* [PATCH] Fix another place in _int_malloc which assumed unsorted_chunks is empty
@ 2006-08-31 14:55 Jakub Jelinek
0 siblings, 0 replies; only message in thread
From: Jakub Jelinek @ 2006-08-31 14:55 UTC (permalink / raw)
To: Ulrich Drepper; +Cc: Glibc hackers, Andrew Haley
Hi!
Seems
http://sourceware.org/cgi-bin/cvsweb.cgi/libc/malloc/malloc.c.diff?cvsroot=glibc&r1=1.164&r2=1.165
fixed just one of the two places in _int_malloc which assumed
unsorted_chunks is an empty double-linked list.
This one was seen in jc1, see http://bugzilla.redhat.com/204653
2006-08-31 Jakub Jelinek <jakub@redhat.com>
* malloc/malloc.c (_int_malloc): Use full list insert and not
shortcut which assumes the list is empty for large requests
too.
--- libc/malloc/malloc.c.jj 2006-08-31 15:31:36.000000000 +0200
+++ libc/malloc/malloc.c 2006-08-31 16:29:30.000000000 +0200
@@ -4230,8 +4230,14 @@ _int_malloc(mstate av, size_t bytes)
/* Split */
else {
remainder = chunk_at_offset(victim, nb);
- unsorted_chunks(av)->bk = unsorted_chunks(av)->fd = remainder;
- remainder->bk = remainder->fd = unsorted_chunks(av);
+ /* We cannot assume the unsorted list is empty and therefore
+ have to perform a complete insert here. */
+ bck = unsorted_chunks(av);
+ fwd = bck->fd;
+ remainder->bk = bck;
+ remainder->fd = fwd;
+ bck->fd = remainder;
+ fwd->bk = remainder;
set_head(victim, nb | PREV_INUSE |
(av != &main_arena ? NON_MAIN_ARENA : 0));
set_head(remainder, remainder_size | PREV_INUSE);
Jakub
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2006-08-31 14:55 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2006-08-31 14:55 [PATCH] Fix another place in _int_malloc which assumed unsorted_chunks is empty Jakub Jelinek
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).