Stop using malloc_usable_size and malloc_size

Although the nanual page of malloc_usable_size says:

    Although the excess bytes can be over‐written by the application
    without ill effects, this is not good programming practice: the
    number of excess bytes in an allocation depends on the underlying
    implementation.

it looks like the premise is broken with _FORTIFY_SOURCE=3 on newer
systems and it might return a value that causes program to stop with
"buffer overflow" detected from the _FORTIFY_SOURCE.  As we do have own
implementation that tracks the allocation size that we can use to track
the allocation size, we can stop relying on this introspection function.

Also the newer manual page for malloc_usable_size changed the NOTES to:

    The value returned by malloc_usable_size() may be greater than the
    requested size of the allocation because of various internal
    implementation details, none of which the programmer should rely on.
    This function is intended to only be used for diagnostics and
    statistics; writing to the excess memory without first calling
    realloc(3) to resize the allocation is not supported.  The returned
    value is only valid at the time of the call.

Remove usage of both malloc_usable_size() and malloc_size() to be on the
safe size and only use the internal size tracking mechanism when
jemalloc is not available.

diff --git a/configure.ac b/configure.ac
index ecb10b087a00e9d5fcac731be105934dd33b2f42..612a3892594fa08e790a5c2e4f2e845610326161 100644 (file)
--- a/configure.ac
+++ b/configure.ac
@@ -1267,8 +1267,7 @@ AS_CASE([$with_jemalloc],
 
 AS_IF([test "$with_jemalloc" = "no"],
       [AS_CASE([$host],
-              [*-freebsd*],[AC_MSG_ERROR([You cannot compile without jemalloc; jemalloc is the system allocator on FreeBSD])])
-       AC_CHECK_FUNCS([malloc_size malloc_usable_size])])
+              [*-freebsd*],[AC_MSG_ERROR([You cannot compile without jemalloc; jemalloc is the system allocator on FreeBSD])])])
 
 AM_CONDITIONAL([HAVE_JEMALLOC], [test "$with_jemalloc" = "yes"])
 

diff --git a/lib/isc/jemalloc_shim.h b/lib/isc/jemalloc_shim.h
index ef7641e7f6d23476da9b9722bf43b89cdb56fc68..619d510432410925d5f9f484983b3756e374110b 100644 (file)
--- a/lib/isc/jemalloc_shim.h
+++ b/lib/isc/jemalloc_shim.h
@@ -26,89 +26,6 @@ const char *malloc_conf = NULL;
 #define MALLOCX_TCACHE_NONE (0)
 #define MALLOCX_ARENA(a)    (0)
 
-#if defined(HAVE_MALLOC_SIZE) || defined(HAVE_MALLOC_USABLE_SIZE)
-
-#include <stdlib.h>
-
-#ifdef HAVE_MALLOC_SIZE
-
-#include <malloc/malloc.h>
-
-static inline size_t
-sallocx(void *ptr, int flags) {
-       UNUSED(flags);
-
-       return (malloc_size(ptr));
-}
-
-#elif HAVE_MALLOC_USABLE_SIZE
-
-#ifdef __DragonFly__
-/*
- * On DragonFly BSD 'man 3 malloc' advises us to include the following
- * header to have access to malloc_usable_size().
- */
-#include <malloc_np.h>
-#else
-#include <malloc.h>
-#endif
-
-static inline size_t
-sallocx(void *ptr, int flags) {
-       UNUSED(flags);
-
-       return (malloc_usable_size(ptr));
-}
-
-#endif /* HAVE_MALLOC_SIZE */
-
-static inline void *
-mallocx(size_t size, int flags) {
-       void *ptr = malloc(size);
-       INSIST(ptr != NULL);
-
-       if ((flags & MALLOCX_ZERO) != 0) {
-               memset(ptr, 0, sallocx(ptr, flags));
-       }
-
-       return (ptr);
-}
-
-static inline void
-sdallocx(void *ptr, size_t size, int flags) {
-       UNUSED(size);
-       UNUSED(flags);
-
-       free(ptr);
-}
-
-static inline void *
-rallocx(void *ptr, size_t size, int flags) {
-       void *new_ptr;
-       size_t old_size, new_size;
-
-       REQUIRE(size != 0);
-
-       if ((flags & MALLOCX_ZERO) != 0) {
-               old_size = sallocx(ptr, flags);
-       }
-
-       new_ptr = realloc(ptr, size);
-       INSIST(new_ptr != NULL);
-
-       if ((flags & MALLOCX_ZERO) != 0) {
-               new_size = sallocx(new_ptr, flags);
-               if (new_size > old_size) {
-                       memset((uint8_t *)new_ptr + old_size, 0,
-                              new_size - old_size);
-               }
-       }
-
-       return (new_ptr);
-}
-
-#else /* defined(HAVE_MALLOC_SIZE) || defined (HAVE_MALLOC_USABLE_SIZE) */
-
 #include <stdlib.h>
 
 typedef union {
@@ -135,21 +52,16 @@ mallocx(size_t size, int flags) {
 }
 
 static inline void
-sdallocx(void *ptr, size_t size, int flags) {
+sdallocx(void *ptr, size_t size ISC_ATTR_UNUSED, int flags ISC_ATTR_UNUSED) {
        size_info *si = &(((size_info *)ptr)[-1]);
 
-       UNUSED(size);
-       UNUSED(flags);
-
        free(si);
 }
 
 static inline size_t
-sallocx(void *ptr, int flags) {
+sallocx(void *ptr, int flags ISC_ATTR_UNUSED) {
        size_info *si = &(((size_info *)ptr)[-1]);
 
-       UNUSED(flags);
-
        return (si[0].size);
 }
 
@@ -169,6 +81,4 @@ rallocx(void *ptr, size_t size, int flags) {
        return (ptr);
 }
 
-#endif /* defined(HAVE_MALLOC_SIZE) || defined (HAVE_MALLOC_USABLE_SIZE) */
-
 #endif /* !defined(HAVE_JEMALLOC) */