Bug 1537781 - Test for trailing guard pages for normal allocations. r=glandium
authorGian-Carlo Pascutto <gcp@mozilla.com>
Thu, 02 May 2019 14:19:19 +0000
changeset 531129 7a92af28d8e12b106e9e1738cbca57c8d88983ac
parent 531128 dd542aa67434d488b27603c1819bffc5b420e854
child 531130 6057bafee921747d5415ef5e99d8954e00f05b8d
push id11265
push userffxbld-merge
push dateMon, 13 May 2019 10:53:39 +0000
treeherdermozilla-beta@77e0fe8dbdd3 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersglandium
bugs1537781
milestone68.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1537781 - Test for trailing guard pages for normal allocations. r=glandium Differential Revision: https://phabricator.services.mozilla.com/D27913
memory/gtest/TestJemalloc.cpp
--- a/memory/gtest/TestJemalloc.cpp
+++ b/memory/gtest/TestJemalloc.cpp
@@ -616,9 +616,57 @@ TEST(Jemalloc, JunkPoison)
   moz_arena_free(buf_arena, junk_buf);
   // Until Bug 1364359 is fixed it is unsafe to call moz_dispose_arena.
   // moz_dispose_arena(buf_arena);
 
 #  ifdef HAS_GDB_SLEEP_DURATION
   _gdb_sleep_duration = old_gdb_sleep_duration;
 #  endif
 }
-#endif
+
+TEST(Jemalloc, GuardRegion) {
+  jemalloc_stats_t stats;
+  jemalloc_stats(&stats);
+
+#  ifdef HAS_GDB_SLEEP_DURATION
+  // Avoid death tests adding some unnecessary (long) delays.
+  unsigned int old_gdb_sleep_duration = _gdb_sleep_duration;
+  _gdb_sleep_duration = 0;
+#  endif
+
+  arena_id_t arena = moz_create_arena();
+  ASSERT_TRUE(arena != 0);
+
+  // Do enough large allocations to fill a chunk, and then one additional one,
+  // and check that the guard page is still present after the one-but-last
+  // allocation, i.e. that we didn't allocate the guard.
+  Vector<void*> ptr_list;
+  for (size_t cnt = 0; cnt < stats.large_max / stats.page_size; cnt++) {
+    void* ptr = moz_arena_malloc(arena, stats.page_size);
+    ASSERT_TRUE(ptr != nullptr);
+    ASSERT_TRUE(ptr_list.append(ptr));
+  }
+
+  void* last_ptr_in_chunk = ptr_list[ptr_list.length() - 1];
+  void* extra_ptr = moz_arena_malloc(arena, stats.page_size);
+  void* guard_page = (void*)ALIGNMENT_CEILING(
+    (uintptr_t)last_ptr_in_chunk + stats.page_size, stats.page_size);
+  jemalloc_ptr_info_t info;
+  jemalloc_ptr_info(guard_page, &info);
+  ASSERT_TRUE(jemalloc_ptr_is_freed_page(&info));
+  ASSERT_TRUE(info.tag == TagFreedPageDecommitted);
+
+  ASSERT_DEATH_WRAP(*(char*)guard_page = 0, "");
+
+  for (void* ptr : ptr_list) {
+    moz_arena_free(arena, ptr);
+  }
+  moz_arena_free(arena, extra_ptr);
+
+  // Until Bug 1364359 is fixed it is unsafe to call moz_dispose_arena.
+  // moz_dispose_arena(arena);
+
+#  ifdef HAS_GDB_SLEEP_DURATION
+  _gdb_sleep_duration = old_gdb_sleep_duration;
+#  endif
+}
+
+#endif
\ No newline at end of file