Title: [200035] trunk/Source/bmalloc
- Revision
- 200035
- Author
- [email protected]
- Date
- 2016-04-25 11:20:58 -0700 (Mon, 25 Apr 2016)
Log Message
2016-04-25 Geoffrey Garen <[email protected]>
bmalloc: vm allocations should plant guard pages
https://bugs.webkit.org/show_bug.cgi?id=156937
Rolling back in r199936 with a fix for the memory regression.
Modified Paths
Diff
Modified: trunk/Source/bmalloc/ChangeLog (200034 => 200035)
--- trunk/Source/bmalloc/ChangeLog 2016-04-25 17:48:46 UTC (rev 200034)
+++ trunk/Source/bmalloc/ChangeLog 2016-04-25 18:20:58 UTC (rev 200035)
@@ -1,3 +1,10 @@
+2016-04-25 Geoffrey Garen <[email protected]>
+
+ bmalloc: vm allocations should plant guard pages
+ https://bugs.webkit.org/show_bug.cgi?id=156937
+
+ Rolling back in r199936 with a fix for the memory regression.
+
2016-04-23 Gavin Barraclough <[email protected]>
bmalloc: vm allocations should plant guard pages
Modified: trunk/Source/bmalloc/bmalloc/Object.h (200034 => 200035)
--- trunk/Source/bmalloc/bmalloc/Object.h 2016-04-25 17:48:46 UTC (rev 200034)
+++ trunk/Source/bmalloc/bmalloc/Object.h 2016-04-25 18:20:58 UTC (rev 200035)
@@ -52,6 +52,7 @@
SmallPage* page();
Object operator+(size_t);
+ Object operator-(size_t);
bool operator<=(const Object&);
private:
@@ -64,6 +65,11 @@
return Object(m_chunk, m_offset + offset);
}
+inline Object Object::operator-(size_t offset)
+{
+ return Object(m_chunk, m_offset - offset);
+}
+
inline bool Object::operator<=(const Object& other)
{
BASSERT(m_chunk == other.m_chunk);
Modified: trunk/Source/bmalloc/bmalloc/VMAllocate.h (200034 => 200035)
--- trunk/Source/bmalloc/bmalloc/VMAllocate.h 2016-04-25 17:48:46 UTC (rev 200034)
+++ trunk/Source/bmalloc/bmalloc/VMAllocate.h 2016-04-25 18:20:58 UTC (rev 200035)
@@ -137,6 +137,12 @@
munmap(p, vmSize);
}
+inline void vmRevokePermissions(void* p, size_t vmSize)
+{
+ vmValidate(p, vmSize);
+ mprotect(p, vmSize, PROT_NONE);
+}
+
// Allocates vmSize bytes at a specified power-of-two alignment.
// Use this function to create maskable memory regions.
Modified: trunk/Source/bmalloc/bmalloc/VMHeap.cpp (200034 => 200035)
--- trunk/Source/bmalloc/bmalloc/VMHeap.cpp 2016-04-25 17:48:46 UTC (rev 200034)
+++ trunk/Source/bmalloc/bmalloc/VMHeap.cpp 2016-04-25 18:20:58 UTC (rev 200035)
@@ -29,7 +29,7 @@
namespace bmalloc {
-XLargeRange VMHeap::tryAllocateLargeChunk(std::lock_guard<StaticMutex>& lock, size_t alignment, size_t size)
+XLargeRange VMHeap::tryAllocateLargeChunk(std::lock_guard<StaticMutex>&, size_t alignment, size_t size)
{
// We allocate VM in aligned multiples to increase the chances that
// the OS will provide contiguous ranges that we can merge.
@@ -47,7 +47,7 @@
if (!memory)
return XLargeRange();
- Chunk* chunk = new (memory) Chunk(lock);
+ Chunk* chunk = static_cast<Chunk*>(memory);
#if BOS(DARWIN)
m_zone.addChunk(chunk);
@@ -58,13 +58,6 @@
void VMHeap::allocateSmallChunk(std::lock_guard<StaticMutex>& lock, size_t pageClass)
{
- Chunk* chunk =
- new (vmAllocate(chunkSize, chunkSize)) Chunk(lock);
-
-#if BOS(DARWIN)
- m_zone.addChunk(chunk);
-#endif
-
size_t pageSize = bmalloc::pageSize(pageClass);
size_t smallPageCount = pageSize / smallPageSize;
@@ -72,12 +65,28 @@
// aligned allocation requests at equal and smaller powers of two.
size_t metadataSize = divideRoundingUp(sizeof(Chunk), pageSize) * pageSize;
+ void* memory = vmAllocate(chunkSize, chunkSize);
+ Chunk* chunk = static_cast<Chunk*>(memory);
+
Object begin(chunk, metadataSize);
Object end(chunk, chunkSize);
+ // Establish guard pages before writing to Chunk memory to work around
+ // an edge case in the Darwin VM system (<rdar://problem/25910098>).
+ vmRevokePermissions(begin.begin(), pageSize);
+ vmRevokePermissions(end.begin() - pageSize, pageSize);
+
+ begin = begin + pageSize;
+ end = end - pageSize;
+
+ new (chunk) Chunk(lock);
+
+#if BOS(DARWIN)
+ m_zone.addChunk(chunk);
+#endif
+
for (Object it = begin; it + pageSize <= end; it = it + pageSize) {
SmallPage* page = it.page();
- new (page) SmallPage;
for (size_t i = 0; i < smallPageCount; ++i)
page[i].setSlide(i);
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
