Skip to content
  1. Oct 03, 2013
  2. Jun 03, 2013
  3. Mar 06, 2013
  4. Feb 06, 2013
  5. Feb 01, 2013
    • Jason Evans's avatar
      Fix Valgrind integration. · 06912756
      Jason Evans authored
      Fix Valgrind integration to annotate all internally allocated memory in
      a way that keeps Valgrind happy about internal data structure access.
      06912756
    • Jason Evans's avatar
      Fix a chunk recycling bug. · a7a28c33
      Jason Evans authored
      Fix a chunk recycling bug that could cause the allocator to lose track
      of whether a chunk was zeroed.  On FreeBSD, NetBSD, and OS X, it could
      cause corruption if allocating via sbrk(2) (unlikely unless running with
      the "dss:primary" option specified).  This was completely harmless on
      Linux unless using mlockall(2) (and unlikely even then, unless the
      --disable-munmap configure option or the "dss:primary" option was
      specified).  This regression was introduced in 3.1.0 by the
      mlockall(2)/madvise(2) interaction fix.
      a7a28c33
  6. Jan 31, 2013
    • Jason Evans's avatar
      Fix two quarantine bugs. · d0e942e4
      Jason Evans authored
      Internal reallocation of the quarantined object array leaked the old array.
      
      Reallocation failure for internal reallocation of the quarantined object
      array (very unlikely) resulted in memory corruption.
      d0e942e4
    • Jason Evans's avatar
      Fix potential TLS-related memory corruption. · bbe29d37
      Jason Evans authored
      Avoid writing to uninitialized TLS as a side effect of deallocation.
      Initializing TLS during deallocation is unsafe because it is possible
      that a thread never did any allocation, and that TLS has already been
      deallocated by the threads library, resulting in write-after-free
      corruption.  These fixes affect prof_tdata and quarantine; all other
      uses of TLS are already safe, whether intentionally (as for tcache) or
      unintentionally (as for arenas).
      bbe29d37
  7. Jan 23, 2013
  8. Dec 12, 2012
    • Jason Evans's avatar
      Fix chunk_recycle() Valgrind integration. · 1271185b
      Jason Evans authored
      Fix chunk_recycyle() to unconditionally inform Valgrind that returned
      memory is undefined.  This fixes Valgrind warnings that would result
      from a huge allocation being freed, then recycled for use as an arena
      chunk.  The arena code would write metadata to the chunk header, and
      Valgrind would consider these invalid writes.
      1271185b
  9. Nov 30, 2012
  10. Nov 09, 2012
  11. Nov 06, 2012
    • Jason Evans's avatar
      Purge unused dirty pages in a fragmentation-reducing order. · e3d13060
      Jason Evans authored
      Purge unused dirty pages in an order that first performs clean/dirty run
      defragmentation, in order to mitigate available run fragmentation.
      
      Remove the limitation that prevented purging unless at least one chunk
      worth of dirty pages had accumulated in an arena.  This limitation was
      intended to avoid excessive purging for small applications, but the
      threshold was arbitrary, and the effect of questionable utility.
      
      Relax opt_lg_dirty_mult from 5 to 3.  This compensates for increased
      likelihood of allocating clean runs, given the same ratio of clean:dirty
      runs, and reduces the potential for repeated purging in pathological
      large malloc/free loops that push the active:dirty page ratio just over
      the purge threshold.
      e3d13060
  12. Oct 17, 2012
  13. Oct 16, 2012
  14. May 24, 2012
  15. May 16, 2012
  16. May 15, 2012
  17. May 12, 2012
  18. May 11, 2012
    • Jason Evans's avatar
      Fix large calloc() zeroing bugs. · d8ceef6c
      Jason Evans authored
      Refactor code such that arena_mapbits_{large,small}_set() always
      preserves the unzeroed flag, and manually manipulate the unzeroed flag
      in the one case where it actually gets reset (in arena_chunk_purge()).
      This fixes unzeroed preservation bugs in arena_run_split() and
      arena_ralloc_large_grow().  These bugs caused large calloc() to return
      non-zeroed memory under some circumstances.
      d8ceef6c
  19. Apr 25, 2012
  20. Apr 23, 2012
  21. Apr 21, 2012
    • Jason Evans's avatar
      Fix a memory corruption bug in chunk_alloc_dss(). · 8f0e0eb1
      Jason Evans authored
      Fix a memory corruption bug in chunk_alloc_dss() that was due to
      claiming newly allocated memory is zeroed.
      
      Reverse order of preference between mmap() and sbrk() to prefer mmap().
      
      Clean up management of 'zero' parameter in chunk_alloc*().
      8f0e0eb1
  22. Apr 20, 2012
  23. Apr 18, 2012
  24. Apr 17, 2012
  25. Nov 15, 2011
  26. Nov 06, 2011
  27. Sep 01, 2011
  28. Jul 31, 2011
  29. Apr 01, 2011
  30. Mar 31, 2011
  31. Mar 22, 2011
  32. Mar 15, 2011