Move extra size checks behind a config flag.

This will let us turn that flag into a generic "turn on runtime checks" flag
that guards other functionality we have planned.

configure.ac

@@ -1418,22 +1418,22 @@ if test "x$enable_readlinkat" = "x1" ; then
 fi
 AC_SUBST([enable_readlinkat])
 
-dnl Avoid the extra size checking by default
-AC_ARG_ENABLE([extra-size-check],
-  [AS_HELP_STRING([--enable-extra-size-check],
-  [Perform additonal size related sanity checks])],
-[if test "x$enable_extra_size_check" = "xno" ; then
-  enable_extra_size_check="0"
+dnl Avoid extra safety checks by default
+AC_ARG_ENABLE([opt-safety-checks],
+  [AS_HELP_STRING([--enable-opt-safety-checks],
+  [Perform certain low-overhead checks, even in opt mode])],
+[if test "x$enable_opt_safety_checks" = "xno" ; then
+  enable_opt_safety_checks="0"
 else
-  enable_extra_size_check="1"
+  enable_opt_safety_checks="1"
 fi
 ],
-[enable_extra_size_check="0"]
+[enable_opt_safety_checks="0"]
 )
-if test "x$enable_extra_size_check" = "x1" ; then
-  AC_DEFINE([JEMALLOC_EXTRA_SIZE_CHECK], [ ])
+if test "x$enable_opt_safety_checks" = "x1" ; then
+  AC_DEFINE([JEMALLOC_OPT_SAFETY_CHECKS], [ ])
 fi
-AC_SUBST([enable_extra_size_check])
+AC_SUBST([enable_opt_safety_checks])
 
 JE_COMPILABLE([a program using __builtin_unreachable], [
 void foo (void) {

include/jemalloc/internal/jemalloc_internal_defs.h.in

@@ -360,7 +360,7 @@
  */
 #undef JEMALLOC_STRERROR_R_RETURNS_CHAR_WITH_GNU_SOURCE
 
-/* Performs additional size-matching sanity checks when defined. */
-#undef JEMALLOC_EXTRA_SIZE_CHECK
+/* Performs additional safety checks when defined. */
+#undef JEMALLOC_OPT_SAFETY_CHECKS
 
 #endif /* JEMALLOC_INTERNAL_DEFS_H_ */

include/jemalloc/internal/jemalloc_preamble.h.in

@@ -161,6 +161,25 @@ static const bool config_log =
     false
 #endif
     ;
+/*
+ * Are extra safety checks enabled; things like checking the size of sized
+ * deallocations, double-frees, etc.
+ */
+static const bool config_opt_safety_checks =
+#if defined(JEMALLOC_EXTRA_SAFETY_CHECKS)
+    true
+#elif defined(JEMALLOC_DEBUG)
+    /*
+     * This lets us only guard safety checks by one flag instead of two; fast
+     * checks can guard solely by config_opt_safety_checks and run in debug mode
+     * too.
+     */
+    true
+#else
+    false
+#endif
+    ;
+
 #if defined(_WIN32) || defined(JEMALLOC_HAVE_SCHED_GETCPU)
 /* Currently percpu_arena depends on sched_getcpu. */
 #define JEMALLOC_PERCPU_ARENA

src/tcache.c

@@ -101,7 +101,6 @@ tcache_alloc_small_hard(tsdn_t *tsdn, arena_t *arena, tcache_t *tcache,
 }
 
 /* Enabled with --enable-extra-size-check. */
-#ifdef JEMALLOC_EXTRA_SIZE_CHECK
 static void
 tbin_extents_lookup_size_check(tsdn_t *tsdn, cache_bin_t *tbin, szind_t binind,
     size_t nflush, extent_t **extents){
@@ -129,7 +128,6 @@ tbin_extents_lookup_size_check(tsdn_t *tsdn, cache_bin_t *tbin, szind_t binind,
 		abort();
 	}
 }
-#endif
 
 void
 tcache_bin_flush_small(tsd_t *tsd, tcache_t *tcache, cache_bin_t *tbin,
@@ -144,15 +142,16 @@ tcache_bin_flush_small(tsd_t *tsd, tcache_t *tcache, cache_bin_t *tbin,
 	unsigned nflush = tbin->ncached - rem;
 	VARIABLE_ARRAY(extent_t *, item_extent, nflush);
 
-#ifndef JEMALLOC_EXTRA_SIZE_CHECK
 	/* Look up extent once per item. */
-	for (unsigned i = 0 ; i < nflush; i++) {
-		item_extent[i] = iealloc(tsd_tsdn(tsd), *(tbin->avail - 1 - i));
+	if (config_opt_safety_checks) {
+		tbin_extents_lookup_size_check(tsd_tsdn(tsd), tbin, binind,
+		    nflush, item_extent);
+	} else {
+		for (unsigned i = 0 ; i < nflush; i++) {
+			item_extent[i] = iealloc(tsd_tsdn(tsd),
+			    *(tbin->avail - 1 - i));
+		}
 	}
-#else
-	tbin_extents_lookup_size_check(tsd_tsdn(tsd), tbin, binind, nflush,
-	    item_extent);
-#endif
 	while (nflush > 0) {
 		/* Lock the arena bin associated with the first object. */
 		extent_t *extent = item_extent[0];