Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

HANG: os_heap_reserve_in_region incorrectly thinks a large alloc spanning the end of the requested region is a match #2557

Closed
derekbruening opened this issue Jul 21, 2017 · 0 comments
Closed

HANG: os_heap_reserve_in_region incorrectly thinks a large alloc spanning the end of the requested region is a match #2557

derekbruening opened this issue Jul 21, 2017 · 0 comments
Assignees
@derekbruening
Labels
Bug-Hang Hotlist-Release OpSys-Linux

Comments

@derekbruening
Copy link
Contributor

With a maps file something like this:

00400000-17d0f000 r-xp ... <application>
19c78000-c6998000 rw-p 00000000 00:00 0                                  [heap]
c6998000-c82e2000 rw-p 00000000 00:00 0                                  [heap]
c82e2000-c82e8000 rw-p 00000000 00:00 0                                  [heap]

During init with default options and the client statically linked into the application, we have:

vmm_heap_unit_init: preferred=0x0000000055bfc000, allow=0x0000000000000000-0x0000000093dfffff
os_heap_reserve_in_region: 536887296 bytes in 0x0000000000000000-0x0000000093dff000
os_heap_reserve_in_region: asked for 0x00000000c6998000 size=536887296 got error 2 
os_heap_reserve_in_region: asked for 0x00000000c6998000 size=536887296 got error 2 
os_heap_reserve_in_region: asked for 0x00000000c6998000 size=536887296 got error 2 
os_heap_reserve_in_region: asked for 0x00000000c6998000 size=536887296 got error 2 
os_heap_reserve_in_region: asked for 0x00000000c6998000 size=536887296 got error 2 
os_heap_reserve_in_region: asked for 0x00000000c6998000 size=536887296 got error 2 
...

It's an infinite loop. The code:

        if (iter.vm_start >= start &&
            MIN(iter.vm_start, end) - MAX(last_end, start) >= size) {

fails to also check that the gap it found is not occupied, when it spans the endpoint.
@derekbruening derekbruening self-assigned this Jul 21, 2017
derekbruening added a commit that referenced this issue Jul 21, 2017
@derekbruening
i#2557: fix fencepost error in find_free_memory_in_region()
b3619b2 
Fixes an error where find_free_memory_in_region() thinks that an occupied
region that spans the requested endpoint is free, resulting in an infinite
loop in os_heap_reserve_in_region().

Manually tested on the app whose maps file hit this.  (Creating a suite
test is non-trivial without a mock for the maps iterator.)

Fixes #2557
@derekbruening derekbruening mentioned this issue Jul 21, 2017
Merged
derekbruening added a commit that referenced this issue Jul 21, 2017
@derekbruening
i#2557: fix fencepost error in find_free_memory_in_region() (#2559)
1447613 
Fixes an error where find_free_memory_in_region() thinks that an occupied
region that spans the requested endpoint is free, resulting in an infinite
loop in os_heap_reserve_in_region().

Manually tested on the app whose maps file hit this.  (Creating a suite
test is non-trivial without a mock for the maps iterator.)

Fixes #2557
@derekbruening derekbruening mentioned this issue Aug 24, 2017
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@derekbruening derekbruening

Labels
Bug-Hang Hotlist-Release OpSys-Linux
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@derekbruening