Index: contrib/jemalloc/include/jemalloc/jemalloc.h =================================================================== --- contrib/jemalloc/include/jemalloc/jemalloc.h (revision 234543) +++ contrib/jemalloc/include/jemalloc/jemalloc.h (working copy) @@ -7,12 +7,12 @@ #include #include -#define JEMALLOC_VERSION "1.0.0-283-g606f1fdc3cdbc700717133ca56685313caea24bb" +#define JEMALLOC_VERSION "1.0.0-284-g8f0e0eb1c01d5d934586ea62e519ca8b8637aebc" #define JEMALLOC_VERSION_MAJOR 1 #define JEMALLOC_VERSION_MINOR 0 #define JEMALLOC_VERSION_BUGFIX 0 -#define JEMALLOC_VERSION_NREV 283 -#define JEMALLOC_VERSION_GID "606f1fdc3cdbc700717133ca56685313caea24bb" +#define JEMALLOC_VERSION_NREV 284 +#define JEMALLOC_VERSION_GID "8f0e0eb1c01d5d934586ea62e519ca8b8637aebc" #include "jemalloc_defs.h" #include "jemalloc_FreeBSD.h" Index: contrib/jemalloc/include/jemalloc/internal/chunk_mmap.h =================================================================== --- contrib/jemalloc/include/jemalloc/internal/chunk_mmap.h (revision 234543) +++ contrib/jemalloc/include/jemalloc/internal/chunk_mmap.h (working copy) @@ -11,7 +11,7 @@ void pages_purge(void *addr, size_t length); -void *chunk_alloc_mmap(size_t size, size_t alignment); +void *chunk_alloc_mmap(size_t size, size_t alignment, bool *zero); bool chunk_dealloc_mmap(void *chunk, size_t size); bool chunk_mmap_boot(void); Index: contrib/jemalloc/VERSION =================================================================== --- contrib/jemalloc/VERSION (revision 234543) +++ contrib/jemalloc/VERSION (working copy) @@ -1 +1 @@ -1.0.0-283-g606f1fdc3cdbc700717133ca56685313caea24bb +1.0.0-284-g8f0e0eb1c01d5d934586ea62e519ca8b8637aebc Index: contrib/jemalloc/src/chunk_dss.c =================================================================== --- contrib/jemalloc/src/chunk_dss.c (revision 234395) +++ contrib/jemalloc/src/chunk_dss.c (working copy) @@ -89,7 +89,6 @@ malloc_mutex_unlock(&dss_mtx); if (cpad_size != 0) chunk_dealloc(cpad, cpad_size, true); - *zero = true; return (ret); } } while (dss_prev != (void *)-1); Index: contrib/jemalloc/src/chunk_mmap.c =================================================================== --- contrib/jemalloc/src/chunk_mmap.c (revision 234543) +++ contrib/jemalloc/src/chunk_mmap.c (working copy) @@ -18,7 +18,7 @@ static void *pages_map(void *addr, size_t size); static void pages_unmap(void *addr, size_t size); static void *chunk_alloc_mmap_slow(size_t size, size_t alignment, - bool unaligned); + bool unaligned, bool *zero); /******************************************************************************/ @@ -87,7 +87,7 @@ } static void * -chunk_alloc_mmap_slow(size_t size, size_t alignment, bool unaligned) +chunk_alloc_mmap_slow(size_t size, size_t alignment, bool unaligned, bool *zero) { void *ret, *pages; size_t alloc_size, leadsize, trailsize; @@ -122,11 +122,13 @@ mmap_unaligned_tsd_set(&mu); } + assert(ret != NULL); + *zero = true; return (ret); } void * -chunk_alloc_mmap(size_t size, size_t alignment) +chunk_alloc_mmap(size_t size, size_t alignment, bool *zero) { void *ret; @@ -177,8 +179,8 @@ * the reliable-but-expensive method. */ pages_unmap(ret, size); - ret = chunk_alloc_mmap_slow(size, alignment, - true); + return (chunk_alloc_mmap_slow(size, alignment, + true, zero)); } else { /* Clean up unneeded leading space. */ pages_unmap(ret, chunksize - offset); @@ -187,8 +189,10 @@ } } } else - ret = chunk_alloc_mmap_slow(size, alignment, false); + return (chunk_alloc_mmap_slow(size, alignment, false, zero)); + assert(ret != NULL); + *zero = true; return (ret); } Index: contrib/jemalloc/src/chunk.c =================================================================== --- contrib/jemalloc/src/chunk.c (revision 234543) +++ contrib/jemalloc/src/chunk.c (working copy) @@ -125,16 +125,16 @@ ret = chunk_recycle(size, alignment, zero); if (ret != NULL) goto label_return; + + ret = chunk_alloc_mmap(size, alignment, zero); + if (ret != NULL) + goto label_return; + if (config_dss) { ret = chunk_alloc_dss(size, alignment, zero); if (ret != NULL) goto label_return; } - ret = chunk_alloc_mmap(size, alignment); - if (ret != NULL) { - *zero = true; - goto label_return; - } /* All strategies for allocation failed. */ ret = NULL; Index: contrib/jemalloc/ChangeLog =================================================================== --- contrib/jemalloc/ChangeLog (revision 234543) +++ contrib/jemalloc/ChangeLog (working copy) @@ -70,6 +70,8 @@ invalid statistics and crashes. - Work around TLS dallocation via free() on Linux. This bug could cause write-after-free memory corruption. + - Fix chunk_alloc_dss() to stop claiming memory is zeroed. This bug could + cause memory corruption and crashes with --enable-dss specified. - Fix malloc_stats_print() to honor 'b' and 'l' in the opts parameter. - Fix realloc(p, 0) to act like free(p). - Do not enforce minimum alignment in memalign(). Index: contrib/jemalloc/FREEBSD-diffs =================================================================== --- contrib/jemalloc/FREEBSD-diffs (revision 234543) +++ contrib/jemalloc/FREEBSD-diffs (working copy) @@ -1,5 +1,5 @@ diff --git a/doc/jemalloc.xml.in b/doc/jemalloc.xml.in -index f78f423..ce6df80 100644 +index e8a5722..cec85b5 100644 --- a/doc/jemalloc.xml.in +++ b/doc/jemalloc.xml.in @@ -51,12 +51,23 @@ Index: contrib/jemalloc/doc/jemalloc.3 =================================================================== --- contrib/jemalloc/doc/jemalloc.3 (revision 234543) +++ contrib/jemalloc/doc/jemalloc.3 (working copy) @@ -2,12 +2,12 @@ .\" Title: JEMALLOC .\" Author: Jason Evans .\" Generator: DocBook XSL Stylesheets v1.76.1 -.\" Date: 04/20/2012 +.\" Date: 04/21/2012 .\" Manual: User Manual -.\" Source: jemalloc 1.0.0-283-g606f1fdc3cdbc700717133ca56685313caea24bb +.\" Source: jemalloc 1.0.0-284-g8f0e0eb1c01d5d934586ea62e519ca8b8637aebc .\" Language: English .\" -.TH "JEMALLOC" "3" "04/20/2012" "jemalloc 1.0.0-283-g606f1fdc3c" "User Manual" +.TH "JEMALLOC" "3" "04/21/2012" "jemalloc 1.0.0-284-g8f0e0eb1c0" "User Manual" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- @@ -31,7 +31,7 @@ jemalloc \- general purpose memory allocation functions .SH "LIBRARY" .PP -This manual describes jemalloc 1\&.0\&.0\-283\-g606f1fdc3cdbc700717133ca56685313caea24bb\&. More information can be found at the +This manual describes jemalloc 1\&.0\&.0\-284\-g8f0e0eb1c01d5d934586ea62e519ca8b8637aebc\&. More information can be found at the \m[blue]\fBjemalloc website\fR\m[]\&\s-2\u[1]\d\s+2\&. .PP The following configuration options are enabled in libc\*(Aqs built\-in jemalloc: @@ -404,9 +404,9 @@ to obtain memory, which is suboptimal for several reasons, including race conditions, increased fragmentation, and artificial limitations on maximum usable memory\&. If \fB\-\-enable\-dss\fR is specified during configuration, this allocator uses both -\fBsbrk\fR(2) +\fBmmap\fR(2) and -\fBmmap\fR(2), in that order of preference; otherwise only +\fBsbrk\fR(2), in that order of preference; otherwise only \fBmmap\fR(2) is used\&. .PP