Unreviewed, rolling out r241789.
authorcommit-queue@webkit.org <commit-queue@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 20 Feb 2019 18:05:40 +0000 (18:05 +0000)
committercommit-queue@webkit.org <commit-queue@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 20 Feb 2019 18:05:40 +0000 (18:05 +0000)
https://bugs.webkit.org/show_bug.cgi?id=194856

GuardMalloc crashes (Requested by yusukesuzuki on #webkit).

Reverted changeset:

"[bmalloc] bmalloc::Cache should not be instantiated if we are
using system malloc"
https://bugs.webkit.org/show_bug.cgi?id=194811
https://trac.webkit.org/changeset/241789

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241818 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Source/bmalloc/ChangeLog
Source/bmalloc/bmalloc/Allocator.cpp
Source/bmalloc/bmalloc/Allocator.h
Source/bmalloc/bmalloc/Cache.cpp
Source/bmalloc/bmalloc/Cache.h
Source/bmalloc/bmalloc/Deallocator.cpp
Source/bmalloc/bmalloc/Deallocator.h

index ff9a88a..b0bfd65 100644 (file)
@@ -1,3 +1,17 @@
+2019-02-20  Commit Queue  <commit-queue@webkit.org>
+
+        Unreviewed, rolling out r241789.
+        https://bugs.webkit.org/show_bug.cgi?id=194856
+
+        GuardMalloc crashes (Requested by yusukesuzuki on #webkit).
+
+        Reverted changeset:
+
+        "[bmalloc] bmalloc::Cache should not be instantiated if we are
+        using system malloc"
+        https://bugs.webkit.org/show_bug.cgi?id=194811
+        https://trac.webkit.org/changeset/241789
+
 2019-02-19  Yusuke Suzuki  <ysuzuki@apple.com>
 
         [bmalloc] bmalloc::Cache should not be instantiated if we are using system malloc
index cfd01fe..4fbdb09 100644 (file)
@@ -27,7 +27,7 @@
 #include "BAssert.h"
 #include "Chunk.h"
 #include "Deallocator.h"
-#include "Environment.h"
+#include "DebugHeap.h"
 #include "Heap.h"
 #include "PerProcess.h"
 #include "Sizes.h"
@@ -38,9 +38,9 @@ namespace bmalloc {
 
 Allocator::Allocator(Heap& heap, Deallocator& deallocator)
     : m_heap(heap)
+    , m_debugHeap(heap.debugHeap())
     , m_deallocator(deallocator)
 {
-    BASSERT(!PerProcess<Environment>::get()->isDebugHeapEnabled());
     for (size_t sizeClass = 0; sizeClass < sizeClassCount; ++sizeClass)
         m_bumpAllocators[sizeClass].init(objectSize(sizeClass));
 }
@@ -52,6 +52,9 @@ Allocator::~Allocator()
 
 void* Allocator::tryAllocate(size_t size)
 {
+    if (m_debugHeap)
+        return m_debugHeap->malloc(size);
+
     if (size <= smallMax)
         return allocate(size);
 
@@ -75,6 +78,9 @@ void* Allocator::allocateImpl(size_t alignment, size_t size, bool crashOnFailure
 {
     BASSERT(isPowerOfTwo(alignment));
 
+    if (m_debugHeap)
+        return m_debugHeap->memalign(alignment, size, crashOnFailure);
+
     if (!size)
         size = alignment;
 
@@ -101,6 +107,9 @@ void* Allocator::tryReallocate(void* object, size_t newSize)
 
 void* Allocator::reallocateImpl(void* object, size_t newSize, bool crashOnFailure)
 {
+    if (m_debugHeap)
+        return m_debugHeap->realloc(object, newSize, crashOnFailure);
+
     size_t oldSize = 0;
     switch (objectType(m_heap.kind(), object)) {
     case ObjectType::Small: {
@@ -191,6 +200,9 @@ BNO_INLINE void* Allocator::allocateLogSizeClass(size_t size)
 
 void* Allocator::allocateSlowCase(size_t size)
 {
+    if (m_debugHeap)
+        return m_debugHeap->malloc(size);
+
     if (size <= maskSizeClassMax) {
         size_t sizeClass = bmalloc::maskSizeClass(size);
         BumpAllocator& allocator = m_bumpAllocators[sizeClass];
index 933aae6..7c894de 100644 (file)
@@ -33,6 +33,7 @@
 namespace bmalloc {
 
 class Deallocator;
+class DebugHeap;
 class Heap;
 
 // Per-cache object allocator.
@@ -68,6 +69,7 @@ private:
     std::array<BumpRangeCache, sizeClassCount> m_bumpRangeCaches;
 
     Heap& m_heap;
+    DebugHeap* m_debugHeap;
     Deallocator& m_deallocator;
 };
 
index 29ad130..c97b909 100644 (file)
 
 #include "BInline.h"
 #include "Cache.h"
-#include "DebugHeap.h"
-#include "Environment.h"
 #include "Heap.h"
 #include "PerProcess.h"
 
 namespace bmalloc {
 
-static DebugHeap* debugHeapCache { nullptr };
-
 void Cache::scavenge(HeapKind heapKind)
 {
     PerHeapKind<Cache>* caches = PerThread<PerHeapKind<Cache>>::getFastCase();
@@ -46,82 +42,34 @@ void Cache::scavenge(HeapKind heapKind)
     caches->at(heapKind).deallocator().scavenge();
 }
 
-static BINLINE DebugHeap* debugHeap()
-{
-    if (debugHeapCache)
-        return debugHeapCache;
-    if (PerProcess<Environment>::get()->isDebugHeapEnabled()) {
-        debugHeapCache = PerProcess<DebugHeap>::get();
-        return debugHeapCache;
-    }
-    return nullptr;
-}
-
 Cache::Cache(HeapKind heapKind)
     : m_deallocator(PerProcess<PerHeapKind<Heap>>::get()->at(heapKind))
     , m_allocator(PerProcess<PerHeapKind<Heap>>::get()->at(heapKind), m_deallocator)
 {
-    BASSERT(!PerProcess<Environment>::get()->isDebugHeapEnabled());
 }
 
 BNO_INLINE void* Cache::tryAllocateSlowCaseNullCache(HeapKind heapKind, size_t size)
 {
-    // FIXME: DebugHeap does not have tryAllocate feature.
-    // https://bugs.webkit.org/show_bug.cgi?id=194837
-    if (auto* heap = debugHeap())
-        return heap->malloc(size);
     return PerThread<PerHeapKind<Cache>>::getSlowCase()->at(mapToActiveHeapKind(heapKind)).allocator().tryAllocate(size);
 }
 
 BNO_INLINE void* Cache::allocateSlowCaseNullCache(HeapKind heapKind, size_t size)
 {
-    if (auto* heap = debugHeap())
-        return heap->malloc(size);
     return PerThread<PerHeapKind<Cache>>::getSlowCase()->at(mapToActiveHeapKind(heapKind)).allocator().allocate(size);
 }
 
-BNO_INLINE void* Cache::tryAllocateSlowCaseNullCache(HeapKind heapKind, size_t alignment, size_t size)
-{
-    if (auto* heap = debugHeap()) {
-        constexpr bool crashOnFailure = false;
-        return heap->memalign(alignment, size, crashOnFailure);
-    }
-    return PerThread<PerHeapKind<Cache>>::getSlowCase()->at(mapToActiveHeapKind(heapKind)).allocator().tryAllocate(alignment, size);
-}
-
 BNO_INLINE void* Cache::allocateSlowCaseNullCache(HeapKind heapKind, size_t alignment, size_t size)
 {
-    if (auto* heap = debugHeap()) {
-        constexpr bool crashOnFailure = true;
-        return heap->memalign(alignment, size, crashOnFailure);
-    }
     return PerThread<PerHeapKind<Cache>>::getSlowCase()->at(mapToActiveHeapKind(heapKind)).allocator().allocate(alignment, size);
 }
 
 BNO_INLINE void Cache::deallocateSlowCaseNullCache(HeapKind heapKind, void* object)
 {
-    if (auto* heap = debugHeap()) {
-        heap->free(object);
-        return;
-    }
     PerThread<PerHeapKind<Cache>>::getSlowCase()->at(mapToActiveHeapKind(heapKind)).deallocator().deallocate(object);
 }
 
-BNO_INLINE void* Cache::tryReallocateSlowCaseNullCache(HeapKind heapKind, void* object, size_t newSize)
-{
-    if (auto* heap = debugHeap()) {
-        constexpr bool crashOnFailure = false;
-        return heap->realloc(object, newSize, crashOnFailure);
-    }
-    return PerThread<PerHeapKind<Cache>>::getSlowCase()->at(mapToActiveHeapKind(heapKind)).allocator().tryReallocate(object, newSize);
-}
-
 BNO_INLINE void* Cache::reallocateSlowCaseNullCache(HeapKind heapKind, void* object, size_t newSize)
 {
-    if (auto* heap = debugHeap()) {
-        constexpr bool crashOnFailure = true;
-        return heap->realloc(object, newSize, crashOnFailure);
-    }
     return PerThread<PerHeapKind<Cache>>::getSlowCase()->at(mapToActiveHeapKind(heapKind)).allocator().reallocate(object, newSize);
 }
 
index 9f525a7..fde7e09 100644 (file)
@@ -56,10 +56,8 @@ public:
 private:
     BEXPORT static void* tryAllocateSlowCaseNullCache(HeapKind, size_t);
     BEXPORT static void* allocateSlowCaseNullCache(HeapKind, size_t);
-    BEXPORT static void* tryAllocateSlowCaseNullCache(HeapKind, size_t alignment, size_t);
     BEXPORT static void* allocateSlowCaseNullCache(HeapKind, size_t alignment, size_t);
     BEXPORT static void deallocateSlowCaseNullCache(HeapKind, void*);
-    BEXPORT static void* tryReallocateSlowCaseNullCache(HeapKind, void*, size_t);
     BEXPORT static void* reallocateSlowCaseNullCache(HeapKind, void*, size_t);
 
     Deallocator m_deallocator;
@@ -86,7 +84,7 @@ inline void* Cache::tryAllocate(HeapKind heapKind, size_t alignment, size_t size
 {
     PerHeapKind<Cache>* caches = PerThread<PerHeapKind<Cache>>::getFastCase();
     if (!caches)
-        return tryAllocateSlowCaseNullCache(heapKind, alignment, size);
+        return allocateSlowCaseNullCache(heapKind, alignment, size);
     return caches->at(mapToActiveHeapKindAfterEnsuringGigacage(heapKind)).allocator().tryAllocate(alignment, size);
 }
 
@@ -110,7 +108,7 @@ inline void* Cache::tryReallocate(HeapKind heapKind, void* object, size_t newSiz
 {
     PerHeapKind<Cache>* caches = PerThread<PerHeapKind<Cache>>::getFastCase();
     if (!caches)
-        return tryReallocateSlowCaseNullCache(heapKind, object, newSize);
+        return reallocateSlowCaseNullCache(heapKind, object, newSize);
     return caches->at(mapToActiveHeapKindAfterEnsuringGigacage(heapKind)).allocator().tryReallocate(object, newSize);
 }
 
index 58ce3a6..556f327 100644 (file)
@@ -27,7 +27,7 @@
 #include "BInline.h"
 #include "Chunk.h"
 #include "Deallocator.h"
-#include "Environment.h"
+#include "DebugHeap.h"
 #include "Heap.h"
 #include "Object.h"
 #include "PerProcess.h"
@@ -39,8 +39,13 @@ namespace bmalloc {
 
 Deallocator::Deallocator(Heap& heap)
     : m_heap(heap)
+    , m_debugHeap(heap.debugHeap())
 {
-    BASSERT(!PerProcess<Environment>::get()->isDebugHeapEnabled());
+    if (m_debugHeap) {
+        // Fill the object log in order to disable the fast path.
+        while (m_objectLog.size() != m_objectLog.capacity())
+            m_objectLog.push(nullptr);
+    }
 }
 
 Deallocator::~Deallocator()
@@ -50,6 +55,9 @@ Deallocator::~Deallocator()
     
 void Deallocator::scavenge()
 {
+    if (m_debugHeap)
+        return;
+
     std::unique_lock<Mutex> lock(Heap::mutex());
 
     processObjectLog(lock);
@@ -65,6 +73,9 @@ void Deallocator::processObjectLog(std::unique_lock<Mutex>& lock)
 
 void Deallocator::deallocateSlowCase(void* object)
 {
+    if (m_debugHeap)
+        return m_debugHeap->free(object);
+
     if (!object)
         return;
 
index 1342c4c..325d1df 100644 (file)
@@ -33,6 +33,7 @@
 
 namespace bmalloc {
 
+class DebugHeap;
 class Heap;
 class Mutex;
 
@@ -57,6 +58,7 @@ private:
     Heap& m_heap;
     FixedVector<void*, deallocatorLogCapacity> m_objectLog;
     LineCache m_lineCache; // The Heap removes items from this cache.
+    DebugHeap* m_debugHeap;
 };
 
 inline bool Deallocator::deallocateFastCase(void* object)