From 75c1e9a735c693a6985a7a1786116b5fe4044fd9 Mon Sep 17 00:00:00 2001
From: Andrei Pelinescu-Onciul <andrei@iptel.org>
Date: Fri, 12 Mar 2010 12:16:16 +0100
Subject: [PATCH] mem: fix real_used stats for realloc

A realloc that shrank an allocation accounted twice for the
fragment overhead. Basically each shrinking realloc would
introduce an error in the real_used mem stats, between 8 bytes
(f_malloc, no debugging, 32 bits) and up to 96 bytes (q_malloc
with debugging, 64 bits).
This bug concerns only the accounting part. It does not cause any
memory leak or any real runtime problem. It was introduced
in commit fb9d6e50 (2005).
---
 mem/f_malloc.c | 4 +++-
 mem/q_malloc.c | 7 +++++--
 2 files changed, 8 insertions(+), 3 deletions(-)

diff --git a/mem/f_malloc.c b/mem/f_malloc.c
index 2c05fe6bb3..49c4b7aecc 100644
--- a/mem/f_malloc.c
+++ b/mem/f_malloc.c
@@ -491,7 +491,9 @@ void* fm_realloc(struct fm_block* qm, void* p, unsigned long size)
 		fm_split_frag(qm, f, size);
 #endif
 #if defined(DBG_F_MALLOC) || defined(MALLOC_STATS)
-		qm->real_used-=(orig_size-f->size-FRAG_OVERHEAD);
+		/* fm_split frag already adds FRAG_OVERHEAD for the newly created
+		   free frag, so here we only need orig_size-f->size for real used */
+		qm->real_used-=(orig_size-f->size);
 		qm->used-=(orig_size-f->size);
 #endif
 	}else if (f->size<size){
diff --git a/mem/q_malloc.c b/mem/q_malloc.c
index 09cb5c735b..04c6dc96cb 100644
--- a/mem/q_malloc.c
+++ b/mem/q_malloc.c
@@ -562,8 +562,11 @@ void* qm_realloc(struct qm_block* qm, void* p, unsigned long size)
 #else
 		if(split_frag(qm, f, size)!=0){
 #endif
-			/* update used sizes: freed the spitted frag */
-			qm->real_used-=(orig_size-f->size-FRAG_OVERHEAD);
+			/* update used sizes: freed the splited frag */
+			/* split frag already adds FRAG_OVERHEAD for the newly created
+			   free frag, so here we only need orig_size-f->size for real used
+			 */
+			qm->real_used-=(orig_size-f->size);
 			qm->used-=(orig_size-f->size);
 		}
 		
-- 
2.20.1