONENT_EXPORT(PARTITION_ALLOC) GwpAsanSupport {
} // namespace partition_alloc
#endif // BUILDFLAG(ENABLE_GWP_ASAN_SUPPORT)
#endif // PA_BUILDFLAG(ENABLE_GWP_ASAN_SUPPORT)
#endif // BASE_ALLOCATOR_PARTITION_ALLOCATOR_SRC_PARTITION_ALLOC_GWP_ASAN_SUPPORT_H_
#endif // PARTITION_ALLOC_GWP_ASAN_SUPPORT_H_

164
src/base/allocator/partition_allocator/src/partition_alloc/in_slot_metadata.h
View file

@ -2,32 +2,27 @@
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef BASE_ALLOCATOR_PARTITION_ALLOCATOR_SRC_PARTITION_ALLOC_IN_SLOT_METADATA_H_
#define BASE_ALLOCATOR_PARTITION_ALLOCATOR_SRC_PARTITION_ALLOC_IN_SLOT_METADATA_H_
#ifndef PARTITION_ALLOC_IN_SLOT_METADATA_H_
#define PARTITION_ALLOC_IN_SLOT_METADATA_H_
#include <atomic>
#include <bit>
#include <cstddef>
#include <cstdint>
#include <limits>
#include "build/build_config.h"
#include "partition_alloc/build_config.h"
#include "partition_alloc/buildflags.h"
#include "partition_alloc/dangling_raw_ptr_checks.h"
#include "partition_alloc/partition_alloc_base/bits.h"
#include "partition_alloc/partition_alloc_base/compiler_specific.h"
#include "partition_alloc/partition_alloc_base/component_export.h"
#include "partition_alloc/partition_alloc_base/debug/debugging_buildflags.h"
#include "partition_alloc/partition_alloc_base/immediate_crash.h"
#include "partition_alloc/partition_alloc_buildflags.h"
#include "partition_alloc/partition_alloc_check.h"
#include "partition_alloc/partition_alloc_config.h"
#include "partition_alloc/partition_alloc_constants.h"
#include "partition_alloc/partition_alloc_forward.h"
#include "partition_alloc/tagging.h"
#if BUILDFLAG(IS_APPLE)
#include "partition_alloc/partition_alloc_base/bits.h"
#endif // BUILDFLAG(IS_APPLE)
namespace partition_alloc::internal {
// Aligns up (on 8B boundary) `in_slot_metadata_size` on Mac as a workaround for
@ -37,21 +32,20 @@ namespace partition_alloc::internal {
// Enabled on iOS as a workaround for a speculative bug in Swift's
// __StringStorage.create https://crbug.com/327804972
//
// Placed outside `BUILDFLAG(ENABLE_BACKUP_REF_PTR_SUPPORT)`
// Placed outside `PA_BUILDFLAG(ENABLE_BACKUP_REF_PTR_SUPPORT)`
// intentionally to accommodate usage in contexts also outside
// this gating.
PA_ALWAYS_INLINE size_t
AlignUpInSlotMetadataSizeForApple(size_t in_slot_metadata_size) {
#if BUILDFLAG(IS_APPLE)
return internal::base::bits::AlignUp<size_t>(in_slot_metadata_size, 8);
PA_ALWAYS_INLINE constexpr size_t AlignUpInSlotMetadataSizeForApple(
size_t in_slot_metadata_size) {
#if PA_BUILDFLAG(IS_APPLE)
return base::bits::AlignUp<size_t>(in_slot_metadata_size, 8);
#else
return in_slot_metadata_size;
#endif // BUILDFLAG(IS_APPLE)
#endif // PA_BUILDFLAG(IS_APPLE)
}
#if BUILDFLAG(ENABLE_BACKUP_REF_PTR_SUPPORT)
#if PA_BUILDFLAG(ENABLE_BACKUP_REF_PTR_SUPPORT)
namespace {
// Utility functions to define a bit field.
template <typename CountType>
static constexpr CountType SafeShift(CountType lhs, int rhs) {
@ -69,7 +63,6 @@ struct BitField {
~(SafeShift<CountType>(1, lo) - 1);
}
};
} // namespace
// Special-purpose atomic bit field class mainly used by RawPtrBackupRefImpl.
// Formerly known as `PartitionRefCount`, but renamed to support usage that is
@ -99,7 +92,7 @@ class PA_COMPONENT_EXPORT(PARTITION_ALLOC) InSlotMetadata {
// 31 needs_mac11_malloc_ Whether malloc_size() return value needs to
// size_hack be adjusted for this allocation.
//
// On `BUILDFLAG(ENABLE_DANGLING_RAW_PTR_CHECKS)` builds, it holds two more
// On `PA_BUILDFLAG(ENABLE_DANGLING_RAW_PTR_CHECKS)` builds, it holds two more
// entries in total of 64 bits.
//
// bits name description
@ -127,11 +120,14 @@ class PA_COMPONENT_EXPORT(PARTITION_ALLOC) InSlotMetadata {
// |dangling_detected| is set and the error is reported via
// DanglingRawPtrDetected(id). The matching DanglingRawPtrReleased(id) will be
// called when the last raw_ptr<> is released.
#if !BUILDFLAG(ENABLE_DANGLING_RAW_PTR_CHECKS)
#if !PA_BUILDFLAG(ENABLE_DANGLING_RAW_PTR_CHECKS)
using CountType = uint32_t;
static constexpr CountType kMemoryHeldByAllocatorBit =
BitField<CountType>::Bit(0);
static constexpr CountType kPtrCountMask = BitField<CountType>::Mask(1, 29);
// The most significant bit of the refcount is reserved to prevent races with
// overflow detection.
static constexpr CountType kMaxPtrCount = BitField<CountType>::Mask(1, 28);
static constexpr CountType kRequestQuarantineBit =
BitField<CountType>::Bit(30);
static constexpr CountType kNeedsMac11MallocSizeHackBit =
@ -140,10 +136,13 @@ class PA_COMPONENT_EXPORT(PARTITION_ALLOC) InSlotMetadata {
BitField<CountType>::None();
static constexpr CountType kUnprotectedPtrCountMask =
BitField<CountType>::None();
#else // !BUILDFLAG(ENABLE_DANGLING_RAW_PTR_CHECKS)
#else // !PA_BUILDFLAG(ENABLE_DANGLING_RAW_PTR_CHECKS)
using CountType = uint64_t;
static constexpr auto kMemoryHeldByAllocatorBit = BitField<CountType>::Bit(0);
static constexpr auto kPtrCountMask = BitField<CountType>::Mask(1, 31);
// The most significant bit of the refcount is reserved to prevent races with
// overflow detection.
static constexpr auto kMaxPtrCount = BitField<CountType>::Mask(1, 30);
static constexpr auto kDanglingRawPtrDetectedBit =
BitField<CountType>::Bit(32);
static constexpr auto kNeedsMac11MallocSizeHackBit =
@ -152,7 +151,11 @@ class PA_COMPONENT_EXPORT(PARTITION_ALLOC) InSlotMetadata {
BitField<CountType>::Bit(34);
static constexpr auto kUnprotectedPtrCountMask =
BitField<CountType>::Mask(35, 63);
#endif // !BUILDFLAG(ENABLE_DANGLING_RAW_PTR_CHECKS)
// The most significant bit of the refcount is reserved to prevent races with
// overflow detection.
static constexpr auto kMaxUnprotectedPtrCount =
BitField<CountType>::Mask(35, 62);
#endif // !PA_BUILDFLAG(ENABLE_DANGLING_RAW_PTR_CHECKS)
// Quick check to assert these masks do not overlap.
static_assert((kMemoryHeldByAllocatorBit + kPtrCountMask +
@ -161,9 +164,9 @@ class PA_COMPONENT_EXPORT(PARTITION_ALLOC) InSlotMetadata {
std::numeric_limits<CountType>::max());
static constexpr auto kPtrInc =
SafeShift<CountType>(1, std::countr_zero(kPtrCountMask));
SafeShift<CountType>(1, base::bits::CountrZero(kPtrCountMask));
static constexpr auto kUnprotectedPtrInc =
SafeShift<CountType>(1, std::countr_zero(kUnprotectedPtrCountMask));
SafeShift<CountType>(1, base::bits::CountrZero(kUnprotectedPtrCountMask));
PA_ALWAYS_INLINE explicit InSlotMetadata(bool needs_mac11_malloc_size_hack);
@ -183,19 +186,18 @@ class PA_COMPONENT_EXPORT(PARTITION_ALLOC) InSlotMetadata {
CountType old_count = count_.fetch_add(kPtrInc, std::memory_order_relaxed);
// Check overflow.
PA_CHECK((old_count & kPtrCountMask) != kPtrCountMask);
PA_CHECK((old_count & kPtrCountMask) != kMaxPtrCount);
}
// Similar to |Acquire()|, but for raw_ptr<T, DisableDanglingPtrDetection>
// instead of raw_ptr<T>.
PA_ALWAYS_INLINE void AcquireFromUnprotectedPtr() {
#if BUILDFLAG(ENABLE_DANGLING_RAW_PTR_CHECKS)
#if PA_BUILDFLAG(ENABLE_DANGLING_RAW_PTR_CHECKS)
CheckCookieIfSupported();
CountType old_count =
count_.fetch_add(kUnprotectedPtrInc, std::memory_order_relaxed);
// Check overflow.
PA_CHECK((old_count & kUnprotectedPtrCountMask) !=
kUnprotectedPtrCountMask);
PA_CHECK((old_count & kUnprotectedPtrCountMask) != kMaxUnprotectedPtrCount);
#else
Acquire();
#endif
@ -209,10 +211,10 @@ class PA_COMPONENT_EXPORT(PARTITION_ALLOC) InSlotMetadata {
// Check underflow.
PA_DCHECK(old_count & kPtrCountMask);
#if BUILDFLAG(ENABLE_DANGLING_RAW_PTR_CHECKS)
#if PA_BUILDFLAG(ENABLE_DANGLING_RAW_PTR_CHECKS)
// If a dangling raw_ptr<> was detected, report it.
if (PA_UNLIKELY((old_count & kDanglingRawPtrDetectedBit) ==
kDanglingRawPtrDetectedBit)) {
if ((old_count & kDanglingRawPtrDetectedBit) == kDanglingRawPtrDetectedBit)
[[unlikely]] {
partition_alloc::internal::DanglingRawPtrReleased(
reinterpret_cast<uintptr_t>(this));
}
@ -224,7 +226,7 @@ class PA_COMPONENT_EXPORT(PARTITION_ALLOC) InSlotMetadata {
// Similar to |Release()|, but for raw_ptr<T, DisableDanglingPtrDetection>
// instead of raw_ptr<T>.
PA_ALWAYS_INLINE bool ReleaseFromUnprotectedPtr() {
#if BUILDFLAG(ENABLE_DANGLING_RAW_PTR_CHECKS)
#if PA_BUILDFLAG(ENABLE_DANGLING_RAW_PTR_CHECKS)
CheckCookieIfSupported();
CountType old_count =
@ -252,18 +254,21 @@ class PA_COMPONENT_EXPORT(PARTITION_ALLOC) InSlotMetadata {
PA_ALWAYS_INLINE bool ReleaseFromAllocator() {
CheckCookieIfSupported();
// TODO(bartekn): Make the double-free check more effective. Once freed, the
// in-slot metadata is overwritten by an encoded freelist-next pointer.
CountType old_count =
count_.fetch_and(~kMemoryHeldByAllocatorBit, std::memory_order_release);
if (PA_UNLIKELY(!(old_count & kMemoryHeldByAllocatorBit))) {
// If kMemoryHeldByAllocatorBit was already unset, it indicates a double
// free, but it could also be caused by a memory corruption. Note, this
// detection mechanism isn't perfect, because in-slot-metadata can be
// overwritten by the freelist pointer (or its shadow) for very small slots,
// thus masking the error away.
if (!(old_count & kMemoryHeldByAllocatorBit)) [[unlikely]] {
DoubleFreeOrCorruptionDetected(old_count);
}
// Release memory when no raw_ptr<> exists anymore:
static constexpr CountType mask = kPtrCountMask | kUnprotectedPtrCountMask;
if (PA_LIKELY((old_count & mask) == 0)) {
if ((old_count & mask) == 0) [[likely]] {
std::atomic_thread_fence(std::memory_order_acquire);
// The allocation is about to get freed, so clear the cookie.
ClearCookieIfSupported();
@ -310,6 +315,8 @@ class PA_COMPONENT_EXPORT(PARTITION_ALLOC) InSlotMetadata {
// Request to quarantine this allocation. The request might be ignored if
// the allocation is already freed.
// TODO(crbug.com/329027914) This is an unused function. Start using it in
// tests and/or in production code.
PA_ALWAYS_INLINE void SetQuarantineRequest() {
CountType old_count =
count_.fetch_or(kRequestQuarantineBit, std::memory_order_relaxed);
@ -318,6 +325,8 @@ class PA_COMPONENT_EXPORT(PARTITION_ALLOC) InSlotMetadata {
}
// Get and clear out quarantine request.
// TODO(crbug.com/329027914) This is an unused function. Start using it in
// tests and/or in production code.
PA_ALWAYS_INLINE bool PopQuarantineRequest() {
CountType old_count =
count_.fetch_and(~kRequestQuarantineBit, std::memory_order_acq_rel);
@ -330,7 +339,7 @@ class PA_COMPONENT_EXPORT(PARTITION_ALLOC) InSlotMetadata {
// make sure the `raw_ptr<T>` release operation will never attempt to call the
// PA `free` on such a slot. GWP-ASan takes the extra reference into account
// when determining whether the slot can be reused.
PA_ALWAYS_INLINE void InitalizeForGwpAsan() {
PA_ALWAYS_INLINE void InitializeForGwpAsan() {
#if PA_CONFIG(IN_SLOT_METADATA_CHECK_COOKIE)
brp_cookie_ = CalculateCookie();
#endif
@ -359,10 +368,10 @@ class PA_COMPONENT_EXPORT(PARTITION_ALLOC) InSlotMetadata {
// If there are some dangling raw_ptr<>. Turn on the error flag, and
// emit the `DanglingPtrDetected` once to embedders.
PA_ALWAYS_INLINE void CheckDanglingPointersOnFree(CountType count) {
#if BUILDFLAG(ENABLE_DANGLING_RAW_PTR_CHECKS)
#if PA_BUILDFLAG(ENABLE_DANGLING_RAW_PTR_CHECKS)
// The `kPtrCountMask` counts the number of raw_ptr<T>. It is expected to be
// zero when there are no unexpected dangling pointers.
if (PA_LIKELY((count & kPtrCountMask) == 0)) {
if ((count & kPtrCountMask) == 0) [[likely]] {
return;
}
@ -384,7 +393,7 @@ class PA_COMPONENT_EXPORT(PARTITION_ALLOC) InSlotMetadata {
partition_alloc::internal::DanglingRawPtrDetected(
reinterpret_cast<uintptr_t>(this));
#endif // BUILDFLAG(ENABLE_DANGLING_RAW_PTR_CHECKS)
#endif // PA_BUILDFLAG(ENABLE_DANGLING_RAW_PTR_CHECKS)
}
// The common parts shared by Release() and ReleaseFromUnprotectedPtr().
@ -397,9 +406,9 @@ class PA_COMPONENT_EXPORT(PARTITION_ALLOC) InSlotMetadata {
// - A raw_ptr<T, DisableDanglingPtrDetection>
//
// Assuming this raw_ptr is not dangling, the memory must still be held at
// least by the allocator, so this is PA_LIKELY true.
if (PA_LIKELY((count & (kMemoryHeldByAllocatorBit | kPtrCountMask |
kUnprotectedPtrCountMask)))) {
// least by the allocator, so this is `[[likely]]`.
if ((count & (kMemoryHeldByAllocatorBit | kPtrCountMask |
kUnprotectedPtrCountMask))) [[likely]] {
return false; // Do not release the memory.
}
@ -475,9 +484,7 @@ PA_ALWAYS_INLINE InSlotMetadata::InSlotMetadata(
static_assert(kAlignment % alignof(InSlotMetadata) == 0,
"kAlignment must be multiples of alignof(InSlotMetadata).");
static constexpr size_t kInSlotMetadataBufferSize = sizeof(InSlotMetadata);
#if BUILDFLAG(ENABLE_DANGLING_RAW_PTR_CHECKS)
#if PA_BUILDFLAG(ENABLE_DANGLING_RAW_PTR_CHECKS)
#if PA_CONFIG(IN_SLOT_METADATA_CHECK_COOKIE) || \
PA_CONFIG(IN_SLOT_METADATA_STORE_REQUESTED_SIZE)
@ -486,7 +493,7 @@ static constexpr size_t kInSlotMetadataSizeShift = 4;
static constexpr size_t kInSlotMetadataSizeShift = 3;
#endif
#else // BUILDFLAG(ENABLE_DANGLING_RAW_PTR_CHECKS)
#else // PA_BUILDFLAG(ENABLE_DANGLING_RAW_PTR_CHECKS)
#if PA_CONFIG(IN_SLOT_METADATA_CHECK_COOKIE) && \
PA_CONFIG(IN_SLOT_METADATA_STORE_REQUESTED_SIZE)
@ -520,40 +527,32 @@ GetInSlotMetadataIndexMultiplierShift() {
return SystemPageShift() * 2 - kSuperPageShift - kInSlotMetadataSizeShift;
}
PA_ALWAYS_INLINE InSlotMetadata* InSlotMetadataPointer(
uintptr_t slot_start,
size_t slot_size,
bool in_slot_metadata_in_same_slot) {
// In the "previous slot" mode, in-slot metadatas that would be on a different
// page than their corresponding slot are instead placed in the super page
// metadata area. This is done so that they don't interfere with discarding of
// data pages.
//
// In the "same slot" mode, we have a handful of other issues:
PA_ALWAYS_INLINE InSlotMetadata* InSlotMetadataPointer(uintptr_t slot_start,
size_t slot_size) {
// In-slot metadata is typically put at the end of the slot. However, there
// are a handful of issues that need to be considered:
// 1. GWP-ASan uses 2-page slots and wants the 2nd page to be inaccissable, so
// putting an in-slot metadata there is a no-go.
// 2. When direct map is reallocated in-place, it's `slot_size` may change and
// pages can be (de)committed. This would force in-slot metadata
// relocation, which in turn could cause a race with in-slot metadata
// access.
// relocation, which could lead to a race with the metadata access.
// 3. For single-slot spans, the unused pages between `GetUtilizedSlotSize()`
// and `slot_size` may be discarded thus interfering with the in-slot
// metadata.
// All of the above happen to have `slot_start` at the page boundary, so we
// can reuse the "previous slot" mode code.
if (PA_LIKELY(slot_start & SystemPageOffsetMask())) {
//
// All of the above happen to have `slot_start` at the page boundary. We place
// the InSlotMetadata object out-of-line in this case, specifically in a
// special table after the super page metadata (see InSlotMetadataTable in
// partition_alloc_constants.h).
if (slot_start & SystemPageOffsetMask()) [[likely]] {
uintptr_t refcount_address =
slot_start + (in_slot_metadata_in_same_slot ? slot_size : 0) -
sizeof(InSlotMetadata);
#if BUILDFLAG(PA_DCHECK_IS_ON) || BUILDFLAG(ENABLE_BACKUP_REF_PTR_SLOW_CHECKS)
slot_start + slot_size - sizeof(InSlotMetadata);
#if PA_BUILDFLAG(DCHECKS_ARE_ON) || \
PA_BUILDFLAG(ENABLE_BACKUP_REF_PTR_SLOW_CHECKS)
PA_CHECK(refcount_address % alignof(InSlotMetadata) == 0);
#endif
// In theory, no need to MTE-tag in the "previous slot" mode, because
// in-slot metadata isn't protected by MTE. But it doesn't hurt to do so,
// and helps us avoid a branch (plus, can't easily #include partition_root.h
// here, due to cyclic dependencies).
// TODO(bartekn): Plumb the tag from the callers, so that it can be included
// in the calculations, and not re-read from memory.
// TODO(bartekn): Plumb the tag from the callers, so that MTE tag can be
// included in the pointer arithmetic, and not re-read from memory.
return static_cast<InSlotMetadata*>(TagAddr(refcount_address));
} else {
// No need to MTE-tag, as the metadata region isn't protected by MTE.
@ -561,24 +560,23 @@ PA_ALWAYS_INLINE InSlotMetadata* InSlotMetadataPointer(
(slot_start & kSuperPageBaseMask) + SystemPageSize() * 2);
size_t index = ((slot_start & kSuperPageOffsetMask) >> SystemPageShift())
<< GetInSlotMetadataIndexMultiplierShift();
#if BUILDFLAG(PA_DCHECK_IS_ON) || BUILDFLAG(ENABLE_BACKUP_REF_PTR_SLOW_CHECKS)
#if PA_BUILDFLAG(DCHECKS_ARE_ON) || \
PA_BUILDFLAG(ENABLE_BACKUP_REF_PTR_SLOW_CHECKS)
PA_CHECK(sizeof(InSlotMetadata) * index <= SystemPageSize());
#endif
return table_base + index;
}
}
static_assert(sizeof(InSlotMetadata) <= kInSlotMetadataBufferSize,
"InSlotMetadata should fit into the in-slot buffer.");
#endif // PA_BUILDFLAG(ENABLE_BACKUP_REF_PTR_SUPPORT)
#else // BUILDFLAG(ENABLE_BACKUP_REF_PTR_SUPPORT)
static constexpr size_t kInSlotMetadataBufferSize = 0;
#endif // BUILDFLAG(ENABLE_BACKUP_REF_PTR_SUPPORT)
constexpr size_t kInSlotMetadataSizeAdjustment = kInSlotMetadataBufferSize;
static inline constexpr size_t kInSlotMetadataSizeAdjustment =
#if PA_BUILDFLAG(ENABLE_BACKUP_REF_PTR_SUPPORT)
AlignUpInSlotMetadataSizeForApple(sizeof(InSlotMetadata));
#else
0ul;
#endif
} // namespace partition_alloc::internal
#endif // BASE_ALLOCATOR_PARTITION_ALLOCATOR_SRC_PARTITION_ALLOC_IN_SLOT_METADATA_H_
#endif // PARTITION_ALLOC_IN_SLOT_METADATA_H_

6
src/base/allocator/partition_allocator/src/partition_alloc/internal_allocator.cc
View file

@ -7,7 +7,7 @@
namespace partition_alloc::internal {
PA_COMPONENT_EXPORT(PARTITION_ALLOC)
PartitionRoot& InternalAllocatorRoot() {
static internal::base::NoDestructor<PartitionRoot> allocator([]() {
static internal::base::NoDestructor<PartitionRoot> allocator([] {
// Disable features using the internal root to avoid reentrancy issue.
PartitionOptions opts;
opts.thread_cache = PartitionOptions::kDisabled;
@ -37,8 +37,4 @@ void InternalPartitionAllocated::operator delete(void* ptr, std::align_val_t) {
InternalAllocatorRoot().Free<FreeFlags::kNoHooks>(ptr);
}
// A deleter for `std::unique_ptr<T>`.
void InternalPartitionDeleter::operator()(void* ptr) const {
InternalAllocatorRoot().Free<FreeFlags::kNoHooks>(ptr);
}
} // namespace partition_alloc::internal

Some files were not shown because too many files have changed in this diff Show more