Module: sip-router
Branch: master
Commit: c7099d0a1204120277cf662cc05ab35180d89538
URL:
http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=c7099d0…
Author: Andrei Pelinescu-Onciul <andrei(a)iptel.org>
Committer: Andrei Pelinescu-Onciul <andrei(a)iptel.org>
Date: Thu Mar 11 21:08:20 2010 +0100
mem: fix f_malloc big fragments bug
In some situation, when dealing with several big free fragments
(>16k) f_malloc would wrongly choose a fragment with a smaller
size then requested. This would create the impression that someone
arbitrarily overwrites the memory.
First symptoms were some tls crashes reported by
Klaus Darilion klaus.darilion(a)nic.at.
Reproduced using the malloc_test module.
---
mem/f_malloc.c | 4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/mem/f_malloc.c b/mem/f_malloc.c
index c49a252..2c05fe6 100644
--- a/mem/f_malloc.c
+++ b/mem/f_malloc.c
@@ -337,7 +337,7 @@ void* fm_malloc(struct fm_block* qm, unsigned long size)
hash=fm_bmp_first_set(qm, GET_HASH(size));
if (likely(hash>=0)){
f=&(qm->free_hash[hash].first);
- if (likely(hash<=F_MALLOC_OPTIMIZE)) /* return first match */
+ if (likely(hash<=F_MALLOC_OPTIMIZE/ROUNDTO)) /* return first match */
goto found;
for(;(*f); f=&((*f)->u.nxt_free))
if ((*f)->size>=size) goto found;
@@ -346,7 +346,7 @@ void* fm_malloc(struct fm_block* qm, unsigned long size)
for(hash=GET_HASH(size);hash<F_HASH_SIZE;hash++){
f=&(qm->free_hash[hash].first);
#if 0
- if (likely(hash<=F_MALLOC_OPTIMIZE)) /* return first match */
+ if (likely(hash<=F_MALLOC_OPTIMIZE/ROUNDTO)) /* return first match */
goto found;
#endif
for(;(*f); f=&((*f)->u.nxt_free))