Bug 65502 - Virtual copying of FastMalloc allocated memory causes madvise MADV_FREE_REUSABLE errors
Summary: Virtual copying of FastMalloc allocated memory causes madvise MADV_FREE_REUSA...
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: WebCore Misc. (show other bugs)
Version: 528+ (Nightly build)
Hardware: Macintosh All
: P2 Normal
Assignee: Michael Saboff
URL:
Keywords: InRadar
Depends on:
Blocks:
 
Reported: 2011-08-01 17:44 PDT by Michael Saboff
Modified: 2011-08-02 14:19 PDT (History)
1 user (show)

See Also:


Attachments
Proposed patch (5.11 KB, patch)
2011-08-01 17:54 PDT, Michael Saboff
andersca: review+
Details | Formatted Diff | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Michael Saboff 2011-08-01 17:44:38 PDT
There are two instances where we make virtual copies of memory allocated via FastMalloc.  One is when we use vm_copy in PurgeableBuffer::create() and the other is implicit in CoreIPC where we use the MACH_MSG_VIRTUAL_COPY flag in Connection::sendOutgoingMessage.  In both cases, the kernel creates a second reference to the region being copied.  These additional references preclude using the MADV_FREE_REUSABLE flag in madvise.  This stops us from making memory available to the system for other processes.
Comment 1 Michael Saboff 2011-08-01 17:54:45 PDT
Created attachment 102602 [details]
Proposed patch
Comment 2 Michael Saboff 2011-08-01 18:03:40 PDT
Two defects in Radar: <rdar://problem/9747241> and <rdar://problem/9747279>.
Comment 3 Darin Adler 2011-08-01 18:19:55 PDT
Comment on attachment 102602 [details]
Proposed patch

View in context: https://bugs.webkit.org/attachment.cgi?id=102602&action=review

> Source/WebCore/platform/mac/PurgeableBufferMac.cpp:67
> +    memcpy(reinterpret_cast<char*>(buffer), data, size);

Since memcpy’s destination is a void* I would not expect you’d need to typecast a pointer to use it as a memcpy destination. Can you just pass buffer without a typecast?
Comment 4 Michael Saboff 2011-08-02 13:27:04 PDT
(In reply to comment #3)
> (From update of attachment 102602 [details])
> View in context: https://bugs.webkit.org/attachment.cgi?id=102602&action=review
> 
> > Source/WebCore/platform/mac/PurgeableBufferMac.cpp:67
> > +    memcpy(reinterpret_cast<char*>(buffer), data, size);
> 
> Since memcpy’s destination is a void* I would not expect you’d need to typecast a pointer to use it as a memcpy destination. Can you just pass buffer without a typecast?

The cast is needed because vm_address_t is really a uintptr_t which is an unsigned long, a non-pointer type.
Comment 5 Michael Saboff 2011-08-02 14:19:21 PDT
Committed r92231: <http://trac.webkit.org/changeset/92231>