- Revision
- 200983
- Author
- [email protected]
- Date
- 2016-05-16 17:15:31 -0700 (Mon, 16 May 2016)
Log Message
REGRESSION (200035): changes in "WebKit Malloc" VM regions are causing 'leaks' to spew "Failed to map remote region" messages
https://bugs.webkit.org/show_bug.cgi?id=157764
Reviewed by Gavin Barraclough.
We need to allow for guard pages and only report unguarded pages to the
leaks tool -- otherwise, it will try to remote map our guarded pages,
and crash.
* bmalloc/VMHeap.cpp:
(bmalloc::VMHeap::tryAllocateLargeChunk):
(bmalloc::VMHeap::allocateSmallChunk): Adopt the new API for reporting
a range instead of a Chunk*, and report the unguarded range.
This also fixes a separate bug -- very large allocations would not
fully participate in pointer scanning because they would only report 2MB
(chunkSize) in size. This could cause false-positive leak reports.
* bmalloc/Zone.cpp:
(bmalloc::enumerator): Updated to scan ranges instead of fixed-sized
Chunk pointers.
* bmalloc/Zone.h:
(bmalloc::Zone::ranges):
(bmalloc::Zone::addRange): Store ranges instead of fixed-sized Chunk
pointers because our VM ranges have variable sizes -- both due to guard
pages and due to large allocations.
(bmalloc::Zone::chunks): Deleted.
(bmalloc::Zone::addChunk): Deleted.
Modified Paths
Diff
Modified: trunk/Source/bmalloc/ChangeLog (200982 => 200983)
--- trunk/Source/bmalloc/ChangeLog 2016-05-16 23:49:52 UTC (rev 200982)
+++ trunk/Source/bmalloc/ChangeLog 2016-05-17 00:15:31 UTC (rev 200983)
@@ -1,3 +1,36 @@
+2016-05-16 Geoffrey Garen <[email protected]>
+
+ REGRESSION (200035): changes in "WebKit Malloc" VM regions are causing 'leaks' to spew "Failed to map remote region" messages
+ https://bugs.webkit.org/show_bug.cgi?id=157764
+
+ Reviewed by Gavin Barraclough.
+
+ We need to allow for guard pages and only report unguarded pages to the
+ leaks tool -- otherwise, it will try to remote map our guarded pages,
+ and crash.
+
+ * bmalloc/VMHeap.cpp:
+ (bmalloc::VMHeap::tryAllocateLargeChunk):
+ (bmalloc::VMHeap::allocateSmallChunk): Adopt the new API for reporting
+ a range instead of a Chunk*, and report the unguarded range.
+
+ This also fixes a separate bug -- very large allocations would not
+ fully participate in pointer scanning because they would only report 2MB
+ (chunkSize) in size. This could cause false-positive leak reports.
+
+ * bmalloc/Zone.cpp:
+ (bmalloc::enumerator): Updated to scan ranges instead of fixed-sized
+ Chunk pointers.
+
+ * bmalloc/Zone.h:
+ (bmalloc::Zone::ranges):
+ (bmalloc::Zone::addRange): Store ranges instead of fixed-sized Chunk
+ pointers because our VM ranges have variable sizes -- both due to guard
+ pages and due to large allocations.
+
+ (bmalloc::Zone::chunks): Deleted.
+ (bmalloc::Zone::addChunk): Deleted.
+
2016-05-10 David Kilzer <[email protected]>
bmalloc should automatically disable itself when ThreadSanitizer is used
Modified: trunk/Source/bmalloc/bmalloc/VMHeap.cpp (200982 => 200983)
--- trunk/Source/bmalloc/bmalloc/VMHeap.cpp 2016-05-16 23:49:52 UTC (rev 200982)
+++ trunk/Source/bmalloc/bmalloc/VMHeap.cpp 2016-05-17 00:15:31 UTC (rev 200983)
@@ -50,7 +50,7 @@
Chunk* chunk = static_cast<Chunk*>(memory);
#if BOS(DARWIN)
- m_zone.addChunk(chunk);
+ m_zone.addRange(Range(chunk->bytes(), size));
#endif
return XLargeRange(chunk->bytes(), size, 0);
@@ -85,7 +85,7 @@
new (chunk) Chunk(lock);
#if BOS(DARWIN)
- m_zone.addChunk(chunk);
+ m_zone.addRange(Range(begin.address(), end.address() - begin.address()));
#endif
for (Object it = begin; it + pageSize <= end; it = it + pageSize) {
Modified: trunk/Source/bmalloc/bmalloc/Zone.cpp (200982 => 200983)
--- trunk/Source/bmalloc/bmalloc/Zone.cpp 2016-05-16 23:49:52 UTC (rev 200982)
+++ trunk/Source/bmalloc/bmalloc/Zone.cpp 2016-05-17 00:15:31 UTC (rev 200983)
@@ -88,14 +88,14 @@
static kern_return_t enumerator(task_t task, void* context, unsigned type_mask, vm_address_t zone_address, memory_reader_t reader, vm_range_recorder_t recorder)
{
Zone remoteZone(task, reader, zone_address);
- for (auto* chunk : remoteZone.chunks()) {
- vm_range_t range = { reinterpret_cast<vm_address_t>(chunk), chunkSize };
+ for (auto& range : remoteZone.ranges()) {
+ vm_range_t vmRange = { reinterpret_cast<vm_address_t>(range.begin()), range.size() };
if ((type_mask & MALLOC_PTR_REGION_RANGE_TYPE))
- (*recorder)(task, context, MALLOC_PTR_REGION_RANGE_TYPE, &range, 1);
+ (*recorder)(task, context, MALLOC_PTR_REGION_RANGE_TYPE, &vmRange, 1);
if ((type_mask & MALLOC_PTR_IN_USE_RANGE_TYPE))
- (*recorder)(task, context, MALLOC_PTR_IN_USE_RANGE_TYPE, &range, 1);
+ (*recorder)(task, context, MALLOC_PTR_IN_USE_RANGE_TYPE, &vmRange, 1);
}
return 0;
Modified: trunk/Source/bmalloc/bmalloc/Zone.h (200982 => 200983)
--- trunk/Source/bmalloc/bmalloc/Zone.h 2016-05-16 23:49:52 UTC (rev 200982)
+++ trunk/Source/bmalloc/bmalloc/Zone.h 2016-05-17 00:15:31 UTC (rev 200983)
@@ -27,6 +27,7 @@
#define Zone_h
#include "FixedVector.h"
+#include "Range.h"
#include <malloc/malloc.h>
namespace bmalloc {
@@ -41,8 +42,8 @@
Zone();
Zone(task_t, memory_reader_t, vm_address_t);
- void addChunk(Chunk*);
- FixedVector<Chunk*, capacity>& chunks() { return m_chunks; }
+ void addRange(Range);
+ FixedVector<Range, capacity>& ranges() { return m_ranges; }
private:
// This vector has two purposes:
@@ -56,15 +57,15 @@
// This prevents the leaks tool from reporting false positive leaks for
// objects pointed to from bmalloc memory -- though it also prevents the
// leaks tool from finding any leaks in bmalloc memory.
- FixedVector<Chunk*, capacity> m_chunks;
+ FixedVector<Range, capacity> m_ranges;
};
-inline void Zone::addChunk(Chunk* chunk)
+inline void Zone::addRange(Range range)
{
- if (m_chunks.size() == m_chunks.capacity())
+ if (m_ranges.size() == m_ranges.capacity())
return;
- m_chunks.push(chunk);
+ m_ranges.push(range);
}
} // namespace bmalloc
