Title: [207646] trunk/Source/bmalloc
- Revision
- 207646
- Author
- mark....@apple.com
- Date
- 2016-10-20 17:15:31 -0700 (Thu, 20 Oct 2016)
Log Message
bmalloc api should crash on failure to allocate when !isBmallocEnabled.
https://bugs.webkit.org/show_bug.cgi?id=163766
Reviewed by Keith Miller and Filip Pizlo.
We want to crash in bmalloc on failure to allocate even when !isBmallocEnabled.
This is so that failures to allocate memory will manifest as crashes with a
unique signature (i.e. as a SIGTRAP on release builds, or as a write to illegal
address 0xbbadbeef on debug builds) and the crash will manifest inside bmalloc.
This distinguishes allocation failures from other crashing bugs that manifest as
SIGSEGVs due to random pointer dereferences in the clients of bmalloc.
* bmalloc/Allocator.cpp:
(bmalloc::Allocator::allocateImpl):
(bmalloc::Allocator::reallocate):
(bmalloc::Allocator::allocateSlowCase):
Modified Paths
Diff
Modified: trunk/Source/bmalloc/ChangeLog (207645 => 207646)
--- trunk/Source/bmalloc/ChangeLog 2016-10-21 00:04:36 UTC (rev 207645)
+++ trunk/Source/bmalloc/ChangeLog 2016-10-21 00:15:31 UTC (rev 207646)
@@ -1,3 +1,22 @@
+2016-10-20 Mark Lam <mark....@apple.com>
+
+ bmalloc api should crash on failure to allocate when !isBmallocEnabled.
+ https://bugs.webkit.org/show_bug.cgi?id=163766
+
+ Reviewed by Keith Miller and Filip Pizlo.
+
+ We want to crash in bmalloc on failure to allocate even when !isBmallocEnabled.
+ This is so that failures to allocate memory will manifest as crashes with a
+ unique signature (i.e. as a SIGTRAP on release builds, or as a write to illegal
+ address 0xbbadbeef on debug builds) and the crash will manifest inside bmalloc.
+ This distinguishes allocation failures from other crashing bugs that manifest as
+ SIGSEGVs due to random pointer dereferences in the clients of bmalloc.
+
+ * bmalloc/Allocator.cpp:
+ (bmalloc::Allocator::allocateImpl):
+ (bmalloc::Allocator::reallocate):
+ (bmalloc::Allocator::allocateSlowCase):
+
2016-09-26 Yoshiaki Jitsukawa <yoshiaki.jitsuk...@sony.com>
Avoid implicit conversion from iterator to pointer
Modified: trunk/Source/bmalloc/bmalloc/Allocator.cpp (207645 => 207646)
--- trunk/Source/bmalloc/bmalloc/Allocator.cpp 2016-10-21 00:04:36 UTC (rev 207645)
+++ trunk/Source/bmalloc/bmalloc/Allocator.cpp 2016-10-21 00:15:31 UTC (rev 207646)
@@ -80,8 +80,11 @@
if (!m_isBmallocEnabled) {
void* result = nullptr;
- if (posix_memalign(&result, alignment, size))
+ if (posix_memalign(&result, alignment, size)) {
+ if (crashOnFailure)
+ BCRASH();
return nullptr;
+ }
return result;
}
@@ -100,8 +103,12 @@
void* Allocator::reallocate(void* object, size_t newSize)
{
- if (!m_isBmallocEnabled)
- return realloc(object, newSize);
+ if (!m_isBmallocEnabled) {
+ void* result = realloc(object, newSize);
+ if (!result)
+ BCRASH();
+ return result;
+ }
size_t oldSize = 0;
switch (objectType(object)) {
@@ -186,8 +193,12 @@
void* Allocator::allocateSlowCase(size_t size)
{
- if (!m_isBmallocEnabled)
- return malloc(size);
+ if (!m_isBmallocEnabled) {
+ void* result = malloc(size);
+ if (!result)
+ BCRASH();
+ return result;
+ }
if (size <= maskSizeClassMax) {
size_t sizeClass = bmalloc::maskSizeClass(size);
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes