Re: [patch] malloc: size that was passed to free() should land into the same bucket

Ted Unangst Sun, 13 Dec 2015 11:48:06 -0800

Maxim Pugachev wrote:
> Currently two checks in free() function confirm the correctness of
> freedsize argument. I think that it's better to check that provided
> freedsize fall into the same bucket that was recorded in kmemusage
> struct: it covers both cases.


I don't know. This doesn't seem clearer to me. An error message with
bucket numbers isn't any more helpful.

> 
> 
> Index: sys/kern/kern_malloc.c
> ===================================================================
> RCS file: /cvs/src/sys/kern/kern_malloc.c,v
> retrieving revision 1.128
> diff -u -p -r1.128 kern_malloc.c
> --- sys/kern/kern_malloc.c      14 Mar 2015 03:38:50 -0000      1.128
> +++ sys/kern/kern_malloc.c      9 Dec 2015 17:54:30 -0000
> @@ -387,12 +387,10 @@ free(void *addr, int type, size_t freeds
>                 size = kup->ku_pagecnt << PAGE_SHIFT;
>         s = splvm();
>  #ifdef DIAGNOSTIC
> -       if (freedsize != 0 && freedsize > size)
> -               panic("free: size too large %zu > %ld (%p) type %s",
> -                   freedsize, size, addr, memname[type]);
> -       if (freedsize != 0 && size > MINALLOCSIZE && freedsize < size / 2)
> -               panic("free: size too small %zu < %ld / 2 (%p) type %s",
> -                   freedsize, size, addr, memname[type]);
> +       if (freedsize != 0 && kup->ku_indx != BUCKETINDX(freedsize))
> +               panic("free: size is wrong %zu (bucket %ld, should be
> %d) type %s",
> +                   freedsize, BUCKETINDX(freedsize),
> +                   kup->ku_indx, memname[type]);
>         /*
>          * Check for returns of data that do not point to the
>          * begi
>

Re: [patch] malloc: size that was passed to free() should land into the same bucket

Reply via email to