bihash template: reinstate the check for the available memory in the arena

ffb14b9554afa1e58c3657e0c91dda3135008274 has changed the semantics
of alloc_arena_next to become an offset off alloc_arena, but
in the available memory check in BV (alloc_aligned) it still treats
it as a virtual address, resulting in the check always succeeding,
thus over a prolonged period bihash arena allocator
potentially overwriting whatever is following the arena.

Change-Id: I18882c5f340ca767a389e15cca2696a0a97ef015
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>

diff --git a/src/vppinfra/bihash_template.c b/src/vppinfra/bihash_template.c
index 882f81c..2571c47 100644 (file)
--- a/src/vppinfra/bihash_template.c
+++ b/src/vppinfra/bihash_template.c
@@ -26,7 +26,7 @@ static inline void *BV (alloc_aligned) (BVT (clib_bihash) * h, uword nbytes)
   rv = alloc_arena_next (h);
   alloc_arena_next (h) += nbytes;
 
-  if (rv >= (alloc_arena (h) + alloc_arena_size (h)))
+  if (rv >= alloc_arena_size (h))
     os_out_of_memory ();
 
   return (void *) (uword) (rv + alloc_arena (h));

diff --git a/src/vppinfra/bihash_template.h b/src/vppinfra/bihash_template.h
index 6ce3da7..98dcf14 100644 (file)
--- a/src/vppinfra/bihash_template.h
+++ b/src/vppinfra/bihash_template.h
@@ -95,9 +95,9 @@ STATIC_ASSERT_SIZEOF (BVT (clib_bihash_bucket), sizeof (u64));
 typedef CLIB_PACKED (struct {
   /*
    * Backing store allocation. Since bihash manages its own
-   * freelists, we simple dole out memory at alloc_arena_next.
+   * freelists, we simple dole out memory starting from alloc_arena[alloc_arena_next].
    */
-  u64 alloc_arena_next;        /* Next VA to allocate, definitely NOT a constant */
+  u64 alloc_arena_next;        /* Next offset from alloc_arena to allocate, definitely NOT a constant */
   u64 alloc_arena_size;        /* Size of the arena */
   /* Two SVM pointers stored as 8-byte integers */
   u64 alloc_lock_as_u64;