[Gc] Segfault in GC_mark_from
ktreichel at web.de
Mon Oct 27 11:37:54 PST 2008
i've found an inconsistency between GC_malloc_explicitly_typed and
The sizes of the blocks should be allocated in sizes of multiple
granules according to the docs.
That's changed in GC_malloc_explicitly_typed. In GC_generic_malloc the
size for large blocks is still rounded to words. (Line 166 in malloc.c).
I changed this line from
lw = ROUNDED_UP_WORDS(lb);
lw = GRANULES_TO_WORDS(ROUNDED_UP_GRANULES(lb));
The problem is that lw is used to clear portions of the memory allocated
while holding the lock that might be used for type descriptors.
Rounding to size of word can cause lw being one word too small resulting
that the location of the type descripror is not cleared while holding
the lock. This can result in false memory being used as type descriptor
if a collection starts before the block is really cleared.
My testcase is running for a while now without segfaulting but i'll let
it run for some time to be sure.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 197 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
Url : http://napali.hpl.hp.com/pipermail/gc/attachments/20081027/ffc02bdb/attachment.pgp
More information about the Gc