From patchwork Fri Mar  2 09:22:16 2012
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Kirill Batuzov <batuzovk@ispras.ru>
X-Patchwork-Id: 144163
Return-Path: <qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Received: from lists.gnu.org (lists.gnu.org [208.118.235.17])
	(using TLSv1 with cipher AES256-SHA (256/256 bits))
	(Client did not present a certificate)
	by ozlabs.org (Postfix) with ESMTPS id 697151007D3
	for <incoming@patchwork.ozlabs.org>;
	Fri,  2 Mar 2012 20:23:50 +1100 (EST)
Received: from localhost ([::1]:58041 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71) (envelope-from
	<qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org>)
	id 1S3OiK-0006pX-6R
	for incoming@patchwork.ozlabs.org; Fri, 02 Mar 2012 04:23:48 -0500
Received: from eggs.gnu.org ([208.118.235.92]:56597)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <batuzovk@ispras.ru>) id 1S3Ohq-0006pH-Ki
	for qemu-devel@nongnu.org; Fri, 02 Mar 2012 04:23:42 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <batuzovk@ispras.ru>) id 1S3Ohk-0003PX-Dd
	for qemu-devel@nongnu.org; Fri, 02 Mar 2012 04:23:18 -0500
Received: from smtp.ispras.ru ([83.149.198.202]:59870)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <batuzovk@ispras.ru>) id 1S3Ohk-0003Nm-1X
	for qemu-devel@nongnu.org; Fri, 02 Mar 2012 04:23:12 -0500
Received: from bulbul.intra.ispras.ru (winnie.ispras.ru [83.149.198.236])
	by smtp.ispras.ru (Postfix) with ESMTP id 9ED6F5D4031;
	Fri,  2 Mar 2012 11:59:01 +0300 (MSK)
From: Kirill Batuzov <batuzovk@ispras.ru>
To: qemu-devel@nongnu.org
Date: Fri,  2 Mar 2012 13:22:16 +0400
Message-Id: <1330680137-6601-1-git-send-email-batuzovk@ispras.ru>
X-Mailer: git-send-email 1.7.5.4
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6,
	seldom 2.4 (older, 4)
X-Received-From: 83.149.198.202
Cc: zhur@ispras.ru, Kirill Batuzov <batuzovk@ispras.ru>
Subject: [Qemu-devel] [PATCH 0/1] Fix large memory chunks allocation with
	tcg_malloc
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org
Sender: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org

Currently large memory chunk allocation with tcg_malloc is broken.  An attempt
to allocate such chunk when pool_current field of TCGContext is not NULL will
result in circular links in list of memory pools:

p = new pool;
s->pool_current->next = p;
p->next = s->pool_current;
(in tcg_malloc_internal)

Later p became a current pool, and current pool became next pool.  Next
tcg_malloc will switch current pool to next pool ('previous' current pool)
and will start allocating memory from it's beginning.  But some memory in
the beginning of this pool was already allocated and will be used twice
for different arrays.

At the end of this cover letter there is a patch that demonstrates the
problem.  It breaks current trunk on the first translation block containing
labels.

Large memory pools can not be reused by memory allocator for big allocations
and an attempt to reuse them for small allocations may result in an infinite
increase of memory consumption during run time.  Memory consumption would
increase every time a new large chunk of memory is allocated.  If code
allocates such chunk on every translation block (like patch at the end of this
letter do) then memory consumption would increase with every new block
translated.

My fix for the problems mentioned above is in the second e-mail.  I moved large
memory pools to a separate list and free them on pool_reset.

By the way: is there any particular reason for labels array in TCGContex to be
allocated dynamically?  It has constant size and is allocated unconditionally
for each translation block.

Kirill Batuzov (1):
  Fix large memory chunks allocation with tcg_malloc.

 tcg/tcg.c |   14 +++++++++-----
 tcg/tcg.h |    2 +-
 2 files changed, 10 insertions(+), 6 deletions(-)

diff --git a/tcg/tcg.c b/tcg/tcg.c
index 351a0a3..6dd54e6 100644
--- a/tcg/tcg.c
+++ b/tcg/tcg.c
@@ -265,6 +265,8 @@ void tcg_set_frame(TCGContext *s, int reg,
     s->frame_reg = reg;
 }
 
+uint8_t *p;
+
 void tcg_func_start(TCGContext *s)
 {
     int i;
@@ -273,6 +275,7 @@ void tcg_func_start(TCGContext *s)
     for(i = 0; i < (TCG_TYPE_COUNT * 2); i++)
         s->first_free_temp[i] = -1;
     s->labels = tcg_malloc(sizeof(TCGLabel) * TCG_MAX_LABELS);
+    p = tcg_malloc(TCG_POOL_CHUNK_SIZE + 1);
     s->nb_labels = 0;
     s->current_frame_offset = s->frame_start;
-- 
1.7.5.4