From patchwork Fri Mar  2 09:22:17 2012
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Kirill Batuzov <batuzovk@ispras.ru>
X-Patchwork-Id: 144164
Return-Path: <qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Received: from lists.gnu.org (lists.gnu.org [208.118.235.17])
	(using TLSv1 with cipher AES256-SHA (256/256 bits))
	(Client did not present a certificate)
	by ozlabs.org (Postfix) with ESMTPS id 86FB01007D9
	for <incoming@patchwork.ozlabs.org>;
	Fri,  2 Mar 2012 20:24:12 +1100 (EST)
Received: from localhost ([::1]:59382 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71) (envelope-from
	<qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org>)
	id 1S3Oig-0007V9-Cd
	for incoming@patchwork.ozlabs.org; Fri, 02 Mar 2012 04:24:10 -0500
Received: from eggs.gnu.org ([208.118.235.92]:55968)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <batuzovk@ispras.ru>) id 1S3OiV-0007Ux-Is
	for qemu-devel@nongnu.org; Fri, 02 Mar 2012 04:24:05 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <batuzovk@ispras.ru>) id 1S3Oi5-0003SU-3M
	for qemu-devel@nongnu.org; Fri, 02 Mar 2012 04:23:59 -0500
Received: from smtp.ispras.ru ([83.149.198.202]:59872)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <batuzovk@ispras.ru>) id 1S3Oi4-0003SJ-S1
	for qemu-devel@nongnu.org; Fri, 02 Mar 2012 04:23:33 -0500
Received: from bulbul.intra.ispras.ru (winnie.ispras.ru [83.149.198.236])
	by smtp.ispras.ru (Postfix) with ESMTP id 5500A5D4031;
	Fri,  2 Mar 2012 11:59:34 +0300 (MSK)
From: Kirill Batuzov <batuzovk@ispras.ru>
To: qemu-devel@nongnu.org
Date: Fri,  2 Mar 2012 13:22:17 +0400
Message-Id: <1330680137-6601-2-git-send-email-batuzovk@ispras.ru>
X-Mailer: git-send-email 1.7.5.4
In-Reply-To: <1330680137-6601-1-git-send-email-batuzovk@ispras.ru>
References: <1330680137-6601-1-git-send-email-batuzovk@ispras.ru>
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6,
	seldom 2.4 (older, 4)
X-Received-From: 83.149.198.202
Cc: zhur@ispras.ru, Kirill Batuzov <batuzovk@ispras.ru>
Subject: [Qemu-devel] [PATCH 1/1] Fix large memory chunks allocation with
	tcg_malloc.
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org
Sender: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org

An attempt to allocate a large memory chunk after a small one resulted in
circular links in list of pools.  It caused the same memory being
allocated twice for different arrays.

Now pools for large memory chunks are kept in separate list and are
freed during pool reset because current allocator can not reuse them.

Signed-off-by: Kirill Batuzov <batuzovk@ispras.ru>
---
 tcg/tcg.c |   14 +++++++++-----
 tcg/tcg.h |    2 +-
 2 files changed, 10 insertions(+), 6 deletions(-)

diff --git a/tcg/tcg.c b/tcg/tcg.c
index 351a0a3..7db8340 100644
--- a/tcg/tcg.c
+++ b/tcg/tcg.c
@@ -173,11 +173,9 @@ void *tcg_malloc_internal(TCGContext *s, int size)
         /* big malloc: insert a new pool (XXX: could optimize) */
         p = g_malloc(sizeof(TCGPool) + size);
         p->size = size;
-        if (s->pool_current)
-            s->pool_current->next = p;
-        else
-            s->pool_first = p;
-        p->next = s->pool_current;
+        p->next = s->pool_first_large;
+        s->pool_first_large = p;
+        return p->data;
     } else {
         p = s->pool_current;
         if (!p) {
@@ -208,6 +206,12 @@ void *tcg_malloc_internal(TCGContext *s, int size)
 
 void tcg_pool_reset(TCGContext *s)
 {
+    TCGPool *p, *t;
+    for (p = s->pool_first_large; p; p = t) {
+        t = p->next;
+        g_free(p);
+    }
+    s->pool_first_large = NULL;
     s->pool_cur = s->pool_end = NULL;
     s->pool_current = NULL;
 }
diff --git a/tcg/tcg.h b/tcg/tcg.h
index 5c28239..48d3f17 100644
--- a/tcg/tcg.h
+++ b/tcg/tcg.h
@@ -337,7 +337,7 @@ typedef struct TCGContext TCGContext;
 
 struct TCGContext {
     uint8_t *pool_cur, *pool_end;
-    TCGPool *pool_first, *pool_current;
+    TCGPool *pool_first, *pool_current, *pool_first_large;
     TCGLabel *labels;
     int nb_labels;
     TCGTemp *temps; /* globals first, temps after */