infix/arena_8c_source.html

#include "common/infix_internals.h"

#include <stdint.h>  // For uintptr_t, SIZE_MAX

#include <stdlib.h>

#include <string.h>  // For memset


/*

 * Implementation for infix_arena_create.

 * This function allocates two separate blocks of memory: one for the `infix_arena_t`

 * controller struct itself, and a second, larger block for the arena's main buffer.

 * It includes logic to prevent memory leaks if the second allocation fails.

 */


infix_arena_t * infix_arena_create(size_t initial_size) {

    // Allocate the arena controller struct itself.

    infix_arena_t * arena = infix_malloc(sizeof(infix_arena_t));

    if (arena == nullptr)

        return nullptr;


    // Allocate the main memory block for the arena.

    arena->buffer = infix_malloc(initial_size);

    if (arena->buffer == nullptr && initial_size > 0) {

        // Critical cleanup: if the main buffer allocation fails, we must free

        // the `arena` struct itself to prevent a memory leak.

        infix_free(arena);

        return nullptr;

    }


    arena->capacity = initial_size;

    arena->current_offset = 0;

    arena->error = false;


    return arena;

}


/*

 * Implementation for infix_arena_destroy.

 * This function frees the main memory buffer and then the `infix_arena_t` struct.

 * It is safe to call with a `nullptr` argument.

 */


void infix_arena_destroy(infix_arena_t * arena) {

    if (arena == nullptr)

        return;


    // Free the main buffer first, then the controller struct.

    if (arena->buffer)

        infix_free(arena->buffer);


    infix_free(arena);

}


/*

 * Implementation for infix_arena_alloc.

 * This is the core "bump" allocation logic. It calculates the necessary padding

 * to align the current offset and performs multiple security checks to prevent

 * integer overflows. If the request fits, it advances the `current_offset` and

 * returns the aligned pointer; otherwise, it sets the arena's error flag.

 */


void * infix_arena_alloc(infix_arena_t * arena, size_t size, size_t alignment) {

    // Fail immediately if the arena is null or already in an error state.

    if (arena == nullptr || arena->error)

        return nullptr;


    // Security: Alignment must be a power of two. This is a common and critical check.

    if (alignment == 0 || (alignment & (alignment - 1)) != 0) {

        arena->error = true;

        return nullptr;

    }


    // Per the C standard, an allocation of zero bytes should return a valid, unique pointer.

    // We return a pointer to the current position without advancing the offset.

    if (size == 0)

        return (void *)(arena->buffer + arena->current_offset);


    // Calculate the next aligned offset using the shared helper.

    size_t aligned_offset = _infix_align_up(arena->current_offset, alignment);


    // Security: Check for integer overflow during the alignment calculation.

    if (aligned_offset < arena->current_offset) {

        arena->error = true;

        return nullptr;

    }


    // Security: Check if adding the requested size would overflow size_t or exceed capacity.

    if (SIZE_MAX - size < aligned_offset || aligned_offset + size > arena->capacity) {

        arena->error = true;

        return nullptr;

    }


    // All checks passed. Get the pointer and "bump" the offset.

    void * ptr = arena->buffer + aligned_offset;

    arena->current_offset = aligned_offset + size;

    return ptr;

}


/*

 * Implementation for infix_arena_calloc.

 * This is a convenience wrapper around `infix_arena_alloc` that also zeroes the memory.

 * It includes a critical security check to prevent integer overflow when calculating

 * the total allocation size.

 */


void * infix_arena_calloc(infix_arena_t * arena, size_t num, size_t size, size_t alignment) {

    // Security: Check for integer overflow in the `num * size` calculation.

    if (size > 0 && num > SIZE_MAX / size) {

        if (arena)

            arena->error = true;

        return nullptr;

    }


    size_t total_size = num * size;

    void * ptr = infix_arena_alloc(arena, total_size, alignment);


    // If allocation was successful, zero out the memory.

    if (ptr != nullptr)

        memset(ptr, 0, total_size);


    return ptr;

}


arena
infix_arena_t * arena
Definition 005_layouts.c:57

infix_free
#define infix_free
A macro for the memory deallocation function.
Definition infix.h:280

infix_arena_destroy
void infix_arena_destroy(infix_arena_t *arena)
Frees an entire memory arena and all objects allocated within it.
Definition arena.c:68

infix_arena_calloc
void * infix_arena_calloc(infix_arena_t *arena, size_t num, size_t size, size_t alignment)
Allocates a zero-initialized block of memory from the arena.
Definition arena.c:129

infix_arena_alloc
void * infix_arena_alloc(infix_arena_t *arena, size_t size, size_t alignment)
Allocates a block of memory from the arena with a specific alignment.
Definition arena.c:86

infix_malloc
#define infix_malloc
A macro for the memory allocation function used by the library.
Definition infix.h:250

infix_arena_create
infix_arena_t * infix_arena_create(size_t initial_size)
Creates and initializes a new memory arena.
Definition arena.c:41

infix_internals.h
Declarations for internal-only functions, types, and constants.

_infix_align_up
static size_t _infix_align_up(size_t value, size_t alignment)
Definition infix_internals.h:383

infix_arena_t
Definition infix_internals.h:130

infix_arena_t::buffer
char * buffer
The pointer to the large, pre-allocated memory block.
Definition infix_internals.h:131

infix_arena_t::error
bool error
A sticky flag that is set if any allocation from this arena fails.
Definition infix_internals.h:134

infix_arena_t::capacity
size_t capacity
The total size of the buffer in bytes.
Definition infix_internals.h:132

infix_arena_t::current_offset
size_t current_offset
The high-water mark; the offset of the next free byte.
Definition infix_internals.h:133