[sr-dev] git:kamailio_3.0: mem: fix f_malloc big fragments bug

Module: sip-router Branch: kamailio_3.0 Commit: 0822a9caf751d2fb28ac398fd60cc2583308aa94 URL: http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=0822a9c… Author: Andrei Pelinescu-Onciul &lt;andrei(a)iptel.org&gt; Committer: Andrei Pelinescu-Onciul &lt;andrei(a)iptel.org&gt; Date: Thu Mar 11 21:08:20 2010 +0100 mem: fix f_malloc big fragments bug In some situation, when dealing with several big free fragments (>16k) f_malloc would wrongly choose a fragment with a smaller size then requested. This would create the impression that someone arbitrarily overwrites the memory. First symptoms were some tls crashes reported by Klaus Darilion klaus.darilion(a)nic.at. Reproduced using the malloc_test module. (cherry picked from commit c7099d0a1204120277cf662cc05ab35180d89538) --- mem/f_malloc.c | 4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-) diff --git a/mem/f_malloc.c b/mem/f_malloc.c index c49a252..2c05fe6 100644 --- a/mem/f_malloc.c +++ b/mem/f_malloc.c @@ -337,7 +337,7 @@ void* fm_malloc(struct fm_block* qm, unsigned long size) hash=fm_bmp_first_set(qm, GET_HASH(size)); if (likely(hash>=0)){ f=&(qm->free_hash[hash].first); - if (likely(hash<=F_MALLOC_OPTIMIZE)) /* return first match */ + if (likely(hash<=F_MALLOC_OPTIMIZE/ROUNDTO)) /* return first match */ goto found; for(;(*f); f=&((*f)->u.nxt_free)) if ((*f)->size>=size) goto found; @@ -346,7 +346,7 @@ void* fm_malloc(struct fm_block* qm, unsigned long size) for(hash=GET_HASH(size);hash<F_HASH_SIZE;hash++){ f=&(qm->free_hash[hash].first); #if 0 - if (likely(hash<=F_MALLOC_OPTIMIZE)) /* return first match */ + if (likely(hash<=F_MALLOC_OPTIMIZE/ROUNDTO)) /* return first match */ goto found; #endif for(;(*f); f=&((*f)->u.nxt_free))