A large value of bytes passed to memalign_check can cause an integer
overflow in _int_memalign and heap corruption. This issue can be
exposed by running tst-memalign with MALLOC_CHECK_=3.
ChangeLog:
2013-10-10 Will Newton <will.newton@linaro.org>
* malloc/hooks.c (memalign_check): Ensure the value of bytes
passed to _int_memalign does not overflow.
Add some comments and call free on all potentially allocated pointers.
Also remove duplicate check for NULL pointer.
ChangeLog:
2013-10-04 Will Newton <will.newton@linaro.org>
* malloc/tst-valloc.c: Add comments.
(do_test): Add comments and call free on all potentially
allocated pointers. Remove duplicate check for NULL pointer.
Add space after cast.
Add some comments and call free on all potentially allocated pointers.
Also remove duplicate check for NULL pointer.
ChangeLog:
2013-10-04 Will Newton <will.newton@linaro.org>
* malloc/tst-pvalloc.c: Add comments.
(do_test): Add comments and call free on all potentially
allocated pointers. Remove duplicate check for NULL pointer.
Add space after cast.
Add some comments and call free on all potentially allocated pointers.
ChangeLog:
2013-10-04 Will Newton <will.newton@linaro.org>
* malloc/tst-posix_memalign.c: Add comments.
(do_test): Add comments and call free on all potentially
allocated pointers. Add space after cast.
for ChangeLog
* malloc/arena.c (new_heap): New memory_heap_new probe.
(grow_heap): New memory_heap_more probe.
(shrink_heap): New memory_heap_less probe.
(heap_trim): New memory_heap_free probe.
* malloc/malloc.c (sysmalloc): New memory_sbrk_more probe.
(systrim): New memory_sbrk_less probe.
* manual/probes.texi: Document them.
A large bytes parameter to memalign could cause an integer overflow
and corrupt allocator internals. Check the overflow does not occur
before continuing with the allocation.
ChangeLog:
2013-09-11 Will Newton <will.newton@linaro.org>
[BZ #15857]
* malloc/malloc.c (__libc_memalign): Check the value of bytes
does not overflow.
A large bytes parameter to valloc could cause an integer overflow
and corrupt allocator internals. Check the overflow does not occur
before continuing with the allocation.
ChangeLog:
2013-09-11 Will Newton <will.newton@linaro.org>
[BZ #15856]
* malloc/malloc.c (__libc_valloc): Check the value of bytes
does not overflow.
A large bytes parameter to pvalloc could cause an integer overflow
and corrupt allocator internals. Check the overflow does not occur
before continuing with the allocation.
ChangeLog:
2013-09-11 Will Newton <will.newton@linaro.org>
[BZ #15855]
* malloc/malloc.c (__libc_pvalloc): Check the value of bytes
does not overflow.
The current tests don't test the functionality of realloc in detail.
Add a new test for realloc that exercises some of the corner cases
that are not otherwise tested.
ChangeLog:
2013-09-09 Will Newton <will.newton@linaro.org>
* malloc/Makefile: Add tst-realloc to tests.
* malloc/tst-realloc.c: New file.
it is impossible to create an alias of a common symbol (as
compat_symbol does), because common symbols do not have a section or
an offset until linked. GNU as tolerates aliases of common symbols by
simply creating another common symbol, but other assemblers (notably
LLVM's integrated assembler) are less tolerant.
2013-05-15 Peter Collingbourne <pcc@google.com>
* malloc/obstack.c (_obstack_compat): Add initializer.
-
Introduce (only on Linux) and use a HAVE_MREMAP symbol to advertize mremap
availability.
Move the malloc-sysdep.h include from arena.c to malloc.c, since what is
provided by malloc-sysdep.h is needed earlier in malloc.c, before the inclusion
of arena.c.
fclose will call free, invoking its hook, then fprintf which would indirectly
try to allocate a buffer, and this can cause malloc to be used (thus its hook
to be invoked) if libio uses malloc instead of mmap; given any malloc/free hook
locks the internal lock, this leads to a deadlock.
To prevent this hook roundtrip at muntrace, first unset MALLSTREAM and the
hooks, and only after that close the trace file.
Using madvise with MADV_DONTNEED to release memory back to the kernel
is not sufficient to change the commit charge accounted against the
process on Linux. It is OK however, when overcommit is enabled or is
heuristic. However, when overcommit is restricted to a percentage of
memory setting the contents of /proc/sys/vm/overcommit_memory as 2, it
makes a difference since memory requests will fail. Hence, we do what
we do with secure exec binaries, which is to call mmap on the region
to be dropped with MAP_FIXED. This internally unmaps the pages in
question and reduces the amount of memory accounted against the
process.
[BZ #1349]
malloc_usable_size returns the usable size in an allocated chunk,
which may be >= the requested size. In the case of MALLOC_CHECK_ being
exported to > 0 however, only the requested size is usable, since a
magic value is written at the end of the request size to trap writes
beyond request bounds. Hence, when MALLOC_CHECK_ is exported to > 0,
malloc_usable_size() should return the request size.
* malloc.c/arena.c (reused_arena): New parameter, avoid_arena.
When avoid_arena is set, don't retry in the that arena. Pick the
next one, whatever it might be.
(arena_get2): New parameter avoid_arena, pass through to reused_arena.
(arena_lock): Pass in new parameter to arena_get2.
* malloc/malloc.c (__libc_memalign): Pass in new parameter to
arena_get2.
(__libc_malloc): Unify retrying after main arena failure with
__libc_memalign version.
(__libc_valloc, __libc_pvalloc, __libc_calloc): Likewise.
tst-obprintf failed with GCC 4.7.
It turned out that this is the fault of GCC optimizing away the
following from malloc/mcheck.c:
/* We call malloc() once here to ensure it is initialized. */
void *p = malloc (0);
free (p);
gcc sees the malloc(0);free pair and removes it completely.
And now malloc is not properly initialized and we screw up if both
mcheck is used (via tst-obprintf) and MALLOC_CHECK_ is set (as it is in my
environment).