Google Git
Sign in
chromium / chromium / src / 5129a5ddd1d504ec730f2ae4f72ff4593908f4a4
commit5129a5ddd1d504ec730f2ae4f72ff4593908f4a4[log] [tgz]
authorBenoît Lizé <lizeb@chromium.org>Tue Oct 15 09:53:08 2019
committerCommit Bot <commit-bot@chromium.org>Tue Oct 15 09:53:08 2019
treef84037026e95dcc2c1a2e22af05d8d88e9454f5a
parentb1a7500d2f773f1ef994f8b4a80508aae5f7df58 [diff]
base/allocator: Use typed encoded/decoded freelist entries.

In PartitionAlloc, the freelist entries are encoded (except for the head). The
encoding process is symmetric, meaning that there was a single "Transform()"
function. This is confusing and error-prone.

This adds a type for an encoded freelist entry, making the difference
clearer.

Note that this fixes a bug of PartitionAlloc on big endian platforms. In
PartitionPurgePage(), the tail of the freelist had an un-encoded nullptr
value. This is incorrect, as the code using it would decode the value, and get
the wrong one as a consequence. This does not trigger on little-endian
platforms, as the transformation we use is such that Encode(nullptr) == nullptr,
but on big endian ones Encode(ptr) = ~ptr, meaning that this would lead to a
crash.

It seems that Chrome does not ship on big endian platforms though (and that no
chromium-based project uses PartitionAlloc on big endian platforms), as
otherwise this would crash the renderer very quickly. The issue is eliminated
with the new types.

There is no behavior change in this CL on little endian, and should not impact
performance either.

Bug: 998048, 787153
Change-Id: I67798659202156360aeddc6e71c5d330f5daa163
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1857328
Commit-Queue: Benoit L <lizeb@chromium.org>
Reviewed-by: Egor Pasko <pasko@chromium.org>
Reviewed-by: Chris Palmer <palmer@chromium.org>
Reviewed-by: Kentaro Hara <haraken@chromium.org>
Cr-Commit-Position: refs/heads/master@{#705884}
5 files changed
tree: f84037026e95dcc2c1a2e22af05d8d88e9454f5a
  1. android_webview/
  2. apps/
  3. ash/
  4. base/
  5. build/
  6. build_overrides/
  7. buildtools/
  8. cc/
  9. chrome/
  10. chromecast/
  11. chromeos/
  12. cloud_print/
  13. components/
  14. content/
  15. courgette/
  16. crypto/
  17. dbus/
  18. device/
  19. docs/
  20. extensions/
  21. fuchsia/
  22. gin/
  23. google_apis/
  24. google_update/
  25. gpu/
  26. headless/
  27. infra/
  28. ios/
  29. ipc/
  30. jingle/
  31. media/
  32. mojo/
  33. native_client_sdk/
  34. net/
  35. pdf/
  36. ppapi/
  37. printing/
  38. remoting/
  39. rlz/
  40. sandbox/
  41. services/
  42. skia/
  43. sql/
  44. storage/
  45. styleguide/
  46. testing/
  47. third_party/
  48. tools/
  49. ui/
  50. url/
  51. weblayer/
  52. .clang-format
  53. .eslintrc.js
  54. .git-blame-ignore-revs
  55. .gitattributes
  56. .gitignore
  57. .gn
  58. .vpython
  59. .vpython3
  60. AUTHORS
  61. BUILD.gn
  62. CODE_OF_CONDUCT.md
  63. codereview.settings
  64. DEPS
  65. ENG_REVIEW_OWNERS
  66. LICENSE
  67. LICENSE.chromium_os
  68. OWNERS
  69. PRESUBMIT.py
  70. PRESUBMIT_test.py
  71. PRESUBMIT_test_mocks.py
  72. README.md
  73. WATCHLISTS
README.md

Logo Chromium

Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web.

The project's web site is https://www.chromium.org.

Documentation in the source is rooted in docs/README.md.

Learn how to Get Around the Chromium Source Code Directory Structure .