1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-10-26 02:12:07 +00:00
Commit graph

40 commits

Author SHA1 Message Date
Peter Ross
feb19646df LibC: Increase alignment for malloc() BigAllocationBlocks to 16 bytes
commit 5f3773b715 increased alignment
for ChunckedBlocks, but not for BigAllocationBlocks.

This is required to make SSE instructions work.
2022-03-02 11:40:37 +01:00
Michel Hermier
1af072e0f3 LibC: Make *alloc return NULL in case of failure (POSIX) 2022-01-16 11:18:04 +01:00
Michel Hermier
3bf89f1859 LibC: Document some posix *alloc urls 2022-01-16 11:18:04 +01:00
Daniel Bertalan
c7423dc20b LibC: Make the address argument of malloc_size a pointer to const
We don't mutate the pointed-to memory, so let's be const correct.

Fixes building the `mimalloc` library that's optionally used by the mold
linker (note that it isn't enabled yet as I haven't tested it).
2022-01-12 14:54:12 +01:00
kleines Filmröllchen
2f50d8f4d3 AK+LibC+LibPthread: Introduce NoAllocationGuard
NoAllocationGuard is an RAII stack guard that prevents allocations
while it exists. This is done through a thread-local global flag which
causes malloc to crash on a VERIFY if it is false. The guard allows for
recursion.

The intended use case for this class is in real-time audio code. In such
code, allocations are really bad, and this is an easy way of dynamically
enforcing the no-allocations rule while giving the user good feedback if
it is violated. Before real-time audio code is executed, e.g. in LibDSP,
a NoAllocationGuard is instantiated. This is not done with this commit,
as currently some code in LibDSP may still incorrectly allocate in real-
time situations.

Other use cases for the Kernel have also been added, so this commit
builds on the previous to add the support both in Userland and in the
Kernel.
2022-01-11 00:08:58 +01:00
Nick Johnson
08e4a1a4dc AK+Everywhere: Replace __builtin bit functions
In order to reduce our reliance on __builtin_{ffs, clz, ctz, popcount},
this commit removes all calls to these functions and replaces them with
the equivalent functions in AK/BuiltinWrappers.h.
2021-12-21 22:13:51 +01:00
Daniel Bertalan
40e7ac9967 LibC: Implement _aligned_malloc and _aligned_free
C++17 introduced aligned versions of `new` and `delete`, which are
automatically called by the compiler when allocating over-aligned
objects. As with the regular allocator functions, these are generally
thin wrappers around LibC.

We did not have support for aligned allocations in LibC, so this was not
possible. While libstdc++ has a fallback implementation, libc++ does
not, so the aligned allocation function was disabled internally. This
made building the LLVM port with Clang impossible.

Note that while the Microsoft docs say that aligned_malloc and
_aligned_free are declared in `malloc.h`, libc++ doesn't #include that
file, but instead relies on the definition coming from `stdlib.h`.
Therefore, I chose to declare it in that file instead of creating a new
LibC header.

I chose not to implement the more Unix-y `memalign`, `posix_memalign`,
or the C11 `aligned_alloc`, because that would require us to
significantly alter the memory allocator's internals. See the comment in
malloc.cpp.
2021-11-14 16:46:21 +00:00
Jean-Baptiste Boric
8043fcd466 LibC: Don't format strings when asserting with an unstable heap
If we hit an assertion while the heap isn't in a stable state, we can't
rely on dynamic memory allocation because the malloc mutex is already
held and the heap is most likely corrupted. Instead, we need to bail
out fast before we make the situation even worse.
2021-09-18 01:35:11 +00:00
Daniel Bertalan
fbdf17ae68 LibC: Don't flatten malloc and free
This is no longer needed as per the previous commit, UserspaceEmulator's
malloc tracer now correctly handles functions called from within
`malloc` and `free`. This might also have a benefit on performance
because forcibly inlining all function calls pessimizes cache locality.
2021-08-14 18:42:14 +02:00
Daniel Bertalan
87ef2718bc UserspaceEmulator+LibC: Use sys$emuctl() to disable auditing in malloc
It was fragile to use the address of the body of the memory management
functions to disable memory auditing within them. Functions called from
these did not get exempted from the audits, so in some cases
UserspaceEmulator reported bogus heap buffer overflows.

Memory auditing did not work at all on Clang because when querying the
addresses, their offset was taken relative to the base of `.text` which
is not the first segment in the `R/RX/RW(RELRO)/RW(non-RELRO)` layout
produced by LLD.

Similarly to when setting metadata about the allocations, we now use the
`emuctl` system call to selectively suppress auditing when we reach
these functions. This ensures that functions called from `malloc` are
affected too, and no issues occur because of the inconsistency between
Clang and GCC memory layouts.
2021-08-14 18:42:14 +02:00
Andreas Kling
1fcb1ec367 LibC: Randomize malloc() block addresses on x86_64
We have a lot of address space here, let's use it. :^)
2021-07-25 18:01:24 +02:00
Andreas Kling
2d1a651e0a Kernel: Make purgeable memory a VMObject level concept (again)
This patch changes the semantics of purgeable memory.

- AnonymousVMObject now has a "purgeable" flag. It can only be set when
  constructing the object. (Previously, all anonymous memory was
  effectively purgeable.)

- AnonymousVMObject now has a "volatile" flag. It covers the entire
  range of physical pages. (Previously, we tracked ranges of volatile
  pages, effectively making it a page-level concept.)

- Non-volatile objects maintain a physical page reservation via the
  committed pages mechanism, to ensure full coverage for page faults.

- When an object is made volatile, it relinquishes any unused committed
  pages immediately. If later made non-volatile again, we then attempt
  to make a new committed pages reservation. If this fails, we return
  ENOMEM to userspace.

mmap() now creates purgeable objects if passed the MAP_PURGEABLE option
together with MAP_ANONYMOUS. anon_create() memory is always purgeable.
2021-07-25 17:28:05 +02:00
Andreas Kling
1610669519 LibC: Make calloc() actually fail on multiplication overflow 2021-07-22 09:17:02 +02:00
Andreas Kling
e5a1e535cc LibC: Re-run clang-format on malloc.cpp 2021-07-09 14:14:22 +02:00
Andreas Kling
19cb5ed97a LibC: Simplify locking in malloc
- Use a simple pthread_mutex_t instead of bringing in headers from
  LibThreading just to get a mutex.

- Use a normal mutex instead of a recursive one.

- Remove redundant locking in realloc().
2021-07-09 13:47:32 +02:00
Andreas Kling
b8a204c5b9 LibThreading: Rename Lock => Mutex 2021-07-09 11:15:50 +02:00
Daniel Bertalan
b9f30c6f2a Everywhere: Fix some alignment issues
When creating uninitialized storage for variables, we need to make sure
that the alignment is correct. Fixes a KUBSAN failure when running
kernels compiled with Clang.

In `Syscalls/socket.cpp`, we can simply use local variables, as
`sockaddr_un` is a POD type.

Along with moving the `alignas` specifier to the correct member,
`AK::Optional`'s internal buffer has been made non-zeroed by default.
GCC emitted bogus uninitialized memory access warnings, so we now use
`__builtin_launder` to tell the compiler that we know what we are doing.
This might disable some optimizations, but judging by how GCC failed to
notice that the memory's initialization is dependent on `m_has_value`,
I'm not sure that's a bad thing.
2021-07-03 01:56:31 +04:30
Sahan Fernando
6fb08f20e3 LibC: Expose PAGE_ROUND_UP in mallocdefs.h 2021-06-12 22:50:40 +04:30
Brian Gianforcaro
e37f39d980 LibC: Switch ChunkedBlock to IntrusiveList from InlineLinkedList 2021-06-03 13:27:40 +02:00
Gunnar Beutner
ea33e9647b LibC: Don't leak memory for realloc(p, 0)
Previously we'd leak memory when the user called realloc(p, 0). Instead
this call should behave as if the user had called free(p).
2021-05-29 19:40:23 +02:00
Gunnar Beutner
39f0739381 LibC+UE: Keep more unused chunked blocks around
Previously each malloc size class would keep around a limited number of
unused blocks which were marked with MADV_SET_VOLATILE which could then
be reinitialized when additional blocks were needed.

This changes malloc() so that it also keeps around a number of blocks
without marking them with MADV_SET_VOLATILE. I termed these "hot"
blocks whereas blocks which were marked as MADV_SET_VOLATILE are called
"cold" blocks because they're more expensive to reinitialize.

In the worst case this could increase memory usage per process by
1MB when a program requests a bunch of memory and frees all of it.

Also, in order to make more efficient use of these unused blocks
they're now shared between size classes.
2021-05-23 19:31:39 +02:00
Andreas Kling
b5d73c834f Userland: Rename LibThread => LibThreading
Also rename the "LibThread" namespace to "Threading"
2021-05-22 18:54:22 +02:00
Andreas Kling
7957f13e98 Revert "LibC: Simplify malloc size classes"
This reverts commit f91bcb8895.
2021-05-18 08:32:05 +02:00
Lenny Maiorani
f91bcb8895 LibC: Simplify malloc size classes
Problem:
- `size_classes` is a C-style array which makes it difficult to use in
  algorithms.
- `all_of` algorithm is re-written for the specific implementation.

Solution:
- Change `size_classes` to be an `Array`.
- Directly use the generic `all_of` algorithm instead of
  reimplementing.
2021-05-18 08:06:01 +02:00
Gunnar Beutner
f89e8fb71a AK+LibC: Implement malloc_good_size() and use it for Vector/HashTable
This implements the macOS API malloc_good_size() which returns the
true allocation size for a given requested allocation size. This
allows us to make use of all the available memory in a malloc chunk.

For example, for a malloc request of 35 bytes our malloc would
internally use a chunk of size 64, however the remaining 29 bytes
would be unused.

Knowing the true allocation size allows us to request more usable
memory that would otherwise be wasted and make that available for
Vector, HashTable and potentially other callers in the future.
2021-05-15 16:30:14 +02:00
Jean-Baptiste Boric
e16894af5a LibC: Do not include errno.h inside unistd.h
POSIX does not mandate this, therefore let's not do it.
2021-05-14 22:24:02 +02:00
Brian Gianforcaro
691b6f69c5 LibThread: Remove LOCKER() macro, as it adds no value
The LOCKER() macro appears to have been added to LibThread as a
userspace analog to the previous LOCKER() macro that existed in
the kernel. The kernel version used the macro to inject __FILE__ and
__LINE__ number into the lock acquisition for debugging. However
AK::SourceLocation was used to remove the need for the macro. So
the kernel version no longer exists. The LOCKER() in LibThread doesn't
appear to actually need to be a macro, using the type directly works
fine, and arguably is more readable as it removes an unnecessary
level of indirection.
2021-05-10 11:57:11 +02:00
Gunnar Beutner
017da44ac2 LibC: Make malloc(0) return a non-null pointer
Legally we could just return a null pointer, however returning a
pointer other than the null pointer is more compatible with
improperly written software that assumes that a null pointer means
allocation failure.
2021-05-06 21:25:37 +02:00
Gunnar Beutner
3438829431 LibC: Lazily initialize malloc chunks
By default malloc manages memory internally in larger blocks. When
one of those blocks is added we initialize a free list by touching
each of the new block's pages, thereby committing all that memory
upfront.

This changes malloc to build the free list on demand which as a
bonus also distributes the latency hit for new blocks more evenly
because the page faults for the zero pages now don't happen all at
once.
2021-05-06 10:38:46 +02:00
Brian Gianforcaro
1682f0b760 Everything: Move to SPDX license identifiers in all files.
SPDX License Identifiers are a more compact / standardized
way of representing file license information.

See: https://spdx.dev/resources/use/#identifiers

This was done with the `ambr` search and replace tool.

 ambr --no-parent-ignore --key-from-file --rep-from-file key.txt rep.txt *
2021-04-22 11:22:27 +02:00
Andreas Kling
ef1e5db1d0 Everywhere: Remove klog(), dbg() and purge all LogStream usage :^)
Good-bye LogStream. Long live AK::Format!
2021-03-12 17:29:37 +01:00
Andreas Kling
9588f01739 UserspaceEmulator+LibC: Use sys$emuctl() to pass malloc info to UE
Get rid of the awkward secret handshake sequence between malloc and UE
and simply use sys$emuctl() to notify UE of malloc, free and realloc.
2021-03-09 11:31:18 +01:00
Andreas Kling
4faeaf101c LibC: Don't scrub memory in malloc/free when running in UE
Since UE is keeping track of the heap anyway, we can skip the scrubbing
and drastically improve the speed of malloc and free when emulating.
2021-03-09 08:59:10 +01:00
Andreas Kling
bb9cf083c4 LibC: Avoid double memory clearing in calloc()
calloc() was internally calling malloc_impl() which would scrub out
all the allocated memory with the scrub byte (0xdc). We would then
immediately zero-fill the memory.

This was obviously a waste of time, and our hash tables were doing
it all the time. :^)
2021-02-24 23:03:38 +01:00
Andreas Kling
5d180d1f99 Everywhere: Rename ASSERT => VERIFY
(...and ASSERT_NOT_REACHED => VERIFY_NOT_REACHED)

Since all of these checks are done in release builds as well,
let's rename them to VERIFY to prevent confusion, as everyone is
used to assertions being compiled out in release.

We can introduce a new ASSERT macro that is specifically for debug
checks, but I'm doing this wholesale conversion first since we've
accumulated thousands of these already, and it's not immediately
obvious which ones are suitable for ASSERT.
2021-02-23 20:56:54 +01:00
Andreas Kling
dffab4e034 LibC: Convert dbgprintf() => dbgln() 2021-02-17 15:39:32 +01:00
Andreas Kling
fc4eae87f8 LibC: Don't honor LIBC_* malloc debugging flags in AT_SECURE context
Just ignore all these environment flags if the AT_SECURE flag is set in
the program's auxiliary vector.

This prevents a user from tricking set-uid programs into dumping debug
information via environment flags.
2021-01-31 14:37:21 +01:00
asynts
eea72b9b5c Everywhere: Hook up remaining debug macros to Debug.h. 2021-01-25 09:47:36 +01:00
asynts
acdcf59a33 Everywhere: Remove unnecessary debug comments.
It would be tempting to uncomment these statements, but that won't work
with the new changes.

This was done with the following commands:

    find . \( -name '*.cpp' -o -name '*.h' -o -name '*.in' \) -not -path './Toolchain/*' -not -path './Build/*' -exec awk -i inplace '$0 !~ /\/\/#define/ { if (!toggle) { print; } else { toggle = !toggle } } ; $0 ~/\/\/#define/ { toggle = 1 }' {} \;

    find . \( -name '*.cpp' -o -name '*.h' -o -name '*.in' \) -not -path './Toolchain/*' -not -path './Build/*' -exec awk -i inplace '$0 !~ /\/\/ #define/ { if (!toggle) { print; } else { toggle = !toggle } } ; $0 ~/\/\/ #define/ { toggle = 1 }' {} \;
2021-01-25 09:47:36 +01:00
Andreas Kling
13d7c09125 Libraries: Move to Userland/Libraries/ 2021-01-12 12:17:46 +01:00
Renamed from Libraries/LibC/malloc.cpp (Browse further)