[PartitionAlloc] Reentrancy check in the thread cache.

Bug: 998048 Change-Id: I340b637565c466b13b281b30f340970f5da8212c Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2563691 Commit-Queue: Benoit L <lizeb@chromium.org> Reviewed-by: Yuki Shiino <yukishiino@chromium.org> Cr-Commit-Position: refs/heads/master@{#832318}

[PartitionAlloc] Reentrancy check in the thread cache.
Bug: 998048 Change-Id: I340b637565c466b13b281b30f340970f5da8212c Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2563691 Commit-Queue: Benoit L <lizeb@chromium.org> Reviewed-by: Yuki Shiino <yukishiino@chromium.org> Cr-Commit-Position: refs/heads/master@{#832318}
5c918a16 · Benoit Lize · Chromium LUCI CQ · 07027b37 · 5c918a16 · 5c918a16
Commit 5c918a16 authored Dec 01, 2020 by Benoit Lize Committed by Chromium LUCI CQ Dec 01, 2020
Showing with 38 additions and 1 deletion

base/allocator/partition_allocator/thread_cache.cc base/allocator/partition_allocator/thread_cache.cc +5 -0

base/allocator/partition_allocator/thread_cache.h base/allocator/partition_allocator/thread_cache.h +33 -1

No files found.
--- a/base/allocator/partition_allocator/thread_cache.cc
+++ b/base/allocator/partition_allocator/thread_cache.cc
@@ -227,6 +227,11 @@ void ThreadCache::SetShouldPurge() {
 }
 void ThreadCache::Purge() {
+  PA_REENTRANCY_GUARD(is_in_thread_cache_);
+  PurgeInternal();
+}
+void ThreadCache::PurgeInternal() {
  for (auto& bucket : buckets_)
    ClearBucket(bucket, 0);

--- a/base/allocator/partition_allocator/thread_cache.h
+++ b/base/allocator/partition_allocator/thread_cache.h
@@ -16,6 +16,7 @@
 #include "base/allocator/partition_allocator/partition_tls.h"
 #include "base/base_export.h"
 #include "base/gtest_prod_util.h"
+#include "base/macros.h"
 #include "base/no_destructor.h"
 #include "base/partition_alloc_buildflags.h"
 #include "base/synchronization/lock.h"
@@ -92,6 +93,31 @@ ALWAYS_INLINE static constexpr int ConstexprLog2(size_t n) {
  return n < 1 ? -1 : (n < 2 ? 0 : (1 + ConstexprLog2(n >> 1)));
 }
+#if DCHECK_IS_ON()
+class ReentrancyGuard {
+ public:
+  explicit ReentrancyGuard(bool& flag) : flag_(flag) {
+    PA_CHECK(!flag_);
+    flag_ = true;
+  }
+  ~ReentrancyGuard() { flag_ = false; }
+ private:
+  bool& flag_;
+};
+#define PA_REENTRANCY_GUARD(x) \
+  ReentrancyGuard guard { x }
+#else
+#define PA_REENTRANCY_GUARD(x) \
+  do {                         \
+  } while (0)
+#endif  // DCHECK_IS_ON()
 // Per-thread cache. *Not* threadsafe, must only be accessed from a single
 // thread.
 //
@@ -168,6 +194,7 @@ class BASE_EXPORT ThreadCache {
  explicit ThreadCache(PartitionRoot<ThreadSafe>* root);
  static void Delete(void* thread_cache_ptr);
+  void PurgeInternal();
  // Empties the |bucket| until there are at most |limit| objects in it.
  void ClearBucket(Bucket& bucket, size_t limit);
@@ -185,6 +212,9 @@ class BASE_EXPORT ThreadCache {
  Bucket buckets_[kBucketCount];
  ThreadCacheStats stats_;
  PartitionRoot<ThreadSafe>* const root_;
+#if DCHECK_IS_ON()
+  bool is_in_thread_cache_ = false;
+#endif
  // Intrusive list since ThreadCacheRegistry::RegisterThreadCache() cannot
  // allocate.
@@ -201,8 +231,9 @@ class BASE_EXPORT ThreadCache {
 ALWAYS_INLINE bool ThreadCache::MaybePutInCache(void* address,
                                                size_t bucket_index) {
+  PA_REENTRANCY_GUARD(is_in_thread_cache_);
  if (UNLIKELY(should_purge_.load(std::memory_order_relaxed)))
-    Purge();
+    PurgeInternal();
  INCREMENT_COUNTER(stats_.cache_fill_count);
@@ -231,6 +262,7 @@ ALWAYS_INLINE bool ThreadCache::MaybePutInCache(void* address,
 }
 ALWAYS_INLINE void* ThreadCache::GetFromCache(size_t bucket_index) {
+  PA_REENTRANCY_GUARD(is_in_thread_cache_);
  INCREMENT_COUNTER(stats_.alloc_count);
  // Only handle "small" allocations.
  if (UNLIKELY(bucket_index >= kBucketCount)) {