Loading...
--- libmalloc/libmalloc-521.100.59/src/nanov2_malloc.c
+++ libmalloc/libmalloc-409.60.6/src/nanov2_malloc.c
@@ -1517,7 +1517,9 @@
kern_return_t kr;
bitarray_t slots;
- reader = reader_or_in_memory_fallback(reader, task);
+ if (!reader) {
+ reader = nano_common_default_reader;
+ }
kr = reader(task, zone_address, sizeof(nanozonev2_t), (void **)&nanozone);
if (kr) {
@@ -1622,7 +1624,7 @@
bitarray_zap(slots, log_size, next_slot);
void *ptr = nanov2_slot_in_block_ptr(blockp, size_class, next_slot);
nanov2_free_slot_t *slotp = NANOV2_ZONE_PTR_TO_MAPPED_PTR(nanov2_free_slot_t *, ptr, ptr_offset);
- next_slot = (uint16_t)slotp->next_slot;
+ next_slot = slotp->next_slot;
free_list_count++;
}
// Add a range for each slot that is not on the freelist,
@@ -1641,7 +1643,7 @@
ranges[range_count].size = slot_size;
range_count++;
}
- _free(slots);
+ free(slots);
}
if (range_count) {
// Notify the in-use pointers that we found.
@@ -1958,7 +1960,7 @@
malloc_statistics_t *stats)
{
printer = printer ? printer : nanov2_null_printer;
- reader = reader_or_in_memory_fallback(reader, task);
+ reader = !reader && task == mach_task_self() ? _malloc_default_reader : reader;
kern_return_t err;
@@ -2290,49 +2292,26 @@
#if OS_VARIANT_NOTRESOLVED
-#if CONFIG_NANO_RESERVE_REGIONS
-// Update protection for region to DEFAULT
-static bool
-nanov2_unprotect_region(nanov2_region_t *region)
-{
- MALLOC_TRACE(TRACE_nanov2_region_protection | DBG_FUNC_START,
- (uint64_t)region, 0, 0, 0);
- bool result = nano_common_unprotect_vm_space((mach_vm_address_t)region,
- NANOV2_REGION_SIZE);
- MALLOC_TRACE(TRACE_nanov2_region_protection | DBG_FUNC_END,
- (uint64_t)region, result, 0, 0);
- return result;
-}
-
-// Reserve VA at [base, base+num_regions*REGION_SIZE].
-// Note: permissions must still be granted on reserved region with `nanov2_unprotect_region`
-static bool
-nanov2_reserve_regions(nanov2_region_t *base, unsigned int num_regions)
-{
- MALLOC_TRACE(TRACE_nanov2_region_reservation | DBG_FUNC_START,
- (uint64_t)base, num_regions, 0, 0);
- bool result = nano_common_reserve_vm_space((mach_vm_address_t)base,
- (NANOV2_REGION_SIZE * (mach_vm_size_t)num_regions));
- MALLOC_TRACE(TRACE_nanov2_region_reservation | DBG_FUNC_END,
- (uint64_t)base, num_regions, result, 0);
-
- return result;
-}
-#else
+#if NANOV2_MULTIPLE_REGIONS
+static nanov2_addr_t nanov2_max_region_base = {
+ .fields.nano_signature = NANOZONE_SIGNATURE,
+ .fields.nano_region = NANOV2_MAX_REGION_NUMBER
+};
+#endif // NANOV2_MULTIPLE_REGIONS
+
// Attempts to allocate VM space for a region at a given address and returns
// whether the allocation succeeded.
-static bool
+static boolean_t
nanov2_allocate_region(nanov2_region_t *region)
{
MALLOC_TRACE(TRACE_nanov2_region_allocation | DBG_FUNC_START,
(uint64_t)region, 0, 0, 0);
- bool result = nano_common_allocate_vm_space((mach_vm_address_t)region,
+ boolean_t result = nano_common_allocate_vm_space((mach_vm_address_t)region,
NANOV2_REGION_SIZE);
MALLOC_TRACE(TRACE_nanov2_region_allocation | DBG_FUNC_END,
(uint64_t)region, result, 0, 0);
return result;
}
-#endif // CONFIG_NANO_RESERVE_REGIONS
// Allocates a new region adjacent to the current one. If the allocation fails,
// keep sliding up by the size of a region until we either succeed or run out of
@@ -2344,26 +2323,11 @@
#if NANOV2_MULTIPLE_REGIONS
bool allocated = false;
- nanov2_addr_t nanov2_max_region_base = {
- .fields.nano_signature = NANOZONE_SIGNATURE,
- .fields.nano_region = nano_max_region,
- };
-
_malloc_lock_assert_owner(&nanozone->regions_lock);
nanov2_region_t *current_region = nanov2_current_region_base(
os_atomic_load(&nanozone->current_region_next_arena, relaxed));
nanov2_region_t *next_region = current_region + 1;
-
while ((void *)next_region <= nanov2_max_region_base.addr) {
-#if CONFIG_NANO_RESERVE_REGIONS
- if (!nanov2_unprotect_region(next_region)) {
- MALLOC_REPORT_FATAL_ERROR(next_region,
- "Nano: Unable to raise protection on pre-allocated region");
- }
- nanozone->statistics.allocated_regions++;
- allocated = true;
- break;
-#else // CONFIG_NANO_RESERVE_REGIONS
if (nanov2_allocate_region(next_region)) {
nanozone->statistics.allocated_regions++;
allocated = true;
@@ -2376,7 +2340,6 @@
// atomically here. Published by the store-release of
// current_region_next_arena.
os_atomic_inc(&nanozone->statistics.region_address_clashes, relaxed);
-#endif // CONFIG_NANO_RESERVE_REGIONS
}
if (!allocated) {
@@ -2424,8 +2387,7 @@
uint64_t guard = *(uint64_t *)corrupt_slot;
malloc_zone_error(MALLOC_ABORT_ON_CORRUPTION, true,
"Heap corruption detected, free list is damaged at %p\n"
- "*** Incorrect guard value: %llu\n", corrupt_slot,
- (unsigned long long)guard);
+ "*** Incorrect guard value: %lu\n", corrupt_slot, guard);
__builtin_unreachable();
}
@@ -2490,7 +2452,7 @@
slot = old_meta_view.meta.next_slot - 1; // meta.next_slot is 1-based.
ptr = nanov2_slot_in_block_ptr(blockp, size_class, slot);
nanov2_free_slot_t *slotp = (nanov2_free_slot_t *)ptr;
- new_meta.next_slot = slot_full ? SLOT_FULL : (uint16_t)slotp->next_slot;
+ new_meta.next_slot = slot_full ? SLOT_FULL : slotp->next_slot;
}
// Write the updated meta data; try again if we raced with another thread.
@@ -3097,9 +3059,11 @@
malloc_zone_t *
nanov2_create_zone(malloc_zone_t *helper_zone, unsigned debug_flags)
{
- // Note: It is not necessary that nanov2_create_zone resets _malloc_engaged_nano
- // if it is unable to enable the nanozone - functions that need to determine
- // whether the nanozone is preset should test initial_nano_zone.
+ // Note: It is important that nanov2_create_zone resets _malloc_engaged_nano
+ // if it is unable to enable the nanozone (and chooses not to abort). As
+ // several functions rely on _malloc_engaged_nano to determine if they
+ // should manipulate the nanozone, and these should not run if we failed
+ // to create the zone.
MALLOC_ASSERT(_malloc_engaged_nano == NANO_V2);
// Get memory for the zone and disable Nano if we fail.
@@ -3171,30 +3135,14 @@
_malloc_lock_init(&nanozone->madvise_lock);
// Allocate the initial region. If this does not succeed, we disable Nano.
- nanov2_region_t *region = (nanov2_region_t *)NANOZONE_BASE_REGION_ADDRESS;
-
- bool result;
-#if CONFIG_NANO_RESERVE_REGIONS
- unsigned int num_regions = (nano_max_region + 1);
- result = nanov2_reserve_regions(region, num_regions);
- if (result) {
- result = nanov2_unprotect_region(region);
- if (!result) {
- malloc_report(ASL_LEVEL_ERR,
- "unable to protect initial region\n");
- nano_common_deallocate_pages((void *)region,
- num_regions * (size_t)NANOV2_REGION_SIZE, 0);
- }
- }
-#else // CONFIG_NANO_RESERVE_REGIONS
- result = nanov2_allocate_region(region);
-#endif // CONFIG_NANO_RESERVE_REGIONS
+ nanov2_addr_t p = {.fields.nano_signature = NANOZONE_SIGNATURE};
+ nanov2_region_t *region = (nanov2_region_t *)p.addr;
+ boolean_t result = nanov2_allocate_region(region);
if (!result) {
- nano_common_deallocate_pages((void *)nanozone,
- NANOZONEV2_ZONE_PAGED_SIZE, 0);
+ nano_common_deallocate_pages(nanozone, NANOZONEV2_ZONE_PAGED_SIZE, 0);
_malloc_engaged_nano = NANO_NONE;
malloc_report(ASL_LEVEL_NOTICE, "nano zone abandoned due to inability "
- "to reserve vm space.\n");
+ "to preallocate reserved vm space.\n");
return NULL;
}
nanov2_region_linkage_t *region_linkage =
@@ -3206,6 +3154,7 @@
os_atomic_store(&nanozone->current_region_next_arena,
((nanov2_arena_t *)region) + 1, release);
nanozone->statistics.allocated_regions = 1;
+
// Set up the guard blocks for the initial arena, if requested
nanov2_init_guard_blocks(nanozone, (nanov2_arena_t *)region);