From 7dca611cc999457d6b704a8feced82af266cd82a Mon Sep 17 00:00:00 2001 From: "jar@chromium.org" Date: Sat, 12 Mar 2011 20:31:59 +0000 Subject: Add redundancy to detect double frees in TCMalloc Added a single byte or word (tranparently) to all allocations, and wrote a unique value into that location after each allocation. When free() is called, we validate the flag, and then mark the block as not being allocated. Any time a block fails to validate, we crash, as this means the object either overran its allocated region (or suffered memory corruption), or else (more likely) a double free took place. We have two distinct crash stacks for the two distinct validation problems (corrupt vs double free). I did a first landing of this patch to test perf impact and see what corruption it surfaced in: http://src.chromium.org/viewvc/chrome?view=rev&revision=77941 It appears that Windows is not using TCMalloc on our bots. TBR=mbelshe Review URL: http://codereview.chromium.org/6683027 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@77948 0039d316-1c4b-4281-b951-d872f2087c98 --- base/allocator/allocator_shim.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'base/allocator/allocator_shim.cc') diff --git a/base/allocator/allocator_shim.cc b/base/allocator/allocator_shim.cc index f11164c..0bee3d3 100644 --- a/base/allocator/allocator_shim.cc +++ b/base/allocator/allocator_shim.cc @@ -41,7 +41,7 @@ typedef enum { // See SetupSubprocessAllocator() to specify a default secondary (subprocess) // allocator. // TODO(jar): Switch to using TCMALLOC for the renderer as well. -static Allocator allocator = WINHEAP; +static Allocator allocator = TCMALLOC; // The names of the environment variables that can optionally control the // selection of the allocator. The primary may be used to control overall -- cgit v1.1