Module: sip-router Branch: master Commit: c7099d0a1204120277cf662cc05ab35180d89538 URL: http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=c7099d0a1204120277cf662cc05ab35180d89538
Author: Andrei Pelinescu-Onciul <[email protected]> Committer: Andrei Pelinescu-Onciul <[email protected]> Date: Thu Mar 11 21:08:20 2010 +0100 mem: fix f_malloc big fragments bug In some situation, when dealing with several big free fragments (>16k) f_malloc would wrongly choose a fragment with a smaller size then requested. This would create the impression that someone arbitrarily overwrites the memory. First symptoms were some tls crashes reported by Klaus Darilion [email protected]. Reproduced using the malloc_test module. --- mem/f_malloc.c | 4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-) diff --git a/mem/f_malloc.c b/mem/f_malloc.c index c49a252..2c05fe6 100644 --- a/mem/f_malloc.c +++ b/mem/f_malloc.c @@ -337,7 +337,7 @@ void* fm_malloc(struct fm_block* qm, unsigned long size) hash=fm_bmp_first_set(qm, GET_HASH(size)); if (likely(hash>=0)){ f=&(qm->free_hash[hash].first); - if (likely(hash<=F_MALLOC_OPTIMIZE)) /* return first match */ + if (likely(hash<=F_MALLOC_OPTIMIZE/ROUNDTO)) /* return first match */ goto found; for(;(*f); f=&((*f)->u.nxt_free)) if ((*f)->size>=size) goto found; @@ -346,7 +346,7 @@ void* fm_malloc(struct fm_block* qm, unsigned long size) for(hash=GET_HASH(size);hash<F_HASH_SIZE;hash++){ f=&(qm->free_hash[hash].first); #if 0 - if (likely(hash<=F_MALLOC_OPTIMIZE)) /* return first match */ + if (likely(hash<=F_MALLOC_OPTIMIZE/ROUNDTO)) /* return first match */ goto found; #endif for(;(*f); f=&((*f)->u.nxt_free)) _______________________________________________ sr-dev mailing list [email protected] http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-dev
