gc.c -- possible logic error?

ruby-core@ruby-lang.org archive (unofficial mirror)
 help / color / mirror / Atom feed

From: Hugh Sasse <hgs@dmu.ac.uk>
To: Ruby Core Mailing list <ruby-core@ruby-lang.org>
Subject: gc.c -- possible logic error?
Date: Fri, 28 Sep 2007 21:57:22 +0900	[thread overview]
Message-ID: <Pine.GSO.4.64.0709281302390.26570@brains.eng.cse.dmu.ac.uk> (raw)

I've been looking at Tom Copeland's memory allocation problem:

http://tomcopeland.blogs.com/juniordeveloper/2007/09/tracking-down-a.html

which I've been able to reproduce for various data structures.
This lead me to rediscover _Why's wonderful "The Fully Upturned Bin":

http://whytheluckystiff.net/articles/theFullyUpturnedBin.html

clearly GC is not releasing the memory, even if this profiler

http://code.google.com/p/ruby-memory-profiler/source

shows that ObectSpace has forgotten about this data.
That's even when I wrap the offending declarations in a
1.times {...}
block so they drop out of scope afterwards.

So I look in gc.c at how heaps are allocated, and see that if 
heaps_used is > 0 then a heaps struct is realloc'ed to be larger.
Otherwise a new struct is malloc'ed.  Now, this "otherwise" case is
when heaps_used is non-positive, i.e. zero or negative. 

Let us suppose that heaps_used is -1.  Then a new heaps struct will be 
malloc'ed this time, heaps_used then incremented to 0.  Then next time
a new heaps struct will be malloc'ed, instead of being realloc'ed as
it should.  Thus there would be two malloc calls, and one never freed.

OK, but heaps_used should never get to be negative, should it?. True, I
can't see anywhere in gc.c where it could end up less than 0.
However, why is it declared to be of type int, instead of unsigned
int?  This is the flaw I'm seeing in the logic.  I'm wondering if
heaps_length and heap_slots.limit should also be unsigned as well?
I can't see when they'd need to be negative.

The patch below is against 1.8.6-p110.  I've not tested it yet,
because I thought someone more familiar with GC than I am (probably
most of you :-)) could stop me with a good reason not to go a long
way down that road.   The patch I *haven't* posted just changes the
heaps_used to unsigned int.  That may be better and gives the
possibility of bigger heaps, perhaps.  This patch just sets it
to zero in the non-positive case, it gets incremented to 1 later.

I still haven't figured out why GC.start isn't freeing the memory in
Tom's cases, though.

        Hugh

--- ruby-1.8.6-p110/gc.c.orig   2007-03-03 07:30:46.000000000 +0000
+++ ruby-1.8.6-p110/gc.c        2007-09-28 13:30:26.344839000 +0100
@@ -335,6 +335,7 @@
            }
            else {
                p = heaps = (struct heaps_slot *)malloc(length);
+               heaps_used = 0; /* incremented later */
            });
        if (p == 0) rb_memerror();
     }

next             reply	other threads:[~2007-09-28 13:00 UTC|newest]

Thread overview: 39+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2007-09-28 12:57 Hugh Sasse [this message]
2007-09-28 16:04 ` gc.c -- possible logic error? Yukihiro Matsumoto
2007-09-28 17:46   ` Hugh Sasse
2007-09-28 18:54     ` Hugh Sasse
2007-09-28 17:36 ` MenTaLguY
2007-09-28 17:58   ` Hugh Sasse
2007-09-28 18:49     ` MenTaLguY
2007-09-28 18:56       ` Hugh Sasse
2007-09-28 19:23       ` MenTaLguY
2007-09-28 20:54         ` Joel VanderWerf
2007-09-29  6:09   ` Yukihiro Matsumoto
2007-09-30  4:31 ` Tanaka Akira
2007-09-30  4:35   ` Tanaka Akira
2007-10-01 13:48 ` Sylvain Joyeux
2007-10-01 15:56   ` Hugh Sasse
2007-10-01 16:51 ` Tanaka Akira
2007-10-01 17:09   ` Hugh Sasse
2007-10-01 17:29     ` Tanaka Akira
2007-10-01 17:54       ` Hugh Sasse
2007-10-01 19:43         ` Berger, Daniel
2007-10-02 10:47           ` Hugh Sasse
2007-10-01 20:32         ` Eric Hodel
2007-10-02 11:16           ` Hugh Sasse
2007-10-02 18:47             ` Eric Hodel
2007-10-02 19:50               ` Hugh Sasse
2007-10-03 12:27               ` Hugh Sasse
2007-10-03 13:54                 ` Hugh Sasse
2007-10-03 15:56                 ` Eric Hodel
2007-10-01 17:34 ` Sylvain Joyeux
2007-10-01 18:08   ` Hugh Sasse
2007-10-02  7:36 ` Sylvain Joyeux
2007-10-02  9:26   ` Hugh Sasse
2007-10-02 13:58     ` Hugh Sasse
2007-10-02 16:29     ` Joel VanderWerf
2007-10-02 16:39       ` Hugh Sasse
2007-10-03  7:33 ` [SUMMARY] " Sylvain Joyeux
  -- strict thread matches above, loose matches on Subject: below --
2007-10-01 18:19 Brent Roman
2007-10-01 18:39 ` Hugh Sasse
2007-10-02  7:20 ` Sylvain Joyeux

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-list from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

  List information: https://www.ruby-lang.org/en/community/mailing-lists/

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=Pine.GSO.4.64.0709281302390.26570@brains.eng.cse.dmu.ac.uk \
    --to=ruby-core@ruby-lang.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).