Question about the spare chunk
Jason Evans
jasone at canonware.com
Wed Dec 3 15:41:45 PST 2014
On Dec 3, 2014, at 6:17 AM, cee1 <fykcee1 at gmail.com> wrote:
> I'm learning the code of jemalloc 3.6.0, I find in arena_run_dalloc()
> """
> if (size == arena_maxclass)
> arena_chunk_dealloc(arena, chunk);
> """
>
> And in arena_chunk_dealloc():
> """
> if (arena->spare != NULL) {
> arena_chunk_t *spare = arena->spare;
>
> arena->spare = chunk;
> malloc_mutex_unlock(&arena->lock);
>
> chunk_dealloc((void *)spare, chunksize, true);
>
> malloc_mutex_lock(&arena->lock);
> """
>
> Here the old spare chunk is replaced by the new one and dealloced.
>
> The deallocating process is done without the lock protection. In this
> lockless period, is it possible another arena_chunk_dealloc running in
> another thread replaces and deallocates ** our new spare chunk ** ?
> Which is still in the chunks_dirty tree and will be accessed by the
> purge process later.
The chunk being passed to chunk_dealloc() has been completely dissociated from the arena prior to the malloc_mutex_unlock() call, so there's no way for it to be accessed by the arena again. If another thread concurrently calls into arena_chunk_dealloc() to deallocate the current spare, then the same logic holds for that chunk deallocation.
Jason
More information about the jemalloc-discuss
mailing list