aboutsummaryrefslogtreecommitdiff
path: root/src/liblzma/common/memory_limitter.c
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--src/liblzma/common/memory_limitter.c97
1 files changed, 83 insertions, 14 deletions
diff --git a/src/liblzma/common/memory_limitter.c b/src/liblzma/common/memory_limitter.c
index 0983c82e..e6aa6300 100644
--- a/src/liblzma/common/memory_limitter.c
+++ b/src/liblzma/common/memory_limitter.c
@@ -25,9 +25,16 @@
((num) + (((multiple) - ((num) % (multiple))) % (multiple)))
-/// Rounds upwards to the next multiple of 2 * sizeof(void*).
-/// malloc() tends to align allocations this way.
-#define malloc_ceil(num) my_ceil(num, 2 * sizeof(void *))
+/// Add approximated overhead of malloc() to size and round upwards to the
+/// next multiple of 2 * sizeof(size_t). I suppose that most malloc()
+/// implementations align small allocations this way, but the overhead
+/// varies due to several reasons (free lists, mmap() usage etc.).
+///
+/// This doesn't need to be exact at all. It's enough to take into account
+/// that there is some overhead. That way our memory usage count won't be
+/// horribly wrong if we are used to allocate lots of small memory chunks.
+#define malloc_ceil(size) \
+ my_ceil((size) + 2 * sizeof(void *), 2 * sizeof(size_t))
typedef struct lzma_memlimit_list_s lzma_memlimit_list;
@@ -39,24 +46,44 @@ struct lzma_memlimit_list_s {
struct lzma_memlimit_s {
+ /// List of allocated memory chunks
+ lzma_memlimit_list *list;
+
+ /// Number of bytes currently allocated; this includes the memory
+ /// needed for the helper structures.
size_t used;
+
+ /// Memory usage limit
size_t limit;
- lzma_memlimit_list *list;
+
+ /// Maximum amount of memory that have been or would have been needed.
+ /// That is, this is updated also if memory allocation fails, letting
+ /// the application check how much memory was tried to be allocated
+ /// in total.
+ size_t max;
+
+ /// True if lzma_memlimit_alloc() has returned NULL due to memory
+ /// usage limit.
+ bool limit_reached;
};
extern LZMA_API lzma_memlimit *
lzma_memlimit_create(size_t limit)
{
- if (limit < sizeof(lzma_memlimit))
+ const size_t base_size = malloc_ceil(sizeof(lzma_memlimit));
+
+ if (limit < base_size)
return NULL;
lzma_memlimit *mem = malloc(sizeof(lzma_memlimit));
if (mem != NULL) {
- mem->used = sizeof(lzma_memlimit);
- mem->limit = limit;
mem->list = NULL;
+ mem->used = base_size;
+ mem->limit = limit;
+ mem->max = base_size;
+ mem->limit_reached = false;
}
return mem;
@@ -86,6 +113,30 @@ lzma_memlimit_used(const lzma_memlimit *mem)
extern LZMA_API size_t
+lzma_memlimit_max(lzma_memlimit *mem, lzma_bool clear)
+{
+ const size_t ret = mem->max;
+
+ if (clear)
+ mem->max = mem->used;
+
+ return ret;
+}
+
+
+extern LZMA_API lzma_bool
+lzma_memlimit_reached(lzma_memlimit *mem, lzma_bool clear)
+{
+ const bool ret = mem->limit_reached;
+
+ if (clear)
+ mem->limit_reached = false;
+
+ return ret;
+}
+
+
+extern LZMA_API size_t
lzma_memlimit_count(const lzma_memlimit *mem)
{
// This is slow; we could have a counter in lzma_memlimit
@@ -94,12 +145,12 @@ lzma_memlimit_count(const lzma_memlimit *mem)
// in which this implementation is just fine.
size_t count = 0;
const lzma_memlimit_list *record = mem->list;
-
+
while (record != NULL) {
++count;
record = record->next;
}
-
+
return count;
}
@@ -140,18 +191,36 @@ lzma_memlimit_alloc(lzma_memlimit *mem, size_t nmemb, size_t size)
size = 1;
// Calculate how much memory we are going to allocate in reality.
- // TODO: We should add some rough estimate how much malloc() needs
- // for its internal structures.
const size_t total_size = malloc_ceil(size)
+ malloc_ceil(sizeof(lzma_memlimit_list));
- // Integer overflow protection
- if (SIZE_MAX - size <= total_size)
+ // Integer overflow protection for total_size and mem->used.
+ if (total_size <= size || SIZE_MAX - total_size < mem->used) {
+ mem->max = SIZE_MAX;
+ mem->limit_reached = true;
return NULL;
+ }
- if (mem->limit < mem->used || mem->limit - mem->used < total_size)
+ // Update the maximum memory requirement counter if needed. This
+ // is updated even if memory allocation would fail or limit would
+ // be reached.
+ if (mem->used + total_size > mem->max)
+ mem->max = mem->used + total_size;
+
+ // Check if we would stay in the memory usage limits. We need to
+ // check also that the current usage is in the limits, because
+ // the application could have decreased the limit between calls
+ // to this function.
+ if (mem->limit < mem->used || mem->limit - mem->used < total_size) {
+ mem->limit_reached = true;
return NULL;
+ }
+ // Allocate separate memory chunks for lzma_memlimit_list and the
+ // actual requested memory. Optimizing this to use only one
+ // allocation is not a good idea, because applications may want to
+ // detach lzma_extra structures that have been allocated with
+ // lzma_memlimit_alloc().
lzma_memlimit_list *record = malloc(sizeof(lzma_memlimit_list));
void *ptr = malloc(size);