bmalloc: large aligned allocations will put 1 or 2 free object on free list without...
authormsaboff@apple.com <msaboff@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 11 Feb 2016 16:01:55 +0000 (16:01 +0000)
committermsaboff@apple.com <msaboff@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 11 Feb 2016 16:01:55 +0000 (16:01 +0000)
commit2e503c4e0e447ef5ff7fadb18d4ad2ffa7bc3846
tree39e527efb0ad201e53aa0400c7fc45e667ea9704
parent05b44fdc722522b17f19abaa5faf24e151417a4b
bmalloc: large aligned allocations will put 1 or 2 free object on free list without merging with free neighbors
https://bugs.webkit.org/show_bug.cgi?id=154091

Reviewed by Geoffrey Garen.

If we split off any unused free object in the aligned version of Heap::allocateLarge(), we merge them with
free neighbors before putting them back on the free list.  Added helpers to verify that when we
add LargeObjects to the free list their neighbors are allocated.

* bmalloc/Heap.cpp:
(bmalloc::Heap::allocateLarge): Deleted private helper version and rolled it into the two the
two public versions of allocateLarge().
* bmalloc/Heap.h:
* bmalloc/LargeObject.h:
(bmalloc::LargeObject::prevIsAllocated): New helper.
(bmalloc::LargeObject::nextIsAllocated): New helper.
(bmalloc::LargeObject::merge): Check that the merge object has allocated neighbors.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@196421 268f45cc-cd09-0410-ab3c-d52691b4dbfc
Source/bmalloc/ChangeLog
Source/bmalloc/bmalloc/Heap.cpp
Source/bmalloc/bmalloc/Heap.h
Source/bmalloc/bmalloc/LargeObject.h