From: Ian Lance Taylor Date: Thu, 9 Jan 2014 23:00:00 +0000 (-0800) Subject: runtime: fix 32-bit malloc for pointers >= 0x80000000 X-Git-Tag: go1.3beta1~1016 X-Git-Url: http://www.git.cypherpunks.su/?a=commitdiff_plain;h=8da8b37674732ca4532dabcabe7f495b3d6455e9;p=gostls13.git runtime: fix 32-bit malloc for pointers >= 0x80000000 The spans array is allocated in runtime·mallocinit. On a 32-bit system the number of entries in the spans array is MaxArena32 / PageSize, which (2U << 30) / (1 << 12) == (1 << 19). So we are allocating an array that can hold 19 bits for an index that can hold 20 bits. According to the comment in the function, this is intentional: we only allocate enough spans (and bitmaps) for a 2G arena, because allocating more would probably be wasteful. But since the span index is simply the upper 20 bits of the memory address, this scheme only works if memory addresses are limited to the low 2G of memory. That would be OK if we were careful to enforce it, but we're not. What we are careful to enforce, in functions like runtime·MHeap_SysAlloc, is that we always return addresses between the heap's arena_start and arena_start + MaxArena32. We generally get away with it because we start allocating just after the program end, so we only run into trouble with programs that allocate a lot of memory, enough to get past address 0x80000000. This changes the code that computes a span index to subtract arena_start on 32-bit systems just as we currently do on 64-bit systems. R=golang-codereviews, rsc CC=golang-codereviews https://golang.org/cl/49460043 --- diff --git a/src/pkg/runtime/malloc.goc b/src/pkg/runtime/malloc.goc index 9a25029586..f83e498293 100644 --- a/src/pkg/runtime/malloc.goc +++ b/src/pkg/runtime/malloc.goc @@ -593,8 +593,7 @@ runtime·settype_flush(M *mp) // (Manually inlined copy of runtime·MHeap_Lookup) p = (uintptr)v>>PageShift; - if(sizeof(void*) == 8) - p -= (uintptr)runtime·mheap.arena_start >> PageShift; + p -= (uintptr)runtime·mheap.arena_start >> PageShift; s = runtime·mheap.spans[p]; if(s->sizeclass == 0) { diff --git a/src/pkg/runtime/mgc0.c b/src/pkg/runtime/mgc0.c index 8014fe4689..9b7d013700 100644 --- a/src/pkg/runtime/mgc0.c +++ b/src/pkg/runtime/mgc0.c @@ -292,8 +292,7 @@ markonly(void *obj) // (Manually inlined copy of MHeap_LookupMaybe.) k = (uintptr)obj>>PageShift; x = k; - if(sizeof(void*) == 8) - x -= (uintptr)runtime·mheap.arena_start>>PageShift; + x -= (uintptr)runtime·mheap.arena_start>>PageShift; s = runtime·mheap.spans[x]; if(s == nil || k < s->start || obj >= s->limit || s->state != MSpanInUse) return false; @@ -492,8 +491,7 @@ flushptrbuf(Scanbuf *sbuf) // (Manually inlined copy of MHeap_LookupMaybe.) k = (uintptr)obj>>PageShift; x = k; - if(sizeof(void*) == 8) - x -= (uintptr)arena_start>>PageShift; + x -= (uintptr)arena_start>>PageShift; s = runtime·mheap.spans[x]; if(s == nil || k < s->start || obj >= s->limit || s->state != MSpanInUse) continue; @@ -540,8 +538,7 @@ flushptrbuf(Scanbuf *sbuf) // Ask span about size class. // (Manually inlined copy of MHeap_Lookup.) x = (uintptr)obj >> PageShift; - if(sizeof(void*) == 8) - x -= (uintptr)arena_start>>PageShift; + x -= (uintptr)arena_start>>PageShift; s = runtime·mheap.spans[x]; PREFETCH(obj); @@ -658,8 +655,7 @@ checkptr(void *obj, uintptr objti) if(t == nil) return; x = (uintptr)obj >> PageShift; - if(sizeof(void*) == 8) - x -= (uintptr)(runtime·mheap.arena_start)>>PageShift; + x -= (uintptr)(runtime·mheap.arena_start)>>PageShift; s = runtime·mheap.spans[x]; objstart = (byte*)((uintptr)s->start<sizeclass != 0) { diff --git a/src/pkg/runtime/mheap.c b/src/pkg/runtime/mheap.c index 1a926a413b..c77772afbe 100644 --- a/src/pkg/runtime/mheap.c +++ b/src/pkg/runtime/mheap.c @@ -74,8 +74,7 @@ runtime·MHeap_MapSpans(MHeap *h) // Map spans array, PageSize at a time. n = (uintptr)h->arena_used; - if(sizeof(void*) == 8) - n -= (uintptr)h->arena_start; + n -= (uintptr)h->arena_start; n = n / PageSize * sizeof(h->spans[0]); n = ROUND(n, PageSize); if(h->spans_mapped >= n) @@ -169,8 +168,7 @@ HaveSpan: runtime·MSpan_Init(t, s->start + npage, s->npages - npage); s->npages = npage; p = t->start; - if(sizeof(void*) == 8) - p -= ((uintptr)h->arena_start>>PageShift); + p -= ((uintptr)h->arena_start>>PageShift); if(p > 0) h->spans[p-1] = s; h->spans[p] = t; @@ -188,8 +186,7 @@ HaveSpan: s->elemsize = (sizeclass==0 ? s->npages<types.compression = MTypes_Empty; p = s->start; - if(sizeof(void*) == 8) - p -= ((uintptr)h->arena_start>>PageShift); + p -= ((uintptr)h->arena_start>>PageShift); for(n=0; nspans[p+n] = s; return s; @@ -257,8 +254,7 @@ MHeap_Grow(MHeap *h, uintptr npage) s = runtime·FixAlloc_Alloc(&h->spanalloc); runtime·MSpan_Init(s, (uintptr)v>>PageShift, ask>>PageShift); p = s->start; - if(sizeof(void*) == 8) - p -= ((uintptr)h->arena_start>>PageShift); + p -= ((uintptr)h->arena_start>>PageShift); h->spans[p] = s; h->spans[p + s->npages - 1] = s; s->state = MSpanInUse; @@ -275,8 +271,7 @@ runtime·MHeap_Lookup(MHeap *h, void *v) uintptr p; p = (uintptr)v; - if(sizeof(void*) == 8) - p -= (uintptr)h->arena_start; + p -= (uintptr)h->arena_start; return h->spans[p >> PageShift]; } @@ -297,8 +292,7 @@ runtime·MHeap_LookupMaybe(MHeap *h, void *v) return nil; p = (uintptr)v>>PageShift; q = p; - if(sizeof(void*) == 8) - q -= (uintptr)h->arena_start >> PageShift; + q -= (uintptr)h->arena_start >> PageShift; s = h->spans[q]; if(s == nil || p < s->start || v >= s->limit || s->state != MSpanInUse) return nil; @@ -345,8 +339,7 @@ MHeap_FreeLocked(MHeap *h, MSpan *s) // Coalesce with earlier, later spans. p = s->start; - if(sizeof(void*) == 8) - p -= (uintptr)h->arena_start >> PageShift; + p -= (uintptr)h->arena_start >> PageShift; if(p > 0 && (t = h->spans[p-1]) != nil && t->state != MSpanInUse) { if(t->npreleased == 0) { // cant't touch this otherwise tp = (uintptr*)(t->start<