Date: Wed, 13 Jun 2012 19:04:39 +0000 (UTC) From: John Baldwin <jhb@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-9@freebsd.org Subject: svn commit: r237017 - stable/9/lib/libc/stdlib Message-ID: <201206131904.q5DJ4dOX042925@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: jhb Date: Wed Jun 13 19:04:39 2012 New Revision: 237017 URL: http://svn.freebsd.org/changeset/base/237017 Log: Ensure that the beginning of the DSS is aligned on a chunk boundary. If the _end symbol used an address with the low bit set, then the initial arena could end up with corrupted rb trees causing a crash during the first call to malloc(). This is a direct commit to stable/9 as it does not affect the version of malloc in HEAD. Reviewed by: jasone MFC after: 1 week Modified: stable/9/lib/libc/stdlib/malloc.c Modified: stable/9/lib/libc/stdlib/malloc.c ============================================================================== --- stable/9/lib/libc/stdlib/malloc.c Wed Jun 13 19:00:29 2012 (r237016) +++ stable/9/lib/libc/stdlib/malloc.c Wed Jun 13 19:04:39 2012 (r237017) @@ -5790,6 +5790,9 @@ MALLOC_OUT: #ifdef MALLOC_DSS malloc_mutex_init(&dss_mtx); dss_base = sbrk(0); + i = (uintptr_t)dss_base & QUANTUM_MASK; + if (i != 0) + dss_base = sbrk(QUANTUM - i); dss_prev = dss_base; dss_max = dss_base; extent_tree_szad_new(&dss_chunks_szad);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201206131904.q5DJ4dOX042925>