Always use base::raw_ptr<> implementation when PartitionAlloc is present
Now that RawPtrNoOpImpl initializes by default (modulo build args),
we can use it whenever Partition Alloc is present. This is a first
step towards minimizing some code duplication between PDFium and PA.
Also activate a simple CHECK() on BRP dangling detection. We'd not
done this in the past as some of the elegant reporting mechanism
lives chrome-side. But we need this to make some unittests work
against the new #defined symbols. This is a test-only change.
Bug: pdfium:2038
Change-Id: I5b624f82343d75cc62e362e464f88a1c759468fa
Reviewed-on: https://pdfium-review.googlesource.com/c/pdfium/+/112350
Reviewed-by: Lei Zhang <thestig@chromium.org>
Commit-Queue: Tom Sepez <tsepez@chromium.org>
diff --git a/core/fxcrt/unowned_ptr.h b/core/fxcrt/unowned_ptr.h
index 89ef955..ab92bc6 100644
--- a/core/fxcrt/unowned_ptr.h
+++ b/core/fxcrt/unowned_ptr.h
@@ -40,24 +40,25 @@
#if defined(PDF_USE_PARTITION_ALLOC)
#include "partition_alloc/partition_alloc_buildflags.h"
+#include "partition_alloc/pointers/raw_ptr.h"
-// Can only use base::raw_ptr<> impls that force nullptr initialization.
-#if BUILDFLAG(ENABLE_BACKUP_REF_PTR_SUPPORT) || BUILDFLAG(USE_ASAN_UNOWNED_PTR)
-#define UNOWNED_PTR_IS_BASE_RAW_PTR
+#if !BUILDFLAG(USE_PARTITION_ALLOC)
+#error "pdf_use_partition_alloc=true requires use_partition_alloc=true"
#endif
#if BUILDFLAG(ENABLE_DANGLING_RAW_PTR_CHECKS) || BUILDFLAG(USE_ASAN_UNOWNED_PTR)
#define UNOWNED_PTR_DANGLING_CHECKS
#endif
-#endif // PDF_USE_PARTITION_ALLOC
-#if defined(UNOWNED_PTR_IS_BASE_RAW_PTR)
-#include "partition_alloc/pointers/raw_ptr.h"
+static_assert(raw_ptr<int>::kZeroOnConstruct, "Unsafe build arguments");
+static_assert(raw_ptr<int>::kZeroOnMove, "Unsafe build arguments");
+
+#define UNOWNED_PTR_IS_BASE_RAW_PTR
template <typename T>
using UnownedPtr = raw_ptr<T>;
-#else // UNOWNED_PTR_IS_BASE_RAW_PTR
+#else // defined(PDF_USE_PARTITION_ALLOC)
#include <cstddef>
#include <functional>
@@ -67,11 +68,6 @@
#include "core/fxcrt/unowned_ptr_exclusion.h"
#include "third_party/base/compiler_specific.h"
-#if defined(ADDRESS_SANITIZER)
-#include <cstdint>
-#define UNOWNED_PTR_DANGLING_CHECKS
-#endif
-
namespace pdfium {
template <typename T>
@@ -219,7 +215,7 @@
using fxcrt::UnownedPtr;
-#endif // defined(UNOWNED_PTR_IS_BASE_RAW_PTR)
+#endif // defined(PDF_USE_PARTITION_ALLOC)
namespace pdfium {
diff --git a/core/fxcrt/unowned_ptr_unittest.cpp b/core/fxcrt/unowned_ptr_unittest.cpp
index 5290727..bbec87d 100644
--- a/core/fxcrt/unowned_ptr_unittest.cpp
+++ b/core/fxcrt/unowned_ptr_unittest.cpp
@@ -265,8 +265,10 @@
}
#if defined(PDF_USE_PARTITION_ALLOC)
-#if BUILDFLAG(USE_PARTITION_ALLOC_AS_MALLOC) && \
- BUILDFLAG(HAS_64_BIT_POINTERS) && BUILDFLAG(ENABLE_BACKUP_REF_PTR_SUPPORT)
+#if BUILDFLAG(USE_PARTITION_ALLOC_AS_MALLOC) && \
+ BUILDFLAG(ENABLE_BACKUP_REF_PTR_SUPPORT) && \
+ !BUILDFLAG(ENABLE_DANGLING_RAW_PTR_CHECKS) && \
+ BUILDFLAG(HAS_64_BIT_POINTERS)
TEST(UnownedPtr, DanglingGetsQuarantined) {
partition_alloc::PartitionRoot* root =
diff --git a/testing/allocator_shim_config.cpp b/testing/allocator_shim_config.cpp
index 416d82f..eb46fad 100644
--- a/testing/allocator_shim_config.cpp
+++ b/testing/allocator_shim_config.cpp
@@ -4,14 +4,19 @@
#include "testing/allocator_shim_config.h"
+#include "partition_alloc/dangling_raw_ptr_checks.h"
#include "partition_alloc/partition_alloc_buildflags.h"
#include "partition_alloc/shim/allocator_shim.h"
+#include "third_party/base/check.h"
namespace pdfium {
void ConfigurePartitionAllocShimPartitionForTest() {
#if BUILDFLAG(USE_PARTITION_ALLOC_AS_MALLOC)
#if BUILDFLAG(ENABLE_BACKUP_REF_PTR_SUPPORT)
+#if BUILDFLAG(ENABLE_DANGLING_RAW_PTR_CHECKS)
+ partition_alloc::SetDanglingRawPtrDetectedFn([](uintptr_t) { CHECK(0); });
+#endif // BUILDFLAG(ENABLE_DANGLING_RAW_PTR_CHECKS)
allocator_shim::ConfigurePartitions(
allocator_shim::EnableBrp(true),
allocator_shim::EnableMemoryTagging(false),
