This is the mail archive of the glibc-bugs@sourceware.org mailing list for the glibc project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

[Bug malloc/15089] malloc_trim always trims for large padding


http://sourceware.org/bugzilla/show_bug.cgi?id=15089

--- Comment #2 from Thiago Ize <izetip at yahoo dot com> 2013-02-01 23:55:45 UTC ---
I didn't realize that when the result is converted to a long that it would give
the correct signed result (most of the time).  Shame on me.  However, I still
detect it doing the wrong thing for very large pad sizes, such as (size_t)-1,
combined with when there are more than 1 pages that can be released.  I wrote a
little test program to make sure this time:

      const size_t pagesz = 4096;
      const size_t MINSIZE = 8;

      long top_size = 12800;
      size_t pad = -1;

      long extra_bad = (top_size - pad - MINSIZE - 1) & ~(pagesz - 1);

      long x = top_size - ((long)MINSIZE) - 1;
      long good_extra = x <= pad? -1 : (x - ((long)pad)) & ~(pagesz - 1);

      printf("top_size: %ld pad:%zu gives %ld %ld\n", top_size, pad,
good_extra, extra_bad);

It returns:
    top_size: 12800 pad:18446744073709551615 gives -1 12288
So clearly in this case it's doing the wrong thing.

Finally, just to prove this happens in the actual glibc code, here's a gdb
output from CentOS 6 (glibc 2.12) that shows extra is positive even though pad
> top_size:

Breakpoint 2, sYSTRIm (s=18446744073709551615) at malloc.c:3475
3475      if (extra > 0) {
3: pad = 18446744073709551615
2: extra = 12288
1: top_size = 13536

-- 
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]