Closed Bug 1730376 Opened 5 months ago Closed 4 months ago

FreePage function checks mmap return value incorrectly

Categories

(Core :: Memory Allocator, defect)

Firefox 94
x86_64
Linux
defect

Tracking

()

RESOLVED FIXED
95 Branch
Tracking Status
firefox94 --- wontfix
firefox95 --- fixed

People

(Reporter: alexhenrie24, Assigned: alexhenrie24)

Details

Attachments

(1 file)

The FreePage function in memory/replace/phc/PHC.cpp currently has the following code:

#ifdef XP_WIN
  if (!VirtualFree(pagePtr, kPageSize, MEM_DECOMMIT)) {
    return;
  }
#else
  if (!mmap(pagePtr, kPageSize, PROT_NONE, MAP_FIXED | MAP_PRIVATE | MAP_ANON,
            -1, 0)) {
    return;
  }
#endif

Assuming that the Windows and Unix branches are supposed to do the same thing, the idea here is to return early if the function call fails. However, mmap does not return 0 on failure but rather MAP_FAILED which is defined to be -1. This means that the Unix branch will never return early even if there is an error.

Summary: FreePage function checks mmap return code incorrectly → FreePage function checks mmap return value incorrectly
Assignee: nobody → alexhenrie24
Status: NEW → ASSIGNED
Pushed by mh@glandium.org:
https://hg.mozilla.org/integration/autoland/rev/a527e1810665
Fix mmap return value check in FreePage function. r=glandium
Status: ASSIGNED → RESOLVED
Closed: 4 months ago
Resolution: --- → FIXED
Target Milestone: --- → 95 Branch

The patch landed in nightly and beta is affected.
:alexhenrie24, is this bug important enough to require an uplift?
If not please set status_beta to wontfix.

For more information, please visit auto_nag documentation.

Flags: needinfo?(alexhenrie24)

I don't think the patch needs an uplift because the bug hasn't been shown to cause any real-world problems.

Flags: needinfo?(alexhenrie24)
You need to log in before you can comment on or make changes to this bug.