summaryrefslogtreecommitdiff
path: root/AK/BumpAllocator.h
AgeCommit message (Collapse)Author
2022-12-06AK: Take the bump-allocated chunk header into account in destroy_all()Ali Mohammad Pur
Previously we allowed the end_offset to be larger than the chunk itself, which made it so that certain input sizes would make the logic attempt to delete a nonexistent object. Fixes #16308.
2022-11-26AK: Make it possible to not `using` AK classes into the global namespaceAndreas Kling
This patch adds the `USING_AK_GLOBALLY` macro which is enabled by default, but can be overridden by build flags. This is a step towards integrating Jakt and AK types.
2022-11-21AK: Fix memory corruption due to BumpAllocator mmap reuseAndreas Kling
There was a subtle mismatch between the obviously expected behavior of BumpAllocator::for_each_chunk() and its actual implementation. You'd think it would invoke the callback with the address of each chunk, but actually it also took the liberty of adding sizeof(ChunkHeader) to this address. UniformBumpAllocator::destroy_all() relied on this to get the right address for objects to delete. The bug happened in BumpAllocator::deallocate_all(), where we use for_each_chunk() to walk the list of chunks and munmap() them. To avoid memory mapping churn, we keep a global cache of 1 chunk around. Since we were being called with the offset chunk address, it meant that the cached chunk shifted 16 bytes away from its real address every time we re-added it to the cache. Eventually the cached chunk address would leave its memory region entirely, and at that point, any attempt to allocate from it would yield an address outside the region, causing memory corruption.
2022-11-17AK: Align last bump allocated chunk's end offset to the type size tooAli Mohammad Pur
Otherwise we can end up freeing garbage memory with some type sizes.
2022-10-10Everywhere: Replace uses of __serenity__ with AK_OS_SERENITYAndrew Kaster
Now that we have OS macros for essentially every supported OS, let's try to use them everywhere.
2022-07-19AK+LibGfx+LibJS: Pass -1 as the file descriptor to anonymous mmapDaniel Bertalan
Serenity/Linux/macOS ignore the file descriptor when an anonymous mapping is requested. However, BSDs require the fd to be -1.
2021-10-31AK: Make BumpAllocator work in multi-threaded environmentsBen Wiederhake
Fixes #10578.
2021-10-23AK: Prevent accidental misuse of BumpAllocatorBen Wiederhake
In particular, we implicitly required that the caller initializes the returned instances themselves (solved by making UniformBumpAllocator::allocate call the constructor), and BumpAllocator itself cannot handle classes that are not trivially deconstructible (solved by deleting the method). Co-authored-by: Ali Mohammad Pur <ali.mpfard@gmail.com>
2021-10-23AK: Fix BumpAllocator iteration if last object doesn't alignBen Wiederhake
This fixes two bugs: 1. `end_offset` was missing the alignment that might have been introduced while computing `base_ptr`. 2. Ignoring point 1, `end_offset` computed the offset of the first byte that is outside the current chunk. However, this might be in the middle of a (hypothetical) object! The loop treats `end_offset` as if it points to the first byte beyond the last (valid) object. So if the last few bytes of the chunk are unused, the loop iterates once too often. Found by OSS Fuzz, long-standing issue (since 2021-07-31) https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=38733 (This probably also resolves some other issues that go through RegexMatcher.) See also: 0f1425c895ace40fbb10d68a55eeb3a6354479d3
2021-10-23AK: Check consistency during BumpAllocator allocationBen Wiederhake
2021-09-13AK: Give BumpAllocator a single-block cacheAli Mohammad Pur
This avoid excessive mmap/munmap traffic in normal operation.
2021-08-13AK: Avoid OOB access in UniformBumpAllocator::destroy_all()Ali Mohammad Pur
Otherwise we would end up calling T::~T() on some random memory right after our mapped block, which is most likely a pretty bad thing to do :P
2021-08-08AK: Use `explode_byte` in BumpAllocator.hDaniel Bertalan
When compiling this code with Clang, both branches of the ternary operator get evaluated at compile-time, triggering a warning about a narrowing implicit conversion. We can use `explode_byte` instead.
2021-08-04AK: Allow configuring the BumpAllocator chunk sizeTimothy Flynn
2021-08-02AK: Add a simple bump allocatorAli Mohammad Pur