public inbox for libc-hacker@sourceware.org
 help / color / mirror / Atom feed
* [PATCH] Fix another place in _int_malloc which assumed unsorted_chunks is empty
@ 2006-08-31 14:55 Jakub Jelinek
  0 siblings, 0 replies; only message in thread
From: Jakub Jelinek @ 2006-08-31 14:55 UTC (permalink / raw)
  To: Ulrich Drepper; +Cc: Glibc hackers, Andrew Haley

Hi!

Seems
http://sourceware.org/cgi-bin/cvsweb.cgi/libc/malloc/malloc.c.diff?cvsroot=glibc&r1=1.164&r2=1.165
fixed just one of the two places in _int_malloc which assumed
unsorted_chunks is an empty double-linked list.

This one was seen in jc1, see http://bugzilla.redhat.com/204653

2006-08-31  Jakub Jelinek  <jakub@redhat.com>

	* malloc/malloc.c (_int_malloc): Use full list insert and not
	shortcut which assumes the list is empty for large requests
	too.

--- libc/malloc/malloc.c.jj	2006-08-31 15:31:36.000000000 +0200
+++ libc/malloc/malloc.c	2006-08-31 16:29:30.000000000 +0200
@@ -4230,8 +4230,14 @@ _int_malloc(mstate av, size_t bytes)
         /* Split */
         else {
           remainder = chunk_at_offset(victim, nb);
-          unsorted_chunks(av)->bk = unsorted_chunks(av)->fd = remainder;
-          remainder->bk = remainder->fd = unsorted_chunks(av);
+          /* We cannot assume the unsorted list is empty and therefore
+             have to perform a complete insert here.  */
+	  bck = unsorted_chunks(av);
+	  fwd = bck->fd;
+	  remainder->bk = bck;
+	  remainder->fd = fwd;
+	  bck->fd = remainder;
+	  fwd->bk = remainder;
           set_head(victim, nb | PREV_INUSE |
 		   (av != &main_arena ? NON_MAIN_ARENA : 0));
           set_head(remainder, remainder_size | PREV_INUSE);

	Jakub

^ permalink raw reply	[flat|nested] only message in thread

only message in thread, other threads:[~2006-08-31 14:55 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2006-08-31 14:55 [PATCH] Fix another place in _int_malloc which assumed unsorted_chunks is empty Jakub Jelinek

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).