Changeset 249578 in webkit

Timestamp:

Sep 6, 2019 10:04:13 AM (5 years ago)

Author:

mark.lam@apple.com

Message:

Fix bmalloc::Allocator:tryAllocate() to return null on failure to allocate.
​https://bugs.webkit.org/show_bug.cgi?id=201529
<rdar://problem/53935772>

Reviewed by Yusuke Suzuki.

JSTests:

• stress/test-out-of-memory.js: Added.

Source/bmalloc:

In this implementation, we pass FailureAction in as a runtime option. If this
proves to be a perf issue, we can easily fix this by passing it as a template
argument. That will also automatically elide unneeded code paths. We'll defer
that exercise until we have evidence that it is warranted.

• CMakeLists.txt:
• bmalloc.xcodeproj/project.pbxproj:
• bmalloc/Allocator.cpp:

(bmalloc::Allocator::allocateImpl):
(bmalloc::Allocator::reallocateImpl):
(bmalloc::Allocator::refillAllocatorSlowCase):
(bmalloc::Allocator::refillAllocator):
(bmalloc::Allocator::allocateLarge):
(bmalloc::Allocator::allocateLogSizeClass):
(bmalloc::Allocator::allocateSlowCase):
(bmalloc::Allocator::tryAllocate): Deleted.
(bmalloc::Allocator::allocate): Deleted.
(bmalloc::Allocator::reallocate): Deleted.
(bmalloc::Allocator::tryReallocate): Deleted.

• bmalloc/Allocator.h:

(bmalloc::Allocator::tryAllocate):
(bmalloc::Allocator::allocate):
(bmalloc::Allocator::tryReallocate):
(bmalloc::Allocator::reallocate):
(bmalloc::Allocator::allocateImpl):

• bmalloc/BumpAllocator.h:
• bmalloc/FailureAction.h: Added.
• bmalloc/Heap.cpp:

(bmalloc::Heap::allocateSmallChunk):
(bmalloc::Heap::allocateSmallPage):
(bmalloc::Heap::allocateSmallBumpRangesByMetadata):
(bmalloc::Heap::allocateSmallBumpRangesByObject):
(bmalloc::Heap::allocateLarge):
(bmalloc::Heap::tryAllocateLarge): Deleted.

• bmalloc/Heap.h:

(bmalloc::Heap::allocateSmallBumpRanges):

• bmalloc/bmalloc.cpp:

(bmalloc::api::tryLargeZeroedMemalignVirtual):

Location:

trunk

Files:

• JSTests/ChangeLog (modified) (1 diff)
• JSTests/stress/test-out-of-memory.js (added)
• Source/bmalloc/CMakeLists.txt (modified) (1 diff)
• Source/bmalloc/ChangeLog (modified) (1 diff)
• Source/bmalloc/bmalloc.xcodeproj/project.pbxproj (modified) (4 diffs)
• Source/bmalloc/bmalloc/Allocator.cpp (modified) (6 diffs)
• Source/bmalloc/bmalloc/Allocator.h (modified) (4 diffs)
• Source/bmalloc/bmalloc/BumpAllocator.h (modified) (1 diff)
• Source/bmalloc/bmalloc/FailureAction.h (added)
• Source/bmalloc/bmalloc/Heap.cpp (modified) (17 diffs)
• Source/bmalloc/bmalloc/Heap.h (modified) (5 diffs)
• Source/bmalloc/bmalloc/bmalloc.cpp (modified) (1 diff)

trunk/JSTests/ChangeLog

@@ +1 @@
+2019-09-06  Mark Lam  <mark.lam@apple.com>
+
+        Fix bmalloc::Allocator:tryAllocate() to return null on failure to allocate.
+        https://bugs.webkit.org/show_bug.cgi?id=201529
+        <rdar://problem/53935772>
+
+        Reviewed by Yusuke Suzuki.
+
+        * stress/test-out-of-memory.js: Added.
+
 2019-09-05  Tadeu Zagallo  <tzagallo@apple.com>
 

trunk/Source/bmalloc/CMakeLists.txt

@@ -65 +65 @@
     bmalloc/EligibilityResultInlines.h
     bmalloc/Environment.h
+    bmalloc/FailureAction.h
     bmalloc/FixedVector.h
     bmalloc/FreeList.h

trunk/Source/bmalloc/ChangeLog

@@ +1 @@
+2019-09-06  Mark Lam  <mark.lam@apple.com>
+
+        Fix bmalloc::Allocator:tryAllocate() to return null on failure to allocate.
+        https://bugs.webkit.org/show_bug.cgi?id=201529
+        <rdar://problem/53935772>
+
+        Reviewed by Yusuke Suzuki.
+
+        In this implementation, we pass FailureAction in as a runtime option.  If this
+        proves to be a perf issue, we can easily fix this by passing it as a template
+        argument.  That will also automatically elide unneeded code paths.  We'll defer
+        that exercise until we have evidence that it is warranted.
+
+        * CMakeLists.txt:
+        * bmalloc.xcodeproj/project.pbxproj:
+        * bmalloc/Allocator.cpp:
+        (bmalloc::Allocator::allocateImpl):
+        (bmalloc::Allocator::reallocateImpl):
+        (bmalloc::Allocator::refillAllocatorSlowCase):
+        (bmalloc::Allocator::refillAllocator):
+        (bmalloc::Allocator::allocateLarge):
+        (bmalloc::Allocator::allocateLogSizeClass):
+        (bmalloc::Allocator::allocateSlowCase):
+        (bmalloc::Allocator::tryAllocate): Deleted.
+        (bmalloc::Allocator::allocate): Deleted.
+        (bmalloc::Allocator::reallocate): Deleted.
+        (bmalloc::Allocator::tryReallocate): Deleted.
+        * bmalloc/Allocator.h:
+        (bmalloc::Allocator::tryAllocate):
+        (bmalloc::Allocator::allocate):
+        (bmalloc::Allocator::tryReallocate):
+        (bmalloc::Allocator::reallocate):
+        (bmalloc::Allocator::allocateImpl):
+        * bmalloc/BumpAllocator.h:
+        * bmalloc/FailureAction.h: Added.
+        * bmalloc/Heap.cpp:
+        (bmalloc::Heap::allocateSmallChunk):
+        (bmalloc::Heap::allocateSmallPage):
+        (bmalloc::Heap::allocateSmallBumpRangesByMetadata):
+        (bmalloc::Heap::allocateSmallBumpRangesByObject):
+        (bmalloc::Heap::allocateLarge):
+        (bmalloc::Heap::tryAllocateLarge): Deleted.
+        * bmalloc/Heap.h:
+        (bmalloc::Heap::allocateSmallBumpRanges):
+        * bmalloc/bmalloc.cpp:
+        (bmalloc::api::tryLargeZeroedMemalignVirtual):
+
 2019-09-05  Mark Lam  <mark.lam@apple.com>
 

trunk/Source/bmalloc/bmalloc.xcodeproj/project.pbxproj

@@ -148 +148 @@
                 E3FBB5A2225EADB000DB6FBD /* IsoSharedHeap.h in Headers */ = {isa = PBXBuildFile; fileRef = E3FBB59F225EADB000DB6FBD /* IsoSharedHeap.h */; settings = {ATTRIBUTES = (Private, ); }; };
                 E3FBB5A4225ECAD200DB6FBD /* IsoSharedHeapInlines.h in Headers */ = {isa = PBXBuildFile; fileRef = E3FBB5A3225ECAD200DB6FBD /* IsoSharedHeapInlines.h */; settings = {ATTRIBUTES = (Private, ); }; };
+                FE48BD3B2321E8D700F136D0 /* FailureAction.h in Headers */ = {isa = PBXBuildFile; fileRef = FE48BD3A2321E8CC00F136D0 /* FailureAction.h */; settings = {ATTRIBUTES = (Private, ); }; };
 /* End PBXBuildFile section */
 
@@ -300 +301 @@
                 E3FBB59F225EADB000DB6FBD /* IsoSharedHeap.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = IsoSharedHeap.h; path = bmalloc/IsoSharedHeap.h; sourceTree = "<group>"; };
                 E3FBB5A3225ECAD200DB6FBD /* IsoSharedHeapInlines.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = IsoSharedHeapInlines.h; path = bmalloc/IsoSharedHeapInlines.h; sourceTree = "<group>"; };
+                FE48BD3A2321E8CC00F136D0 /* FailureAction.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = FailureAction.h; path = bmalloc/FailureAction.h; sourceTree = "<group>"; };
 /* End PBXFileReference section */
 
@@ -476 +478 @@
                                 14895D8F1A3A319C0006235D /* Environment.cpp */,
                                 14895D901A3A319C0006235D /* Environment.h */,
+                                FE48BD3A2321E8CC00F136D0 /* FailureAction.h */,
                                 0F5BF14E1F22DEAF0029D91D /* Gigacage.cpp */,
                                 0F5BF14C1F22B0C30029D91D /* Gigacage.h */,
@@ -614 +617 @@
                                 0F7EB8311F9541B000F1ABCB /* IsoPageInlines.h in Headers */,
                                 0F7EB82B1F9541B000F1ABCB /* IsoPageTrigger.h in Headers */,
+                                FE48BD3B2321E8D700F136D0 /* FailureAction.h in Headers */,
                                 E3FBB5A0225EADB000DB6FBD /* IsoSharedConfig.h in Headers */,
                                 E3FBB5A2225EADB000DB6FBD /* IsoSharedHeap.h in Headers */,

trunk/Source/bmalloc/bmalloc/Allocator.cpp

@@ -1 +1 @@
 /*
- * Copyright (C) 2014-2018 Apple Inc. All rights reserved.
+ * Copyright (C) 2014-2019 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -51 +51 @@
 }
 
-void* Allocator::tryAllocate(size_t size)
-{
-    if (size <= smallMax)
-        return allocate(size);
-
-    std::unique_lock<Mutex> lock(Heap::mutex());
-    return m_heap.tryAllocateLarge(lock, alignment, size);
-}
-
-void* Allocator::allocate(size_t alignment, size_t size)
-{
-    bool crashOnFailure = true;
-    return allocateImpl(alignment, size, crashOnFailure);
-}
-
-void* Allocator::tryAllocate(size_t alignment, size_t size)
-{
-    bool crashOnFailure = false;
-    return allocateImpl(alignment, size, crashOnFailure);
-}
-
-void* Allocator::allocateImpl(size_t alignment, size_t size, bool crashOnFailure)
+void* Allocator::allocateImpl(size_t alignment, size_t size, FailureAction action)
 {
     BASSERT(isPowerOfTwo(alignment));
@@ -80 +59 @@
 
     if (size <= smallMax && alignment <= smallMax)
-        return allocate(roundUpToMultipleOf(alignment, size));
+        return allocateImpl(roundUpToMultipleOf(alignment, size), action);
 
-    std::unique_lock<Mutex> lock(Heap::mutex());
-    if (crashOnFailure)
-        return m_heap.allocateLarge(lock, alignment, size);
-    return m_heap.tryAllocateLarge(lock, alignment, size);
+    return allocateLarge(size, action);
 }
 
-void* Allocator::reallocate(void* object, size_t newSize)
-{
-    bool crashOnFailure = true;
-    return reallocateImpl(object, newSize, crashOnFailure);
-}
-
-void* Allocator::tryReallocate(void* object, size_t newSize)
-{
-    bool crashOnFailure = false;
-    return reallocateImpl(object, newSize, crashOnFailure);
-}
-
-void* Allocator::reallocateImpl(void* object, size_t newSize, bool crashOnFailure)
+void* Allocator::reallocateImpl(void* object, size_t newSize, FailureAction action)
 {
     size_t oldSize = 0;
@@ -126 +90 @@
 
     void* result = nullptr;
-    if (crashOnFailure)
-        result = allocate(newSize);
-    else {
-        result = tryAllocate(newSize);
-        if (!result)
-            return nullptr;
+    result = allocateImpl(newSize, action);
+    if (!result) {
+        BASSERT(action == FailureAction::ReturnNull);
+        return nullptr;
     }
     size_t copySize = std::min(oldSize, newSize);
@@ -158 +120 @@
 }
 
-BNO_INLINE void Allocator::refillAllocatorSlowCase(BumpAllocator& allocator, size_t sizeClass)
+BNO_INLINE void Allocator::refillAllocatorSlowCase(BumpAllocator& allocator, size_t sizeClass, FailureAction action)
 {
     BumpRangeCache& bumpRangeCache = m_bumpRangeCaches[sizeClass];
@@ -164 +126 @@
     std::unique_lock<Mutex> lock(Heap::mutex());
     m_deallocator.processObjectLog(lock);
-    m_heap.allocateSmallBumpRanges(lock, sizeClass, allocator, bumpRangeCache, m_deallocator.lineCache(lock));
+    m_heap.allocateSmallBumpRanges(lock, sizeClass, allocator, bumpRangeCache, m_deallocator.lineCache(lock), action);
 }
 
-BINLINE void Allocator::refillAllocator(BumpAllocator& allocator, size_t sizeClass)
+BINLINE void Allocator::refillAllocator(BumpAllocator& allocator, size_t sizeClass, FailureAction action)
 {
     BumpRangeCache& bumpRangeCache = m_bumpRangeCaches[sizeClass];
     if (!bumpRangeCache.size())
-        return refillAllocatorSlowCase(allocator, sizeClass);
+        return refillAllocatorSlowCase(allocator, sizeClass, action);
     return allocator.refill(bumpRangeCache.pop());
 }
 
-BNO_INLINE void* Allocator::allocateLarge(size_t size)
+BNO_INLINE void* Allocator::allocateLarge(size_t size, FailureAction action)
 {
     std::unique_lock<Mutex> lock(Heap::mutex());
-    return m_heap.allocateLarge(lock, alignment, size);
+    return m_heap.allocateLarge(lock, alignment, size, action);
 }
 
-BNO_INLINE void* Allocator::allocateLogSizeClass(size_t size)
+BNO_INLINE void* Allocator::allocateLogSizeClass(size_t size, FailureAction action)
 {
     size_t sizeClass = bmalloc::sizeClass(size);
     BumpAllocator& allocator = m_bumpAllocators[sizeClass];
     if (!allocator.canAllocate())
-        refillAllocator(allocator, sizeClass);
+        refillAllocator(allocator, sizeClass, action);
+    if (action == FailureAction::ReturnNull && !allocator.canAllocate())
+        return nullptr;
     return allocator.allocate();
 }
 
-void* Allocator::allocateSlowCase(size_t size)
+void* Allocator::allocateSlowCase(size_t size, FailureAction action)
 {
     if (size <= maskSizeClassMax) {
         size_t sizeClass = bmalloc::maskSizeClass(size);
         BumpAllocator& allocator = m_bumpAllocators[sizeClass];
-        refillAllocator(allocator, sizeClass);
+        refillAllocator(allocator, sizeClass, action);
+        if (action == FailureAction::ReturnNull && !allocator.canAllocate())
+            return nullptr;
         return allocator.allocate();
     }
 
     if (size <= smallMax)
-        return allocateLogSizeClass(size);
+        return allocateLogSizeClass(size, action);
 
-    return allocateLarge(size);
+    return allocateLarge(size, action);
 }
 

trunk/Source/bmalloc/bmalloc/Allocator.h

@@ -1 +1 @@
 /*
- * Copyright (C) 2014-2018 Apple Inc. All rights reserved.
+ * Copyright (C) 2014-2019 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -29 +29 @@
 #include "BExport.h"
 #include "BumpAllocator.h"
+#include "FailureAction.h"
 #include <array>
 
@@ -43 +44 @@
     ~Allocator();
 
-    BEXPORT void* tryAllocate(size_t);
-    void* allocate(size_t);
-    void* tryAllocate(size_t alignment, size_t);
-    void* allocate(size_t alignment, size_t);
-    void* tryReallocate(void*, size_t);
-    void* reallocate(void*, size_t);
+    void* tryAllocate(size_t size) { return allocateImpl(size, FailureAction::ReturnNull); }
+    void* allocate(size_t size) { return allocateImpl(size, FailureAction::Crash); }
+    void* tryAllocate(size_t alignment, size_t size) { return allocateImpl(alignment, size, FailureAction::ReturnNull); }
+    void* allocate(size_t alignment, size_t size) { return allocateImpl(alignment, size, FailureAction::Crash); }
+    void* tryReallocate(void* object, size_t newSize) { return reallocateImpl(object, newSize, FailureAction::ReturnNull); }
+    void* reallocate(void* object, size_t newSize) { return reallocateImpl(object, newSize, FailureAction::Crash); }
 
     void scavenge();
 
 private:
-    void* allocateImpl(size_t alignment, size_t, bool crashOnFailure);
-    void* reallocateImpl(void*, size_t, bool crashOnFailure);
+    void* allocateImpl(size_t, FailureAction);
+    void* allocateImpl(size_t alignment, size_t, FailureAction);
+    void* reallocateImpl(void*, size_t, FailureAction);
 
     bool allocateFastCase(size_t, void*&);
-    BEXPORT void* allocateSlowCase(size_t);
+    BEXPORT void* allocateSlowCase(size_t, FailureAction);
+
+    void* allocateLogSizeClass(size_t, FailureAction);
+    void* allocateLarge(size_t, FailureAction);
     
-    void* allocateLogSizeClass(size_t);
-    void* allocateLarge(size_t);
-    
-    void refillAllocator(BumpAllocator&, size_t sizeClass);
-    void refillAllocatorSlowCase(BumpAllocator&, size_t sizeClass);
+    inline void refillAllocator(BumpAllocator&, size_t sizeClass, FailureAction);
+    void refillAllocatorSlowCase(BumpAllocator&, size_t sizeClass, FailureAction);
     
     std::array<BumpAllocator, sizeClassCount> m_bumpAllocators;
@@ -85 +87 @@
 }
 
-inline void* Allocator::allocate(size_t size)
+inline void* Allocator::allocateImpl(size_t size, FailureAction action)
 {
     void* object;
     if (!allocateFastCase(size, object))
-        return allocateSlowCase(size);
+        return allocateSlowCase(size, action);
     return object;
 }

trunk/Source/bmalloc/bmalloc/BumpAllocator.h

@@ -1 +1 @@
 /*
- * Copyright (C) 2014 Apple Inc. All rights reserved.
+ * Copyright (C) 2014-2019 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without

trunk/Source/bmalloc/bmalloc/Heap.cpp

@@ -1 +1 @@
 /*
- * Copyright (C) 2014-2018 Apple Inc. All rights reserved.
+ * Copyright (C) 2014-2019 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -227 +227 @@
 }
 
-void Heap::allocateSmallChunk(std::unique_lock<Mutex>& lock, size_t pageClass)
+void Heap::allocateSmallChunk(std::unique_lock<Mutex>& lock, size_t pageClass, FailureAction action)
 {
     RELEASE_BASSERT(isActiveHeapKind(m_kind));
@@ -233 +233 @@
     size_t pageSize = bmalloc::pageSize(pageClass);
 
-    Chunk* chunk = [&]() {
+    Chunk* chunk = [&]() -> Chunk* {
         if (!m_chunkCache[pageClass].isEmpty())
             return m_chunkCache[pageClass].pop();
 
-        void* memory = allocateLarge(lock, chunkSize, chunkSize);
+        void* memory = allocateLarge(lock, chunkSize, chunkSize, action);
+        if (!memory) {
+            BASSERT(action == FailureAction::ReturnNull);
+            return nullptr;
+        }
 
         Chunk* chunk = new (memory) Chunk(pageSize);
@@ -257 +261 @@
     }();
     
-    m_freePages[pageClass].push(chunk);
+    if (chunk)
+        m_freePages[pageClass].push(chunk);
 }
 
@@ -286 +291 @@
 }
 
-SmallPage* Heap::allocateSmallPage(std::unique_lock<Mutex>& lock, size_t sizeClass, LineCache& lineCache)
+SmallPage* Heap::allocateSmallPage(std::unique_lock<Mutex>& lock, size_t sizeClass, LineCache& lineCache, FailureAction action)
 {
     RELEASE_BASSERT(isActiveHeapKind(m_kind));
@@ -298 +303 @@
     m_scavenger->didStartGrowing();
     
-    SmallPage* page = [&]() {
+    SmallPage* page = [&]() -> SmallPage* {
         size_t pageClass = m_pageClasses[sizeClass];
         
         if (m_freePages[pageClass].isEmpty())
-            allocateSmallChunk(lock, pageClass);
+            allocateSmallChunk(lock, pageClass, action);
+        if (action == FailureAction::ReturnNull && m_freePages[pageClass].isEmpty())
+            return nullptr;
 
         Chunk* chunk = m_freePages[pageClass].tail();
@@ -329 +336 @@
         return page;
     }();
+    if (!page) {
+        BASSERT(action == FailureAction::ReturnNull);
+        return nullptr;
+    }
 
     page->setSizeClass(sizeClass);
@@ -377 +388 @@
     std::unique_lock<Mutex>& lock, size_t sizeClass,
     BumpAllocator& allocator, BumpRangeCache& rangeCache,
-    LineCache& lineCache)
-{
+    LineCache& lineCache, FailureAction action)
+{
+    BUNUSED(action);
     RELEASE_BASSERT(isActiveHeapKind(m_kind));
 
-    SmallPage* page = allocateSmallPage(lock, sizeClass, lineCache);
+    SmallPage* page = allocateSmallPage(lock, sizeClass, lineCache, action);
+    if (!page) {
+        BASSERT(action == FailureAction::ReturnNull);
+        return;
+    }
     SmallLine* lines = page->begin();
     BASSERT(page->hasFreeLines(lock));
@@ -419 +435 @@
         if (!findSmallBumpRange(lineNumber)) {
             page->setHasFreeLines(lock, false);
-            BASSERT(allocator.canAllocate());
+            BASSERT(action == FailureAction::ReturnNull || allocator.canAllocate());
             return;
         }
@@ -426 +442 @@
         if (rangeCache.size() == rangeCache.capacity()) {
             lineCache[sizeClass].push(page);
-            BASSERT(allocator.canAllocate());
+            BASSERT(action == FailureAction::ReturnNull || allocator.canAllocate());
             return;
         }
@@ -441 +457 @@
     std::unique_lock<Mutex>& lock, size_t sizeClass,
     BumpAllocator& allocator, BumpRangeCache& rangeCache,
-    LineCache& lineCache)
-{
+    LineCache& lineCache, FailureAction action)
+{
+    BUNUSED(action);
     RELEASE_BASSERT(isActiveHeapKind(m_kind));
 
     size_t size = allocator.size();
-    SmallPage* page = allocateSmallPage(lock, sizeClass, lineCache);
+    SmallPage* page = allocateSmallPage(lock, sizeClass, lineCache, action);
+    if (!page) {
+        BASSERT(action == FailureAction::ReturnNull);
+        return;
+    }
     BASSERT(page->hasFreeLines(lock));
 
@@ -476 +497 @@
         if (!findSmallBumpRange(it, end)) {
             page->setHasFreeLines(lock, false);
-            BASSERT(allocator.canAllocate());
+            BASSERT(action == FailureAction::ReturnNull || allocator.canAllocate());
             return;
         }
@@ -483 +504 @@
         if (rangeCache.size() == rangeCache.capacity()) {
             lineCache[sizeClass].push(page);
-            BASSERT(allocator.canAllocate());
+            BASSERT(action == FailureAction::ReturnNull || allocator.canAllocate());
             return;
         }
@@ -543 +564 @@
 }
 
-void* Heap::tryAllocateLarge(std::unique_lock<Mutex>& lock, size_t alignment, size_t size)
-{
+void* Heap::allocateLarge(std::unique_lock<Mutex>& lock, size_t alignment, size_t size, FailureAction action)
+{
+#define ASSERT_OR_RETURN_ON_FAILURE(cond) do { \
+        if (action == FailureAction::Crash) \
+            RELEASE_BASSERT(cond); \
+        else if (!(cond)) \
+            return nullptr; \
+    } while (false)
+
+
     RELEASE_BASSERT(isActiveHeapKind(m_kind));
 
@@ -552 +581 @@
     
     size_t roundedSize = size ? roundUpToMultipleOf(largeAlignment, size) : largeAlignment;
-    if (roundedSize < size) // Check for overflow
-        return nullptr;
+    ASSERT_OR_RETURN_ON_FAILURE(roundedSize >= size); // Check for overflow
     size = roundedSize;
 
     size_t roundedAlignment = roundUpToMultipleOf<largeAlignment>(alignment);
-    if (roundedAlignment < alignment) // Check for overflow
-        return nullptr;
+    ASSERT_OR_RETURN_ON_FAILURE(roundedAlignment >= alignment); // Check for overflow
     alignment = roundedAlignment;
 
@@ -566 +593 @@
             m_condition.wait(lock, [&]() { return !m_hasPendingDecommits; });
             // Now we're guaranteed we're looking at all available memory.
-            return tryAllocateLarge(lock, alignment, size);
-        }
-
-        if (usingGigacage())
-            return nullptr;
+            return allocateLarge(lock, alignment, size, action);
+        }
+
+        ASSERT_OR_RETURN_ON_FAILURE(!usingGigacage());
 
         range = VMHeap::get()->tryAllocateLargeChunk(alignment, size);
-        if (!range)
-            return nullptr;
+        ASSERT_OR_RETURN_ON_FAILURE(range);
         
         m_largeFree.add(range);
@@ -583 +608 @@
 
     void* result = splitAndAllocate(lock, range, alignment, size).begin();
+    ASSERT_OR_RETURN_ON_FAILURE(result);
     return result;
-}
-
-void* Heap::allocateLarge(std::unique_lock<Mutex>& lock, size_t alignment, size_t size)
-{
-    void* result = tryAllocateLarge(lock, alignment, size);
-    RELEASE_BASSERT(result);
-    return result;
+
+#undef ASSERT_OR_RETURN_ON_FAILURE
 }
 

trunk/Source/bmalloc/bmalloc/Heap.h

@@ -1 +1 @@
 /*
- * Copyright (C) 2014-2018 Apple Inc. All rights reserved.
+ * Copyright (C) 2014-2019 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -29 +29 @@
 #include "BumpRange.h"
 #include "Chunk.h"
+#include "FailureAction.h"
 #include "HeapKind.h"
 #include "LargeMap.h"
@@ -65 +66 @@
     
     void allocateSmallBumpRanges(std::unique_lock<Mutex>&, size_t sizeClass,
-        BumpAllocator&, BumpRangeCache&, LineCache&);
+        BumpAllocator&, BumpRangeCache&, LineCache&, FailureAction);
     void derefSmallLine(std::unique_lock<Mutex>&, Object, LineCache&);
     void deallocateLineCache(std::unique_lock<Mutex>&, LineCache&);
 
-    void* allocateLarge(std::unique_lock<Mutex>&, size_t alignment, size_t);
-    void* tryAllocateLarge(std::unique_lock<Mutex>&, size_t alignment, size_t);
+    void* allocateLarge(std::unique_lock<Mutex>&, size_t alignment, size_t, FailureAction);
     void deallocateLarge(std::unique_lock<Mutex>&, void*);
 
@@ -111 +111 @@
 
     void allocateSmallBumpRangesByMetadata(std::unique_lock<Mutex>&,
-        size_t sizeClass, BumpAllocator&, BumpRangeCache&, LineCache&);
+        size_t sizeClass, BumpAllocator&, BumpRangeCache&, LineCache&, FailureAction);
     void allocateSmallBumpRangesByObject(std::unique_lock<Mutex>&,
-        size_t sizeClass, BumpAllocator&, BumpRangeCache&, LineCache&);
+        size_t sizeClass, BumpAllocator&, BumpRangeCache&, LineCache&, FailureAction);
 
-    SmallPage* allocateSmallPage(std::unique_lock<Mutex>&, size_t sizeClass, LineCache&);
+    SmallPage* allocateSmallPage(std::unique_lock<Mutex>&, size_t sizeClass, LineCache&, FailureAction);
     void deallocateSmallLine(std::unique_lock<Mutex>&, Object, LineCache&);
 
-    void allocateSmallChunk(std::unique_lock<Mutex>&, size_t pageClass);
+    void allocateSmallChunk(std::unique_lock<Mutex>&, size_t pageClass, FailureAction);
     void deallocateSmallChunk(Chunk*, size_t pageClass);
 
@@ -158 +158 @@
     std::unique_lock<Mutex>& lock, size_t sizeClass,
     BumpAllocator& allocator, BumpRangeCache& rangeCache,
-    LineCache& lineCache)
+    LineCache& lineCache, FailureAction action)
 {
     if (sizeClass < bmalloc::sizeClass(smallLineSize))
-        return allocateSmallBumpRangesByMetadata(lock, sizeClass, allocator, rangeCache, lineCache);
-    return allocateSmallBumpRangesByObject(lock, sizeClass, allocator, rangeCache, lineCache);
+        return allocateSmallBumpRangesByMetadata(lock, sizeClass, allocator, rangeCache, lineCache, action);
+    return allocateSmallBumpRangesByObject(lock, sizeClass, allocator, rangeCache, lineCache, action);
 }
 

trunk/Source/bmalloc/bmalloc/bmalloc.cpp

@@ -60 +60 @@
 
         std::unique_lock<Mutex> lock(Heap::mutex());
-        result = heap.tryAllocateLarge(lock, alignment, size);
+        result = heap.allocateLarge(lock, alignment, size, FailureAction::ReturnNull);
         if (result) {
             // Don't track this as dirty memory that dictates how we drive the scavenger.