This is the mail archive of the
glibc-bugs@sourceware.org
mailing list for the glibc project.
[Bug malloc/19048] New: Avoid corruption of free_list
- From: "paulo.cesar.pereira.de.andrade at gmail dot com" <sourceware-bugzilla at sourceware dot org>
- To: glibc-bugs at sourceware dot org
- Date: Thu, 01 Oct 2015 21:13:04 +0000
- Subject: [Bug malloc/19048] New: Avoid corruption of free_list
- Auto-submitted: auto-generated
https://sourceware.org/bugzilla/show_bug.cgi?id=19048
Bug ID: 19048
Summary: Avoid corruption of free_list
Product: glibc
Version: unspecified
Status: NEW
Severity: normal
Priority: P2
Component: malloc
Assignee: unassigned at sourceware dot org
Reporter: paulo.cesar.pereira.de.andrade at gmail dot com
Target Milestone: ---
Created attachment 8666
--> https://sourceware.org/bugzilla/attachment.cgi?id=8666&action=edit
0001-Avoid-corruption-of-free_list.patch
When a thread leaves, arena_thread_freeres is called, the malloc
arena associated with the thread is added to the head of free_list,
and free_list set to the arena of the exiting thread.
A common problem can be described as:
1. thread "t1" uses arena "a"
2. thread "t2" uses arena "a"
3. "t1" exit, making:
a->next_free = free_list;
free_list = a;
4. "t2" exits, but since free_list == a, it ends with
free_list->next_free = free_list;
When a program has several short lived threads, and most commonly
when there are more threads than arenas, one arena will end up being
used by most threads, causing significant contention.
--
You are receiving this mail because:
You are on the CC list for the bug.