From owner-freebsd-current@FreeBSD.ORG Tue Jun 20 17:51:25 2006 Return-Path: X-Original-To: freebsd-current@freebsd.org Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CE57816A47A for ; Tue, 20 Jun 2006 17:51:25 +0000 (UTC) (envelope-from jasone@FreeBSD.org) Received: from lh.synack.net (lh.synack.net [204.152.188.37]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6CF1A43D46 for ; Tue, 20 Jun 2006 17:51:25 +0000 (GMT) (envelope-from jasone@FreeBSD.org) Received: by lh.synack.net (Postfix, from userid 100) id 15A3D5E4919; Tue, 20 Jun 2006 10:51:25 -0700 (PDT) Received: from [192.168.168.201] (70-37-200-108.losaca.adelphia.net [70.37.200.108]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by lh.synack.net (Postfix) with ESMTP id 9D2AB5E4912; Tue, 20 Jun 2006 10:51:23 -0700 (PDT) Message-ID: <44983598.7010108@FreeBSD.org> Date: Tue, 20 Jun 2006 10:51:20 -0700 From: Jason Evans User-Agent: Mozilla Thunderbird 1.0.8-1.4.1 (X11/20060420) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Ville-Pertti Keinonen References: <448FC3AF.9060606@bulinfo.net> <200606141023.51185.jhb@freebsd.org> <449048C7.6090109@FreeBSD.org> <0D175ABD-B494-48BD-9DBD-349DE3712913@exomi.com> In-Reply-To: <0D175ABD-B494-48BD-9DBD-349DE3712913@exomi.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Checker-Version: SpamAssassin 3.0.6 (2005-12-07) on lh.synack.net X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=none autolearn=failed version=3.0.6 Cc: freebsd-current@freebsd.org, Krassimir Slavchev Subject: Re: memory leak in free() X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 20 Jun 2006 17:51:25 -0000 Ville-Pertti Keinonen wrote: > > On Jun 14, 2006, at 8:35 PM, Jason Evans wrote: > >> Incidentally, this isn't an issue on 64-bit systems, since only mmap >> () is used to request memory from the kernel. > > > The test does seem to leak memory on 64-bit systems, though; not the > actual allocated bits, but support structures, namely nodes that > chunk_dealloc tries to insert into old_chunks but fails because a node > holding that address is already there. > > It should be possible to fix this either by removing any nodes within > range from old_chunks when allocating "new" memory, or by checking the > return value of RB_INSERT in chunk_dealloc, and deallocating the new > node if it returns non-NULL. > > A patch implementing the latter that seems to work: > > --- malloc.c 10 May 2006 00:07:45 -0000 1.126 > +++ malloc.c 19 Jun 2006 13:58:57 -0000 > @@ -1370,7 +1370,8 @@ > node->chunk = (void *)((uintptr_t)chunk + (uintptr_t) > offset); > node->size = chunk_size; > - RB_INSERT(chunk_tree_s, &old_chunks, node); > + if (RB_INSERT(chunk_tree_s, &old_chunks, node) != NULL) > + base_chunk_node_dealloc(node); > } > #ifdef USE_BRK Ah, you are right that there is a leak. I'm going to use a slightly different approach to fixing the problem, but thank you very much for pointing it out. Jason