Closed Bug 1014134 Opened 6 years ago Closed 6 years ago

New rooting hazards reported when replace-malloc or jemalloc3 are enabled

Categories

(Core :: Memory Allocator, defect)

defect
Not set

Tracking

()

RESOLVED FIXED
mozilla32

People

(Reporter: RyanVM, Assigned: sfink)

References

Details

Attachments

(1 file)

https://tbpl.mozilla.org/php/getParsedLog.php?id=40077398&tree=Try

sfink: oh, the replace-malloc one looks like it'll probably be easy
sfink: there's probably just a new function pointer that the analysis distrusts
sfink: yep, je_malloc_message
sfink: same for both
Looks like jemalloc3 uses je_malloc_message instead of _malloc_message.
Attachment #8426547 - Flags: review?(terrence)
Comment on attachment 8426547 [details] [diff] [review]
Annotate that je_malloc_message will not GC

Review of attachment 8426547 [details] [diff] [review]:
-----------------------------------------------------------------

Looks like you also need at least je_malloc_printf and probably some others. Blanket r=me for whatever new je_ needs ignoring.
Attachment #8426547 - Flags: review?(terrence) → review+
I completely forgot about this when I landed bug 999913, so that busted hazard builds on m-i.

The patch here is enough for replace-malloc, so I landed it:
https://hg.mozilla.org/integration/mozilla-inbound/rev/1da44232e82e

Jemalloc3 still would need more.
Whiteboard: [leave open]
FWIW, I disabled replace-malloc on those builds until this is fixed:
https://hg.mozilla.org/integration/mozilla-inbound/rev/efde4f7c20e5

Because adding je_malloc_printf didn't work:
https://tbpl.mozilla.org/?tree=Try&rev=dc35cb843d0d
(In reply to Mike Hommey [:glandium] from comment #5)
> Because adding je_malloc_printf didn't work:
> https://tbpl.mozilla.org/?tree=Try&rev=dc35cb843d0d

Yeah, it has to go in a different place. The list you updated is for indirect calls (field names containing function pointers.) je_malloc_message is a struct field (or class data member), I guess.

https://tbpl.mozilla.org/?tree=Try&rev=bff68c8b54bc
Re-enabled replace-malloc and fixed the hazard build with an annotation
http://hg.mozilla.org/integration/mozilla-inbound/rev/23910ae9a3a7
Whiteboard: [leave open]
Status: NEW → RESOLVED
Closed: 6 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla31
Target Milestone: mozilla31 → mozilla32
You need to log in before you can comment on or make changes to this bug.