From 62536afb90ebb3d7421485c018abd90ba72b919c Mon Sep 17 00:00:00 2001 From: "Barton E. Schaefer" Date: Sat, 18 Jan 2014 21:22:11 -0800 Subject: [PATCH 1/2] 32285: restart the fheap search in freeheap if the current fheap arena is about to be discarded; fixes crash Upstream-commit: 23f98c3e1d4792e32c616e1f73c383988bd86a9c Signed-off-by: Kamil Dudka --- Src/mem.c | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/Src/mem.c b/Src/mem.c index aeca3d9..eb5a091 100644 --- a/Src/mem.c +++ b/Src/mem.c @@ -367,6 +367,15 @@ freeheap(void) } #endif } else { + if (h == fheap && h != heaps) { + /* + * When deallocating the last arena with free space, + * loop back through the list to find another one. + */ + fheap = NULL; + hn = heaps; + continue; + } #ifdef USE_MMAP munmap((void *) h, h->size); #else -- 2.13.5 From d968fe1061acabd72465a276c2de060f0f8bb668 Mon Sep 17 00:00:00 2001 From: "Barton E. Schaefer" Date: Wed, 22 Jan 2014 21:47:29 -0800 Subject: [PATCH 2/2] unposted: reformulate 32285 to lift the fheap->sp test out of the loop, improve commentary Upstream-commit: 6c603a412751c810ba04bcd463cd3595091ca391 Signed-off-by: Kamil Dudka --- Src/mem.c | 24 +++++++++--------------- 1 file changed, 9 insertions(+), 15 deletions(-) diff --git a/Src/mem.c b/Src/mem.c index eb5a091..3a7e31d 100644 --- a/Src/mem.c +++ b/Src/mem.c @@ -319,23 +319,26 @@ freeheap(void) h_free++; #endif - /* At this point we used to do: - fheap = NULL; - * + /* * When pushheap() is called, it sweeps over the entire heaps list of * arenas and marks every one of them with the amount of free space in * that arena at that moment. zhalloc() is then allowed to grab bits * out of any of those arenas that have free space. * - * With the above reset of fheap, the loop below sweeps back over the + * Whenever fheap is NULL here, the loop below sweeps back over the * entire heap list again, resetting the free space in every arena to * the amount stashed by pushheap() and finding the first arena with * free space to optimize zhalloc()'s next search. When there's a lot * of stuff already on the heap, this is an enormous amount of work, * and performance goes to hell. * - * However, there doesn't seem to be any reason to reset fheap before - * beginning this loop. Either it's already correct, or it has never + * However, if the arena to which fheap points is unused, we want to + * free it, so we have no choice but to do the sweep for a new fheap. + */ + if (fheap && !fheap->sp) + fheap = NULL; /* We used to do this unconditionally */ + /* + * In other cases, either fheap is already correct, or it has never * been set and this loop will do it, or it'll be reset from scratch * on the next popheap(). So all that's needed here is to pick up * the scan wherever the last pass [or the last popheap()] left off. @@ -367,15 +370,6 @@ freeheap(void) } #endif } else { - if (h == fheap && h != heaps) { - /* - * When deallocating the last arena with free space, - * loop back through the list to find another one. - */ - fheap = NULL; - hn = heaps; - continue; - } #ifdef USE_MMAP munmap((void *) h, h->size); #else -- 2.13.5