Ping? Somebody please review this patch... And whom should I Cc in case of changes to tcg/ ? File MAINTAINERS lists only qemu-devel for this subsystem.
On Fri, 2 Mar 2012, Kirill Batuzov wrote: > Currently large memory chunk allocation with tcg_malloc is broken. An attempt > to allocate such chunk when pool_current field of TCGContext is not NULL will > result in circular links in list of memory pools: > > p = new pool; > s->pool_current->next = p; > p->next = s->pool_current; > (in tcg_malloc_internal) > > Later p became a current pool, and current pool became next pool. Next > tcg_malloc will switch current pool to next pool ('previous' current pool) > and will start allocating memory from it's beginning. But some memory in > the beginning of this pool was already allocated and will be used twice > for different arrays. > > At the end of this cover letter there is a patch that demonstrates the > problem. It breaks current trunk on the first translation block containing > labels. > > Large memory pools can not be reused by memory allocator for big allocations > and an attempt to reuse them for small allocations may result in an infinite > increase of memory consumption during run time. Memory consumption would > increase every time a new large chunk of memory is allocated. If code > allocates such chunk on every translation block (like patch at the end of this > letter do) then memory consumption would increase with every new block > translated. > > My fix for the problems mentioned above is in the second e-mail. I moved > large > memory pools to a separate list and free them on pool_reset. > > By the way: is there any particular reason for labels array in TCGContex to be > allocated dynamically? It has constant size and is allocated unconditionally > for each translation block. > > Kirill Batuzov (1): > Fix large memory chunks allocation with tcg_malloc. > > tcg/tcg.c | 14 +++++++++----- > tcg/tcg.h | 2 +- > 2 files changed, 10 insertions(+), 6 deletions(-) > > --- > diff --git a/tcg/tcg.c b/tcg/tcg.c > index 351a0a3..6dd54e6 100644 > --- a/tcg/tcg.c > +++ b/tcg/tcg.c > @@ -265,6 +265,8 @@ void tcg_set_frame(TCGContext *s, int reg, > s->frame_reg = reg; > } > > +uint8_t *p; > + > void tcg_func_start(TCGContext *s) > { > int i; > @@ -273,6 +275,7 @@ void tcg_func_start(TCGContext *s) > for(i = 0; i < (TCG_TYPE_COUNT * 2); i++) > s->first_free_temp[i] = -1; > s->labels = tcg_malloc(sizeof(TCGLabel) * TCG_MAX_LABELS); > + p = tcg_malloc(TCG_POOL_CHUNK_SIZE + 1); > s->nb_labels = 0; > s->current_frame_offset = s->frame_start; >