From owner-svn-src-all@freebsd.org Fri Dec 18 10:09:21 2020 Return-Path: Delivered-To: svn-src-all@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id D8DFC4B47BC; Fri, 18 Dec 2020 10:09:21 +0000 (UTC) (envelope-from mw@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Cy4N15qxTz4V09; Fri, 18 Dec 2020 10:09:21 +0000 (UTC) (envelope-from mw@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id BB29D102B; Fri, 18 Dec 2020 10:09:21 +0000 (UTC) (envelope-from mw@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id 0BIA9LTt012742; Fri, 18 Dec 2020 10:09:21 GMT (envelope-from mw@FreeBSD.org) Received: (from mw@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id 0BIA9LvF012741; Fri, 18 Dec 2020 10:09:21 GMT (envelope-from mw@FreeBSD.org) Message-Id: <202012181009.0BIA9LvF012741@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: mw set sender to mw@FreeBSD.org using -f From: Marcin Wojtas Date: Fri, 18 Dec 2020 10:09:21 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r368756 - head/contrib/jemalloc/src X-SVN-Group: head X-SVN-Commit-Author: mw X-SVN-Commit-Paths: head/contrib/jemalloc/src X-SVN-Commit-Revision: 368756 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Dec 2020 10:09:21 -0000 Author: mw Date: Fri Dec 18 10:09:21 2020 New Revision: 368756 URL: https://svnweb.freebsd.org/changeset/base/368756 Log: Fix abort in jemalloc extent coalescing. Fix error in extent_try_coalesce_impl(), which could cause abort to happen when trying to coalesce extents backwards. The error could happen because of how extent_before_get() function works. This function gets address of previous extent, by subtracting page size from current extent address. If current extent is located at PAGE_SIZE offset, this address resolved to 0x0000. An assertion in rtree_leaf_elm_lookup then caused the running program to abort. This problem was discovered when trying to build world on 32-bit machines with ASLR and PIE enabled. The problem was encountered on armv7 and i386 machines, but most likely other 32-bit architectures are affected as well. While this patch fixes one problem with buildworld on 32-bit platforms with ASLR, the build still fails, however it happens much later and due to lack of memory. The change is aligned with accepted fix in the upstream Jemalloc repository (https://github.com/jemalloc/jemalloc/pull/1973). As it doesn't apply on top of Jemalloc tree, its updated version was eventually merged: https://github.com/jemalloc/jemalloc/pull/2003 PR: 249937 Submitted by: Dawid Gorecki Obtained from: Semihalf Sponsored by: Stormshield Differential Revision: https://reviews.freebsd.org/D27025 Modified: head/contrib/jemalloc/src/extent.c Modified: head/contrib/jemalloc/src/extent.c ============================================================================== --- head/contrib/jemalloc/src/extent.c Fri Dec 18 10:08:11 2020 (r368755) +++ head/contrib/jemalloc/src/extent.c Fri Dec 18 10:09:21 2020 (r368756) @@ -1641,8 +1641,11 @@ extent_try_coalesce_impl(tsdn_t *tsdn, arena_t *arena, } /* Try to coalesce backward. */ - extent_t *prev = extent_lock_from_addr(tsdn, rtree_ctx, - extent_before_get(extent), inactive_only); + extent_t *prev = NULL; + if (extent_before_get(extent) != NULL) { + prev = extent_lock_from_addr(tsdn, rtree_ctx, + extent_before_get(extent), inactive_only); + } if (prev != NULL) { bool can_coalesce = extent_can_coalesce(arena, extents, extent, prev);