* [PATCH] Fix calloc with MALLOC_PERTURB_
@ 2005-09-12 9:37 Jakub Jelinek
2005-09-12 14:02 ` Ulrich Drepper
0 siblings, 1 reply; 2+ messages in thread
From: Jakub Jelinek @ 2005-09-12 9:37 UTC (permalink / raw)
To: Ulrich Drepper; +Cc: Glibc hackers
Hi!
malloc_usable_size() is chunksize (p) - 2 * SIZE_SZ for chunk_is_mmapped (p),
not chunksize (p) - SIZE_SZ, but with MALLOC_PERTURB_=X if X != 0 calloc
was clearing SIZE_SZ bytes too much (without MALLOC_PERTURB_ it would just
return right away). On 32-bit architectures, that is not fatal, as
chunksize is always a multiple of 8 (3 bits used for other stuff), but on
64-bit arches if calloc uses mmap this means usually segfault or clobbering
whatever memory is after it. On closer inspection, we really need to clear
just sz bytes in that case (and unrolling in that case is not a good idea,
sz is usually quite large), as _int_malloc cleared just sz bytes and
the rest are 0's from mmap, plus apps shouldn't rely on calloc clearing
bytes beyond what it asked for (IMHO nothing says what values will
have bytes at ret+size*nmemb through ret+malloc_usable_bytes (ret)).
2005-09-12 Jakub Jelinek <jakub@redhat.com>
* malloc.c (struct malloc_chunk): Fix comment typo.
(public_cALLOc): For mmapped chunks and perturb_byte != 0,
don't clear SIZE_SZ bytes more than should be cleared.
--- libc/malloc/malloc.c 20 Mar 2005 18:08:52 -0000 1.148
+++ libc/malloc/malloc.c 12 Sep 2005 09:23:27 -0000
@@ -1726,7 +1726,7 @@ struct malloc_chunk {
mem-> +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| User data starts here... .
. .
- . (malloc_usable_space() bytes) .
+ . (malloc_usable_size() bytes) .
. |
nextchunk-> +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Size of chunk |
@@ -3691,8 +3691,12 @@ public_cALLOc(size_t n, size_t elem_size
/* Two optional cases in which clearing not necessary */
#if HAVE_MMAP
- if (perturb_byte == 0 && chunk_is_mmapped(p))
- return mem;
+ if (chunk_is_mmapped (p))
+ {
+ if (__builtin_expect (perturb_byte, 0))
+ MALLOC_ZERO (mem, sz);
+ return mem;
+ }
#endif
csz = chunksize(p);
Jakub
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: [PATCH] Fix calloc with MALLOC_PERTURB_
2005-09-12 9:37 [PATCH] Fix calloc with MALLOC_PERTURB_ Jakub Jelinek
@ 2005-09-12 14:02 ` Ulrich Drepper
0 siblings, 0 replies; 2+ messages in thread
From: Ulrich Drepper @ 2005-09-12 14:02 UTC (permalink / raw)
To: Jakub Jelinek; +Cc: Glibc hackers
[-- Attachment #1: Type: text/plain, Size: 101 bytes --]
Applied.
--
➧ Ulrich Drepper ➧ Red Hat, Inc. ➧ 444 Castro St ➧ Mountain View, CA ❖
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 251 bytes --]
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2005-09-12 14:02 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2005-09-12 9:37 [PATCH] Fix calloc with MALLOC_PERTURB_ Jakub Jelinek
2005-09-12 14:02 ` Ulrich Drepper
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).