From 46971b81ee021c2ca19da8d65bdca8a61669ce41 Mon Sep 17 00:00:00 2001 From: Christopher Ferris Date: Fri, 22 Mar 2019 14:52:03 -0700 Subject: Fix bug trying to examine unused extents. Bug: 124264835 Test: Ran bionic unit tests. Test: Ran dumpsys -t 6000 meminfo --unreachable of chrome process without Test: crashing. Change-Id: I2cc66e443fa278621b9878a888c74f38efcb79eb --- src/android_je_iterate.c | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/src/android_je_iterate.c b/src/android_je_iterate.c index f0a4cc3e..ca776e00 100644 --- a/src/android_je_iterate.c +++ b/src/android_je_iterate.c @@ -34,6 +34,12 @@ int je_iterate(uintptr_t base, size_t size, continue; } + if (extent_szind_get_maybe_invalid(extent) >= NSIZES) { + // Ignore this unused extent. + ptr = (uintptr_t)extent_past_get(extent); + continue; + } + szind_t szind; bool slab; rtree_szind_slab_read(tsd_tsdn(tsd), &extents_rtree, rtree_ctx, ptr, true, &szind, &slab); @@ -56,8 +62,7 @@ int je_iterate(uintptr_t base, size_t size, callback(allocated_ptr, bin_size, arg); } } - } else if (extent_state_get(extent) == extent_state_active && - extent_szind_get_maybe_invalid(extent) < NSIZES) { + } else if (extent_state_get(extent) == extent_state_active) { // Large allocation. uintptr_t base_ptr = (uintptr_t)extent_addr_get(extent); if (ptr <= base_ptr) { -- cgit v1.2.3