Bug 1414901 - part 1b - eliminate alignment requirements for poisoning memory; r=Waldo
authorNathan Froyd <froydnj@mozilla.com>
Tue, 06 Mar 2018 11:35:50 -0500
changeset 461803 8c6f13a64b497f968eab5e4d618f70a1299ec90b
parent 461802 0d24a10002a9410c461a967ea397b06ebef2f9dc
child 461804 06d57a43b11a4ade5379efdfaafd2736117a1922
push id1683
push usersfraser@mozilla.com
push dateThu, 26 Apr 2018 16:43:40 +0000
treeherdermozilla-release@5af6cb21869d [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersWaldo
bugs1414901
milestone60.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1414901 - part 1b - eliminate alignment requirements for poisoning memory; r=Waldo mozWritePoison secretly depended on the passed-in pointer being aligned as though it were a pointer to uintptr_t, as it used bare stores to C-casted pointers to accomplish poisoning. But this is an unnecessary limitation: we can use memcpy and rely on the compiler to appropriately inline the store to an unaligned store instruction if necessary.
mfbt/Poison.h
--- a/mfbt/Poison.h
+++ b/mfbt/Poison.h
@@ -11,16 +11,17 @@
 
 #ifndef mozilla_Poison_h
 #define mozilla_Poison_h
 
 #include "mozilla/Assertions.h"
 #include "mozilla/Types.h"
 
 #include <stdint.h>
+#include <string.h>
 
 MOZ_BEGIN_EXTERN_C
 
 extern MFBT_DATA uintptr_t gMozillaPoisonValue;
 
 /**
  * @return the poison value.
  */
@@ -35,20 +36,19 @@ inline uintptr_t mozPoisonValue()
  * Only an even number of sizeof(uintptr_t) bytes are overwritten, the last
  * few bytes (if any) is not overwritten.
  */
 inline void mozWritePoison(void* aPtr, size_t aSize)
 {
   const uintptr_t POISON = mozPoisonValue();
   char* p = (char*)aPtr;
   char* limit = p + (aSize & ~(sizeof(uintptr_t) - 1));
-  MOZ_ASSERT((uintptr_t)aPtr % sizeof(uintptr_t) == 0, "bad alignment");
   MOZ_ASSERT(aSize >= sizeof(uintptr_t), "poisoning this object has no effect");
   for (; p < limit; p += sizeof(uintptr_t)) {
-    *((uintptr_t*)p) = POISON;
+    memcpy(p, &POISON, sizeof(POISON));
   }
 }
 
 /**
  * Initialize the poison value.
  * This should only be called once.
  */
 extern MFBT_API void mozPoisonValueInit();