public inbox for libc-hacker@sourceware.org
 help / color / mirror / Atom feed
From: Jakub Jelinek <jakub@redhat.com>
To: Ulrich Drepper <drepper@redhat.com>
Cc: Glibc hackers <libc-hacker@sources.redhat.com>
Subject: [PATCH] Fix infinite loop in malloc for really large sizes
Date: Thu, 24 Aug 2006 17:07:00 -0000	[thread overview]
Message-ID: <20060824170642.GJ4556@sunsite.mff.cuni.cz> (raw)

Hi!

As the attached testcase shows, for really large allocations where
all of mmap, heap growth and new heap alloc fail malloc loops forever,
calling mmap with the given size.

2006-08-24  Jakub Jelinek  <jakub@redhat.com>

	* malloc/malloc.c (sYSMALLOc): Avoid infinite loop if MMAP
	keeps failing and heap growth or new heap creation isn't
	successful either.
	* malloc/tst-malloc.c (main): Add new test.

--- libc/malloc/malloc.c.jj	2006-08-22 09:04:53.000000000 +0200
+++ libc/malloc/malloc.c	2006-08-24 18:48:54.000000000 +0200
@@ -2860,6 +2860,7 @@ static Void_t* sYSMALLOc(nb, av) INTERNA
   unsigned long   sum;            /* for updating stats */
 
   size_t          pagemask  = mp_.pagesize - 1;
+  bool            tried_mmap = false;
 
 
 #if HAVE_MMAP
@@ -2883,6 +2884,7 @@ static Void_t* sYSMALLOc(nb, av) INTERNA
       is no following chunk whose prev_size field could be used.
     */
     size = (nb + SIZE_SZ + MALLOC_ALIGN_MASK + pagemask) & ~pagemask;
+    tried_mmap = true;
 
     /* Don't try if size wraps around 0 */
     if ((unsigned long)(size) > (unsigned long)(nb)) {
@@ -3006,7 +3008,7 @@ static Void_t* sYSMALLOc(nb, av) INTERNA
 	set_foot(old_top, (old_size + 2*SIZE_SZ));
       }
     }
-    else
+    else if (!tried_mmap)
       /* We can at least try to use to mmap memory.  */
       goto try_mmap;
 
--- libc/malloc/tst-malloc.c.jj	2001-07-06 06:55:35.000000000 +0200
+++ libc/malloc/tst-malloc.c	2006-08-24 18:59:38.000000000 +0200
@@ -33,7 +33,7 @@ merror (const char *msg)
 int
 main (void)
 {
-  void *p;
+  void *p, *q;
   int save;
 
   errno = 0;
@@ -64,5 +64,15 @@ main (void)
   if (p != NULL)
     merror ("realloc (p, 0) failed.");
 
+  p = malloc (513 * 1024);
+  if (p == NULL)
+    merror ("malloc (513K) failed.");
+
+  q = malloc (-512 * 1024);
+  if (q != NULL)
+    merror ("malloc (-512K) succeeded.");
+
+  free (p);
+
   return errors != 0;
 }

	Jakub

             reply	other threads:[~2006-08-24 17:07 UTC|newest]

Thread overview: 2+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2006-08-24 17:07 Jakub Jelinek [this message]
2006-08-24 17:31 ` Ulrich Drepper

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20060824170642.GJ4556@sunsite.mff.cuni.cz \
    --to=jakub@redhat.com \
    --cc=drepper@redhat.com \
    --cc=libc-hacker@sources.redhat.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).