Revert "Guard use of sdallocx with BORINGSSL_SDALLOCX"
This reverts commit 80df7398ce52574801821ce7a76c031c35d6b882. See https://github.com/grpc/grpc/issues/25450#issuecomment-910806034 Even if we want to do this, turns out that we still need the weak symbol in order to work in important environments. Change-Id: I50b9aef0cfe7ed70bda433c3046d46f194636d54 Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/49205 Reviewed-by: David Benjamin <davidben@google.com> Commit-Queue: Adam Langley <agl@google.com>
This commit is contained in:
parent
19fe7943ce
commit
b49b78ef3f
28
crypto/mem.c
28
crypto/mem.c
@ -93,19 +93,15 @@ static void __asan_unpoison_memory_region(const void *addr, size_t size) {}
|
||||
#define WEAK_SYMBOL_FUNC(rettype, name, args) static rettype(*name) args = NULL;
|
||||
#endif
|
||||
|
||||
#if defined(BORINGSSL_SDALLOCX)
|
||||
// sdallocx is a sized |free| function. By passing the size (which we happen to
|
||||
// always know in BoringSSL), the malloc implementation can save work.
|
||||
// always know in BoringSSL), the malloc implementation can save work. We cannot
|
||||
// depend on |sdallocx| being available, however, so it's a weak symbol.
|
||||
//
|
||||
// This is guarded by BORINGSSL_SDALLOCX, rather than being a weak symbol,
|
||||
// because it can work poorly if there are two malloc implementations in the
|
||||
// address space. (Which probably isn't valid, ODR etc, but
|
||||
// https://github.com/grpc/grpc/issues/25450). In that situation, |malloc| can
|
||||
// come from one allocator but |sdallocx| from another and crashes quickly
|
||||
// result. We can't match |sdallocx| with |mallocx| because tcmalloc only
|
||||
// provides the former, so a mismatch can still happen.
|
||||
void sdallocx(void *ptr, size_t size, int flags);
|
||||
#endif
|
||||
// This will always be safe, but will only be overridden if the malloc
|
||||
// implementation is statically linked with BoringSSL. So, if |sdallocx| is
|
||||
// provided in, say, libc.so, we still won't use it because that's dynamically
|
||||
// linked. This isn't an ideal result, but its helps in some cases.
|
||||
WEAK_SYMBOL_FUNC(void, sdallocx, (void *ptr, size_t size, int flags));
|
||||
|
||||
// The following three functions can be defined to override default heap
|
||||
// allocation and freeing. If defined, it is the responsibility of
|
||||
@ -166,11 +162,11 @@ void OPENSSL_free(void *orig_ptr) {
|
||||
|
||||
size_t size = *(size_t *)ptr;
|
||||
OPENSSL_cleanse(ptr, size + OPENSSL_MALLOC_PREFIX);
|
||||
#if defined(BORINGSSL_SDALLOCX)
|
||||
sdallocx(ptr, size + OPENSSL_MALLOC_PREFIX, 0 /* flags */);
|
||||
#else
|
||||
free(ptr);
|
||||
#endif
|
||||
if (sdallocx) {
|
||||
sdallocx(ptr, size + OPENSSL_MALLOC_PREFIX, 0 /* flags */);
|
||||
} else {
|
||||
free(ptr);
|
||||
}
|
||||
}
|
||||
|
||||
void *OPENSSL_realloc(void *orig_ptr, size_t new_size) {
|
||||
|
Loading…
x
Reference in New Issue
Block a user