1 // Copyright 2016 The Chromium Authors
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 #include "partition_alloc/shim/allocator_shim.h"
6 
7 #include "build/build_config.h"
8 #include "partition_alloc/partition_alloc_buildflags.h"
9 
10 #include <unistd.h>
11 
12 #if BUILDFLAG(USE_PARTITION_ALLOC_AS_MALLOC)
13 #include "partition_alloc/shim/allocator_shim_default_dispatch_to_partition_alloc.h"
14 #endif
15 
16 // No calls to malloc / new in this file. They would would cause re-entrancy of
17 // the shim, which is hard to deal with. Keep this code as simple as possible
18 // and don't use any external C++ object here, not even //base ones. Even if
19 // they are safe to use today, in future they might be refactored.
20 
21 #include "partition_alloc/shim/allocator_shim_functions.h"
22 #include "partition_alloc/shim/shim_alloc_functions.h"
23 
24 // Cpp symbols (new / delete) should always be routed through the shim layer
25 // except on Windows and macOS (except for PartitionAlloc-Everywhere) where the
26 // malloc intercept is deep enough that it also catches the cpp calls.
27 //
28 // In case of PartitionAlloc-Everywhere on macOS, malloc backed by
29 // allocator_shim::internal::PartitionMalloc crashes on OOM, and we need to
30 // avoid crashes in case of operator new() noexcept.  Thus, operator new()
31 // noexcept needs to be routed to
32 // allocator_shim::internal::PartitionMallocUnchecked through the shim layer.
33 #include "partition_alloc/shim/allocator_shim_override_cpp_symbols.h"
34 
35 #include "partition_alloc/shim/allocator_shim_override_libc_symbols.h"
36 
37 // Some glibc versions (until commit 6c444ad6e953dbdf9c7be065308a0a777)
38 // incorrectly call __libc_memalign() to allocate memory (see elf/dl-tls.c in
39 // glibc 2.23 for instance), and free() to free it. This causes issues for us,
40 // as we are then asked to free memory we didn't allocate.
41 //
42 // This only happened in glibc to allocate TLS storage metadata, and there are
43 // no other callers of __libc_memalign() there as of September 2020. To work
44 // around this issue, intercept this internal libc symbol to make sure that both
45 // the allocation and the free() are caught by the shim.
46 //
47 // This seems fragile, and is, but there is ample precedent for it, making it
48 // quite likely to keep working in the future. For instance, LLVM for LSAN uses
49 // this mechanism.
50 
51 #if defined(LIBC_GLIBC) && BUILDFLAG(USE_PARTITION_ALLOC_AS_MALLOC)
52 #include "partition_alloc/shim/allocator_shim_override_glibc_weak_symbols.h"
53 #endif
54 
55 // Cross-checks.
56 
57 #if defined(MEMORY_TOOL_REPLACES_ALLOCATOR)
58 #error The allocator shim should not be compiled when building for memory tools.
59 #endif
60 
61 #if (defined(__GNUC__) && defined(__EXCEPTIONS)) || \
62     (defined(_MSC_VER) && defined(_CPPUNWIND))
63 #error This code cannot be used when exceptions are turned on.
64 #endif
65