Bug 79614

Summary: [JSC] Memory allocation failed by fastmalloc even if heap grows successfully
Product: WebKit Reporter: Hojong Han <hojong.han>
Component: JavaScriptCoreAssignee: Nobody <webkit-unassigned>
Status: RESOLVED FIXED    
Severity: Normal CC: ap, barraclough, ggaren, laszlo.gombos, levin, mrowe, msaboff, webkit.review.bot
Priority: P2    
Version: 528+ (Nightly build)   
Hardware: Other   
OS: Linux   
Attachments:
Description Flags
Patch
none
Patch
none
Patch none

Hojong Han
Reported 2012-02-26 18:43:33 PST
Heap tries to grow for memory allocation if there were not sufficient memory. At first the size, more than 256 pages, is requested to the system in order to grow the heap, but the size, less than 256 pages which can contain the demanded, is requested if it fails. Spans more than 256 pages are managed in the large list, and spans less than 256 pages are managed in the normal list, so that it's wrong to get the span only from the large list after the heap grows.
Attachments
Patch (2.18 KB, patch)
2012-02-27 16:49 PST, Hojong Han 		no flags
DetailsFormatted DiffDiff
Patch (1.83 KB, patch)
2012-03-07 18:00 PST, Hojong Han 		no flags
DetailsFormatted DiffDiff
Patch (1.32 KB, patch)
2012-03-12 19:49 PDT, Hojong Han 		no flags
DetailsFormatted DiffDiff
Show Obsolete (2) View All Add attachment proposed patch, testcase, etc.
Hojong Han
Comment 1 2012-02-27 16:49:26 PST
Created attachment 129131 [details] Patch
WebKit Review Bot
Comment 2 2012-02-27 16:53:53 PST
Attachment 129131 [details] did not pass style-queue: Failed to run "['Tools/Scripts/check-webkit-style', '--diff-files', u'Source/JavaScriptCore/ChangeLog', u'Source..." exit_code: 1 Source/JavaScriptCore/wtf/FastMalloc.cpp:1736: Weird number of spaces at line-start. Are you using a 4-space indent? [whitespace/indent] [3] Source/JavaScriptCore/wtf/FastMalloc.cpp:1737: Weird number of spaces at line-start. Are you using a 4-space indent? [whitespace/indent] [3] Source/JavaScriptCore/wtf/FastMalloc.cpp:1737: Tests for true/false, null/non-null, and zero/non-zero should all be done without equality comparisons. [readability/comparison_to_zero] [5] Source/JavaScriptCore/wtf/FastMalloc.cpp:1737: Use 0 instead of NULL. [readability/null] [5] Source/JavaScriptCore/wtf/FastMalloc.cpp:1740: Weird number of spaces at line-start. Are you using a 4-space indent? [whitespace/indent] [3] Source/JavaScriptCore/wtf/FastMalloc.cpp:1747: Should have only a single space after a punctuation in a comment. [whitespace/comments] [5] Source/JavaScriptCore/wtf/FastMalloc.cpp:1753: One space before end of line comments [whitespace/comments] [5] Source/JavaScriptCore/wtf/FastMalloc.cpp:1757: Weird number of spaces at line-start. Are you using a 4-space indent? [whitespace/indent] [3] Source/JavaScriptCore/wtf/FastMalloc.cpp:1759: Weird number of spaces at line-start. Are you using a 4-space indent? [whitespace/indent] [3] Source/JavaScriptCore/wtf/FastMalloc.cpp:1759: Use 0 instead of NULL. [readability/null] [5] Total errors found: 10 in 2 files If any of these errors are false positives, please file a bug against check-webkit-style.
Hojong Han
Comment 3 2012-02-27 17:08:03 PST
(In reply to comment #2) > If any of these errors are false positives, please file a bug against check-webkit-style. This entire file is in 2-space indenting. If it should be changed we should change the whole file at once.
Geoffrey Garen
Comment 4 2012-03-07 11:42:03 PST
Comment on attachment 129131 [details] Patch I don't think it's a good idea to duplicate this code. Instead, after calling GrowHeap(), I think it would be better to call TCMalloc_PageHeap::New recursively. This is guaranteed to terminate after one level of recursion.
Hojong Han
Comment 5 2012-03-07 18:00:53 PST
Created attachment 130742 [details] Patch
WebKit Review Bot
Comment 6 2012-03-07 18:04:09 PST
Attachment 130742 [details] did not pass style-queue: Failed to run "['Tools/Scripts/check-webkit-style', '--diff-files', u'Source/JavaScriptCore/ChangeLog', u'Source..." exit_code: 1 Source/JavaScriptCore/wtf/FastMalloc.cpp:1692: Weird number of spaces at line-start. Are you using a 4-space indent? [whitespace/indent] [3] Source/JavaScriptCore/wtf/FastMalloc.cpp:1692: grown_heap is incorrectly named. Don't use underscores in your identifier names. [readability/naming] [4] Source/JavaScriptCore/wtf/FastMalloc.cpp:1732: Weird number of spaces at line-start. Are you using a 4-space indent? [whitespace/indent] [3] Source/JavaScriptCore/wtf/FastMalloc.cpp:1733: Use 0 instead of NULL. [readability/null] [5] Source/JavaScriptCore/wtf/FastMalloc.cpp:1742: Weird number of spaces at line-start. Are you using a 4-space indent? [whitespace/indent] [3] Source/JavaScriptCore/wtf/FastMalloc.cpp:1742: alloc_span is incorrectly named. Don't use underscores in your identifier names. [readability/naming] [4] Total errors found: 6 in 2 files If any of these errors are false positives, please file a bug against check-webkit-style.
Hojong Han
Comment 7 2012-03-07 18:10:52 PST
(In reply to comment #4) > (From update of attachment 129131 [details]) > I don't think it's a good idea to duplicate this code. Instead, after calling GrowHeap(), I think it would be better to call TCMalloc_PageHeap::New recursively. This is guaranteed to terminate after one level of recursion. I substituted the duplicated with goto sentence. I think so that it'd be better to call New recursively than the duplicated, but in this case it looks simpler to use goto for recursive call only once. Please let me know if there're more considerations.
Geoffrey Garen
Comment 8 2012-03-12 11:52:42 PDT
> I substituted the duplicated with goto sentence. "goto" turns this code into a loop that usually executes only once. We've seen in the past that GCC and LLVM generate poor code for loops that execute only once because they assume that loops will execute more than once. I think a recursive call would be better.
Geoffrey Garen
Comment 9 2012-03-12 11:53:53 PDT
> 1732 if (grown_heap) > 1733 return NULL; The case can never happen. If you've just grown the heap to accommodate your allocation, allocation will always succeed. I think you should remove this test.
Hojong Han
Comment 10 2012-03-12 19:49:57 PDT
Created attachment 131497 [details] Patch
WebKit Review Bot
Comment 11 2012-03-12 19:51:44 PDT
Attachment 131497 [details] did not pass style-queue: Failed to run "['Tools/Scripts/check-webkit-style', '--diff-files', u'Source/JavaScriptCore/ChangeLog', u'Source..." exit_code: 1 Source/JavaScriptCore/wtf/FastMalloc.cpp:1736: Weird number of spaces at line-start. Are you using a 4-space indent? [whitespace/indent] [3] Total errors found: 1 in 2 files If any of these errors are false positives, please file a bug against check-webkit-style.
Hojong Han
Comment 12 2012-03-12 23:55:44 PDT
(In reply to comment #9) > > 1732 if (grown_heap) > > 1733 return NULL; > > The case can never happen. If you've just grown the heap to accommodate your allocation, allocation will always succeed. I think you should remove this test. My way of thinking got stuck. Your comment showed a broader way. Thanks.
Geoffrey Garen
Comment 13 2012-03-14 16:25:10 PDT
Comment on attachment 131497 [details] Patch r=me
WebKit Review Bot
Comment 14 2012-03-14 18:30:56 PDT
Comment on attachment 131497 [details] Patch Clearing flags on attachment: 131497 Committed r110805: <http://trac.webkit.org/changeset/110805>
WebKit Review Bot
Comment 15 2012-03-14 18:31:01 PDT
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.