| Title | Incorrect accounting in MVT |
| Status | closed |
| Priority | nice |
| Assigned user | Gareth Rees |
| Organization | Ravenbrook |
| Description | If you add the following line near the beginning of MVTSegFree: AVER(mvt->available >= size); then the assertion goes off in some test cases, for example on OS X, mv2test fails in the cool variety with seed 143235344. It seems that the accounting information is not being kept up to date. |
| Analysis | This was discovered by compiling with Clang/LLVM 3.4's -fsanitize=undefined option and then running the test suite. GDB shows that this only happens in MVTFinish. In MVTFinish, we free all the remaining segments, but there's no way of discovering at this point which segments had fragmented (unavailable) space due to containing a single (big) object. So we mustn't call MVTSegFree from MVTFinish: we can't do the accounting correctly. We should call SegFree directly. |
| How found | automated_test |
| Evidence | None as yet. |
| Created by | Gareth Rees |
| Created on | 2013-10-26 19:40:52 |
| Last modified by | Gareth Rees |
| Last modified on | 2013-10-30 13:15:09 |
| History | 2013-10-26 GDR Created. |
| Change | Effect | Date | User | Description |
|---|---|---|---|---|
| 183610 | closed | 2013-10-30 13:15:09 | Gareth Rees | Don't call MVTSegFree from MVTFinish: we don't know whether or not there was any fragmented (unavailable) space in this segment, and so we can't keep the accounting correct. Add assertion in MVTSegFree that detects incorrect accounting. |