pool curalloc bug

[GoogleCodeExporter]

somehow mainmem->curalloc wraps around to 4gb which is incorrect. the following 
program is a way to reproduce it.

#include <u.h>
#include <libc.h>

/*

8c curalloc.c
8l curalloc.8
p=`{8.out >[2=1] | awk '{ print $2 }' | tr -d : }
echo '*mainmem' | acid -lpool $p

-> curalloc 4294967016

*/

void
domalloc(int n)
{
    int i;
    void **a;

    a = mallocz(n * sizeof(void*), 1);

    for(i = 0; i < n; i++){
        a[i] = malloc(1024*10);
    }

    for(i = 0; i < n; i++){
        free(a[i]);
    }

    free(a);
}

void
main(int argc, char *argv[])
{
    ARGBEGIN{
    }ARGEND

    domalloc(100);
    abort();
}

Original issue reported on code.google.com by mischief@offblast.org on 26 Feb 2015 at 12:56

[GoogleCodeExporter]

Original comment by mischief@offblast.org on 26 Feb 2015 at 12:56

[GoogleCodeExporter]

this is a little simpler to debug because there are less allocs.

#include <u.h>
#include <libc.h>

/*

8c curalloc.c
8l curalloc.8
p=`{8.out >[2=1] | awk '{ print $2 }' | tr -d : }
echo '*mainmem' | acid -lpool $p

-> curalloc 4294967016

*/

void
domalloc(int n)
{
    int i;
    void **a;

    a = mallocz(n * sizeof(void*), 1);

    for(i = 0; i < n; i++){
        a[i] = malloc(1024*1024*5);
    }

    for(i = 0; i < n; i++){
        free(a[i]);
    }

    free(a);
}

void
main(int argc, char *argv[])
{
    ARGBEGIN{
    }ARGEND

    domalloc(2);
    abort();
}

Original comment by mischief@offblast.org on 26 Feb 2015 at 2:30

[GoogleCodeExporter]

excellent, found it and should be fixed with rdd392df17488

Original comment by cinap_le...@felloff.net on 26 Feb 2015 at 9:34

• Changed state: NeedsTesting

[GoogleCodeExporter]

i added code to /sys/lib/acid/leak checking for this in r4492b1ae031f:

echo 'blocksummary()' | acid -lpool -lleak $pid

Original comment by cinap_le...@felloff.net on 26 Feb 2015 at 9:36

[GoogleCodeExporter]

curalloc    0

perfect.

Original comment by mischief@offblast.org on 26 Feb 2015 at 10:22

• Changed state: Fixed