/* Licensed under BSD-MIT - see LICENSE file for details */ #include "tal.h" #include "compiler.h" #include "list.h" #include "alignof.h" #include #include #include #include #include #include #include //#define TAL_DEBUG 1 #define NOTIFY_IS_DESTRUCTOR 512 #define NOTIFY_EXTRA_ARG 1024 /* This makes our parent_child ptr stand out for to_tal_hdr checks */ #define TAL_PTR_OBFUSTICATOR ((intptr_t)0x1984200820142016ULL) /* 32-bit type field, first byte 0 in either endianness. */ enum prop_type { CHILDREN = 0x00c1d500, NAME = 0x00111100, NOTIFIER = 0x00071f00, }; struct tal_hdr { struct list_node list; struct prop_hdr *prop; /* XOR with TAL_PTR_OBFUSTICATOR */ intptr_t parent_child; size_t bytelen; }; struct prop_hdr { enum prop_type type; struct prop_hdr *next; }; struct children { struct prop_hdr hdr; /* CHILDREN */ struct tal_hdr *parent; struct list_head children; /* Head of siblings. */ }; struct name { struct prop_hdr hdr; /* NAME */ char name[]; }; struct notifier { struct prop_hdr hdr; /* NOTIFIER */ enum tal_notify_type types; union notifier_cb { void (*notifyfn)(tal_t *, enum tal_notify_type, void *); void (*destroy)(tal_t *); /* If NOTIFY_IS_DESTRUCTOR set */ void (*destroy2)(tal_t *, void *); /* If NOTIFY_EXTRA_ARG */ } u; }; /* Extra arg */ struct notifier_extra_arg { struct notifier n; void *arg; }; #define EXTRA_ARG(n) (((struct notifier_extra_arg *)(n))->arg) static struct { struct tal_hdr hdr; struct children c; } null_parent = { { { &null_parent.hdr.list, &null_parent.hdr.list }, &null_parent.c.hdr, TAL_PTR_OBFUSTICATOR, 0 }, { { CHILDREN, NULL }, &null_parent.hdr, { { &null_parent.c.children.n, &null_parent.c.children.n } } } }; static void *(*allocfn)(size_t size) = malloc; static void *(*resizefn)(void *, size_t size) = realloc; static void (*freefn)(void *) = free; static void (*errorfn)(const char *msg) = (void *)abort; /* Count on non-destrutor notifiers; often stays zero. */ static size_t notifiers = 0; static inline void COLD call_error(const char *msg) { errorfn(msg); } static bool get_destroying_bit(intptr_t parent_child) { return parent_child & 1; } static void set_destroying_bit(intptr_t *parent_child) { *parent_child |= 1; } static struct children *ignore_destroying_bit(intptr_t parent_child) { return (void *)((parent_child ^ TAL_PTR_OBFUSTICATOR) & ~(intptr_t)1); } /* This means valgrind can see leaks. */ void tal_cleanup(void) { struct tal_hdr *i; while ((i = list_top(&null_parent.c.children, struct tal_hdr, list))) { list_del(&i->list); memset(i, 0, sizeof(*i)); } /* Cleanup any taken pointers. */ take_cleanup(); } /* We carefully start all real properties with a zero byte. */ static bool is_literal(const struct prop_hdr *prop) { return ((char *)prop)[0] != 0; } #ifndef NDEBUG static const void *bounds_start, *bounds_end; static void update_bounds(const void *new, size_t size) { if (unlikely(!bounds_start)) { bounds_start = new; bounds_end = (char *)new + size; } else if (new < bounds_start) bounds_start = new; else if ((char *)new + size > (char *)bounds_end) bounds_end = (char *)new + size; } static bool in_bounds(const void *p) { return !p || (p >= (void *)&null_parent && p <= (void *)(&null_parent + 1)) || (p >= bounds_start && p <= bounds_end); } #else static void update_bounds(const void *new, size_t size) { } static bool in_bounds(const void *p) { return true; } #endif static void check_bounds(const void *p) { if (!in_bounds(p)) call_error("Not a valid header"); } static struct tal_hdr *to_tal_hdr(const void *ctx) { struct tal_hdr *t; t = (struct tal_hdr *)((char *)ctx - sizeof(struct tal_hdr)); check_bounds(t); check_bounds(ignore_destroying_bit(t->parent_child)); check_bounds(t->list.next); check_bounds(t->list.prev); if (t->prop && !is_literal(t->prop)) check_bounds(t->prop); return t; } static struct tal_hdr *to_tal_hdr_or_null(const void *ctx) { if (!ctx) return &null_parent.hdr; return to_tal_hdr(ctx); } static void *from_tal_hdr(const struct tal_hdr *hdr) { return (void *)(hdr + 1); } static void *from_tal_hdr_or_null(const struct tal_hdr *hdr) { if (hdr == &null_parent.hdr) return NULL; return from_tal_hdr(hdr); } #ifdef TAL_DEBUG static struct tal_hdr *debug_tal(struct tal_hdr *tal) { tal_check(from_tal_hdr_or_null(tal), "TAL_DEBUG "); return tal; } #else static struct tal_hdr *debug_tal(struct tal_hdr *tal) { return tal; } #endif static void notify(const struct tal_hdr *ctx, enum tal_notify_type type, const void *info, int saved_errno) { const struct prop_hdr *p; for (p = ctx->prop; p; p = p->next) { struct notifier *n; if (is_literal(p)) break; if (p->type != NOTIFIER) continue; n = (struct notifier *)p; if (n->types & type) { errno = saved_errno; if (n->types & NOTIFY_IS_DESTRUCTOR) { /* Blatt this notifier in case it tries to * tal_del_destructor() from inside */ union notifier_cb cb = n->u; /* It's a union, so this NULLs destroy2 too! */ n->u.destroy = NULL; if (n->types & NOTIFY_EXTRA_ARG) cb.destroy2(from_tal_hdr(ctx), EXTRA_ARG(n)); else cb.destroy(from_tal_hdr(ctx)); } else n->u.notifyfn(from_tal_hdr_or_null(ctx), type, (void *)info); } } } static void *allocate(size_t size) { void *ret = allocfn(size); if (!ret) call_error("allocation failed"); else update_bounds(ret, size); return ret; } static struct prop_hdr **find_property_ptr(const struct tal_hdr *t, enum prop_type type) { struct prop_hdr **p; for (p = (struct prop_hdr **)&t->prop; *p; p = &(*p)->next) { if (is_literal(*p)) { if (type == NAME) return p; break; } if ((*p)->type == type) return p; } return NULL; } static void *find_property(const struct tal_hdr *parent, enum prop_type type) { struct prop_hdr **p = find_property_ptr(parent, type); if (p) return *p; return NULL; } static void init_property(struct prop_hdr *hdr, struct tal_hdr *parent, enum prop_type type) { hdr->type = type; hdr->next = parent->prop; parent->prop = hdr; } static struct notifier *add_notifier_property(struct tal_hdr *t, enum tal_notify_type types, void (*fn)(void *, enum tal_notify_type, void *), void *extra_arg) { struct notifier *prop; if (types & NOTIFY_EXTRA_ARG) prop = allocate(sizeof(struct notifier_extra_arg)); else prop = allocate(sizeof(struct notifier)); if (prop) { init_property(&prop->hdr, t, NOTIFIER); prop->types = types; prop->u.notifyfn = fn; if (types & NOTIFY_EXTRA_ARG) EXTRA_ARG(prop) = extra_arg; } return prop; } static enum tal_notify_type del_notifier_property(struct tal_hdr *t, void (*fn)(tal_t *, enum tal_notify_type, void *), bool match_extra_arg, void *extra_arg) { struct prop_hdr **p; for (p = (struct prop_hdr **)&t->prop; *p; p = &(*p)->next) { struct notifier *n; enum tal_notify_type types; if (is_literal(*p)) break; if ((*p)->type != NOTIFIER) continue; n = (struct notifier *)*p; if (n->u.notifyfn != fn) continue; types = n->types; if ((types & NOTIFY_EXTRA_ARG) && match_extra_arg && extra_arg != EXTRA_ARG(n)) continue; *p = (*p)->next; freefn(n); return types & ~(NOTIFY_IS_DESTRUCTOR|NOTIFY_EXTRA_ARG); } return 0; } static struct name *add_name_property(struct tal_hdr *t, const char *name) { struct name *prop; prop = allocate(sizeof(*prop) + strlen(name) + 1); if (prop) { init_property(&prop->hdr, t, NAME); strcpy(prop->name, name); } return prop; } static struct children *add_child_property(struct tal_hdr *parent, struct tal_hdr *child UNNEEDED) { struct children *prop = allocate(sizeof(*prop)); if (prop) { init_property(&prop->hdr, parent, CHILDREN); prop->parent = parent; list_head_init(&prop->children); } return prop; } static bool add_child(struct tal_hdr *parent, struct tal_hdr *child) { struct children *children = find_property(parent, CHILDREN); if (!children) { children = add_child_property(parent, child); if (!children) return false; } list_add(&children->children, &child->list); child->parent_child = (intptr_t)children ^ TAL_PTR_OBFUSTICATOR; return true; } static void del_tree(struct tal_hdr *t, const tal_t *orig, int saved_errno) { struct prop_hdr **prop, *p, *next; assert(!taken(from_tal_hdr(t))); /* Already being destroyed? Don't loop. */ if (unlikely(get_destroying_bit(t->parent_child))) return; set_destroying_bit(&t->parent_child); /* Call free notifiers. */ notify(t, TAL_NOTIFY_FREE, (tal_t *)orig, saved_errno); /* Now free children and groups. */ prop = find_property_ptr(t, CHILDREN); if (prop) { struct tal_hdr *i; struct children *c = (struct children *)*prop; while ((i = list_top(&c->children, struct tal_hdr, list))) { list_del(&i->list); del_tree(i, orig, saved_errno); } } /* Finally free our properties. */ for (p = t->prop; p && !is_literal(p); p = next) { next = p->next; freefn(p); } freefn(t); } void *tal_alloc_(const tal_t *ctx, size_t size, bool clear, const char *label) { struct tal_hdr *child, *parent = debug_tal(to_tal_hdr_or_null(ctx)); child = allocate(sizeof(struct tal_hdr) + size); if (!child) return NULL; if (clear) memset(from_tal_hdr(child), 0, size); child->prop = (void *)label; child->bytelen = size; if (!add_child(parent, child)) { freefn(child); return NULL; } debug_tal(parent); if (notifiers) notify(parent, TAL_NOTIFY_ADD_CHILD, from_tal_hdr(child), 0); return from_tal_hdr(debug_tal(child)); } static bool adjust_size(size_t *size, size_t count) { const size_t extra = sizeof(struct tal_hdr); /* Multiplication wrap */ if (count && unlikely(*size * count / *size != count)) goto overflow; *size *= count; /* Make sure we don't wrap adding header. */ if (*size + extra < extra) goto overflow; return true; overflow: call_error("allocation size overflow"); return false; } void *tal_alloc_arr_(const tal_t *ctx, size_t size, size_t count, bool clear, const char *label) { if (!adjust_size(&size, count)) return NULL; return tal_alloc_(ctx, size, clear, label); } void *tal_free(const tal_t *ctx) { if (ctx) { struct tal_hdr *t; int saved_errno = errno; t = debug_tal(to_tal_hdr(ctx)); if (unlikely(get_destroying_bit(t->parent_child))) return NULL; if (notifiers) notify(ignore_destroying_bit(t->parent_child)->parent, TAL_NOTIFY_DEL_CHILD, ctx, saved_errno); list_del(&t->list); del_tree(t, ctx, saved_errno); errno = saved_errno; } return NULL; } void *tal_steal_(const tal_t *new_parent, const tal_t *ctx) { if (ctx) { struct tal_hdr *newpar, *t, *old_parent; newpar = debug_tal(to_tal_hdr_or_null(new_parent)); t = debug_tal(to_tal_hdr(ctx)); /* Unlink it from old parent. */ list_del(&t->list); old_parent = ignore_destroying_bit(t->parent_child)->parent; if (unlikely(!add_child(newpar, t))) { /* We can always add to old parent, because it has a * children property already. */ if (!add_child(old_parent, t)) abort(); return NULL; } debug_tal(newpar); if (notifiers) notify(t, TAL_NOTIFY_STEAL, new_parent, 0); } return (void *)ctx; } bool tal_add_destructor_(const tal_t *ctx, void (*destroy)(void *me)) { tal_t *t = debug_tal(to_tal_hdr(ctx)); return add_notifier_property(t, TAL_NOTIFY_FREE|NOTIFY_IS_DESTRUCTOR, (void *)destroy, NULL); } bool tal_add_destructor2_(const tal_t *ctx, void (*destroy)(void *me, void *arg), void *arg) { tal_t *t = debug_tal(to_tal_hdr(ctx)); return add_notifier_property(t, TAL_NOTIFY_FREE|NOTIFY_IS_DESTRUCTOR |NOTIFY_EXTRA_ARG, (void *)destroy, arg); } /* We could support notifiers with an extra arg, but we didn't add to API */ bool tal_add_notifier_(const tal_t *ctx, enum tal_notify_type types, void (*callback)(tal_t *, enum tal_notify_type, void *)) { struct tal_hdr *t = debug_tal(to_tal_hdr_or_null(ctx)); struct notifier *n; assert(types); assert((types & ~(TAL_NOTIFY_FREE | TAL_NOTIFY_STEAL | TAL_NOTIFY_MOVE | TAL_NOTIFY_RESIZE | TAL_NOTIFY_RENAME | TAL_NOTIFY_ADD_CHILD | TAL_NOTIFY_DEL_CHILD | TAL_NOTIFY_ADD_NOTIFIER | TAL_NOTIFY_DEL_NOTIFIER)) == 0); /* Don't call notifier about itself: set types after! */ n = add_notifier_property(t, 0, callback, NULL); if (unlikely(!n)) return false; if (notifiers) notify(t, TAL_NOTIFY_ADD_NOTIFIER, callback, 0); n->types = types; if (types != TAL_NOTIFY_FREE) notifiers++; return true; } bool tal_del_notifier_(const tal_t *ctx, void (*callback)(tal_t *, enum tal_notify_type, void *), bool match_extra_arg, void *extra_arg) { struct tal_hdr *t = debug_tal(to_tal_hdr_or_null(ctx)); enum tal_notify_type types; types = del_notifier_property(t, callback, match_extra_arg, extra_arg); if (types) { notify(t, TAL_NOTIFY_DEL_NOTIFIER, callback, 0); if (types != TAL_NOTIFY_FREE) notifiers--; return true; } return false; } bool tal_del_destructor_(const tal_t *ctx, void (*destroy)(void *me)) { return tal_del_notifier_(ctx, (void *)destroy, false, NULL); } bool tal_del_destructor2_(const tal_t *ctx, void (*destroy)(void *me, void *arg), void *arg) { return tal_del_notifier_(ctx, (void *)destroy, true, arg); } bool tal_set_name_(tal_t *ctx, const char *name, bool literal) { struct tal_hdr *t = debug_tal(to_tal_hdr(ctx)); struct prop_hdr **prop = find_property_ptr(t, NAME); /* Get rid of any old name */ if (prop) { struct name *name = (struct name *)*prop; if (is_literal(&name->hdr)) *prop = NULL; else { *prop = name->hdr.next; freefn(name); } } if (literal && name[0]) { struct prop_hdr **p; /* Append literal. */ for (p = &t->prop; *p && !is_literal(*p); p = &(*p)->next); *p = (struct prop_hdr *)name; } else if (!add_name_property(t, name)) return false; debug_tal(t); if (notifiers) notify(t, TAL_NOTIFY_RENAME, name, 0); return true; } const char *tal_name(const tal_t *t) { struct name *n; n = find_property(debug_tal(to_tal_hdr(t)), NAME); if (!n) return NULL; if (is_literal(&n->hdr)) return (const char *)n; return n->name; } size_t tal_bytelen(const tal_t *ptr) { /* NULL -> null_parent which has bytelen 0 */ struct tal_hdr *t = debug_tal(to_tal_hdr_or_null(ptr)); return t->bytelen; } /* Start one past first child: make stopping natural in circ. list. */ static struct tal_hdr *first_child(struct tal_hdr *parent) { struct children *child; child = find_property(parent, CHILDREN); if (!child) return NULL; return list_top(&child->children, struct tal_hdr, list); } tal_t *tal_first(const tal_t *root) { struct tal_hdr *c, *t = debug_tal(to_tal_hdr_or_null(root)); c = first_child(t); if (!c) return NULL; return from_tal_hdr(c); } tal_t *tal_next(const tal_t *prev) { struct tal_hdr *next, *prevhdr = debug_tal(to_tal_hdr(prev)); struct list_head *head; head = &ignore_destroying_bit(prevhdr->parent_child)->children; next = list_next(head, prevhdr, list); if (!next) return NULL; return from_tal_hdr(next); } tal_t *tal_parent(const tal_t *ctx) { struct tal_hdr *t; if (!ctx) return NULL; t = debug_tal(to_tal_hdr(ctx)); if (ignore_destroying_bit(t->parent_child)->parent == &null_parent.hdr) return NULL; return from_tal_hdr(ignore_destroying_bit(t->parent_child)->parent); } bool tal_resize_(tal_t **ctxp, size_t size, size_t count, bool clear) { struct tal_hdr *old_t, *t; struct children *child; old_t = debug_tal(to_tal_hdr(*ctxp)); if (!adjust_size(&size, count)) return false; t = resizefn(old_t, sizeof(struct tal_hdr) + size); if (!t) { call_error("Reallocation failure"); return false; } /* Clear between old end and new end. */ if (clear && size > t->bytelen) { char *old_end = (char *)(t + 1) + t->bytelen; memset(old_end, 0, size - t->bytelen); } /* Update length. */ t->bytelen = size; update_bounds(t, sizeof(struct tal_hdr) + size); /* If it didn't move, we're done! */ if (t != old_t) { /* Fix up linked list pointers. */ t->list.next->prev = t->list.prev->next = &t->list; /* Copy take() property. */ if (taken(from_tal_hdr(old_t))) take(from_tal_hdr(t)); /* Fix up child property's parent pointer. */ child = find_property(t, CHILDREN); if (child) { assert(child->parent == old_t); child->parent = t; } *ctxp = from_tal_hdr(debug_tal(t)); if (notifiers) notify(t, TAL_NOTIFY_MOVE, from_tal_hdr(old_t), 0); } if (notifiers) notify(t, TAL_NOTIFY_RESIZE, (void *)size, 0); return true; } bool tal_expand_(tal_t **ctxp, const void *src, size_t size, size_t count) { size_t old_len; bool ret = false; old_len = debug_tal(to_tal_hdr(*ctxp))->bytelen; /* Check for additive overflow */ if (old_len + count * size < old_len) { call_error("dup size overflow"); goto out; } /* Don't point src inside thing we're expanding! */ assert(src < *ctxp || (char *)src >= (char *)(*ctxp) + old_len); if (!tal_resize_(ctxp, size, old_len/size + count, false)) goto out; memcpy((char *)*ctxp + old_len, src, count * size); ret = true; out: if (taken(src)) tal_free(src); return ret; } void *tal_dup_(const tal_t *ctx, const void *p, size_t size, size_t n, size_t extra, bool nullok, const char *label) { void *ret; size_t nbytes = size; if (nullok && p == NULL) { /* take(NULL) works. */ (void)taken(p); return NULL; } if (!adjust_size(&nbytes, n)) { if (taken(p)) tal_free(p); return NULL; } /* Beware addition overflow! */ if (n + extra < n) { call_error("dup size overflow"); if (taken(p)) tal_free(p); return NULL; } if (taken(p)) { if (unlikely(!p)) return NULL; if (unlikely(!tal_resize_((void **)&p, size, n + extra, false))) return tal_free(p); if (unlikely(!tal_steal(ctx, p))) return tal_free(p); return (void *)p; } ret = tal_alloc_arr_(ctx, size, n + extra, false, label); if (ret) memcpy(ret, p, nbytes); return ret; } void *tal_dup_talarr_(const tal_t *ctx, const tal_t *src TAKES, const char *label) { return tal_dup_(ctx, src, 1, tal_bytelen(src), 0, true, label); } void tal_set_backend(void *(*alloc_fn)(size_t size), void *(*resize_fn)(void *, size_t size), void (*free_fn)(void *), void (*error_fn)(const char *msg)) { if (alloc_fn) allocfn = alloc_fn; if (resize_fn) resizefn = resize_fn; if (free_fn) freefn = free_fn; if (error_fn) errorfn = error_fn; } #ifdef CCAN_TAL_DEBUG static void dump_node(unsigned int indent, const struct tal_hdr *t) { unsigned int i; const struct prop_hdr *p; for (i = 0; i < indent; i++) fprintf(stderr, " "); fprintf(stderr, "%p len=%zu", t, t->bytelen); for (p = t->prop; p; p = p->next) { struct children *c; struct name *n; struct notifier *no; if (is_literal(p)) { fprintf(stderr, " \"%s\"", (const char *)p); break; } switch (p->type) { case CHILDREN: c = (struct children *)p; fprintf(stderr, " CHILDREN(%p):parent=%p,children={%p,%p}", p, c->parent, c->children.n.prev, c->children.n.next); break; case NAME: n = (struct name *)p; fprintf(stderr, " NAME(%p):%s", p, n->name); break; case NOTIFIER: no = (struct notifier *)p; fprintf(stderr, " NOTIFIER(%p):fn=%p", p, no->u.notifyfn); break; default: fprintf(stderr, " **UNKNOWN(%p):%i**", p, p->type); } } fprintf(stderr, "\n"); } static void tal_dump_(unsigned int level, const struct tal_hdr *t) { struct children *children; dump_node(level, t); children = find_property(t, CHILDREN); if (children) { struct tal_hdr *i; list_for_each(&children->children, i, list) tal_dump_(level + 1, i); } } void tal_dump(void) { tal_dump_(0, &null_parent.hdr); } #endif /* CCAN_TAL_DEBUG */ #ifndef NDEBUG static bool check_err(struct tal_hdr *t, const char *errorstr, const char *errmsg) { if (errorstr) { /* Try not to malloc: it may be corrupted. */ char msg[strlen(errorstr) + 20 + strlen(errmsg) + 1]; sprintf(msg, "%s:%p %s", errorstr, from_tal_hdr(t), errmsg); call_error(msg); } return false; } static bool check_node(struct children *parent_child, struct tal_hdr *t, const char *errorstr) { struct prop_hdr *p; struct name *name = NULL; struct children *children = NULL; if (!in_bounds(t)) return check_err(t, errorstr, "invalid pointer"); if (ignore_destroying_bit(t->parent_child) != parent_child) return check_err(t, errorstr, "incorrect parent"); for (p = t->prop; p; p = p->next) { if (is_literal(p)) { if (name) return check_err(t, errorstr, "has extra literal"); break; } if (!in_bounds(p)) return check_err(t, errorstr, "has bad property pointer"); switch (p->type) { case CHILDREN: if (children) return check_err(t, errorstr, "has two child nodes"); children = (struct children *)p; break; case NOTIFIER: break; case NAME: if (name) return check_err(t, errorstr, "has two names"); name = (struct name *)p; break; default: return check_err(t, errorstr, "has unknown property"); } } if (children) { struct tal_hdr *i; if (!list_check(&children->children, errorstr)) return false; list_for_each(&children->children, i, list) { if (!check_node(children, i, errorstr)) return false; } } return true; } bool tal_check(const tal_t *ctx, const char *errorstr) { struct tal_hdr *t = to_tal_hdr_or_null(ctx); return check_node(ignore_destroying_bit(t->parent_child), t, errorstr); } #else /* NDEBUG */ bool tal_check(const tal_t *ctx, const char *errorstr) { return true; } #endif