This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
[PATCH] malloc: Correct size computation in realloc for dumped fake mmapped chunks
- From: fweimer at redhat dot com (Florian Weimer)
- To: libc-alpha at sourceware dot org
- Date: Wed, 08 Jun 2016 20:51:23 +0200
- Subject: [PATCH] malloc: Correct size computation in realloc for dumped fake mmapped chunks
- Authentication-results: sourceware.org; auth=none
For regular mmapped chunks there are two size fields (hence a reduction
by 2 * SIZE_SZ bytes), but for fake chunks, we only have one size field,
so we need to subtract SIZE_SZ bytes.
This was initially reported as Emacs bug 23726.
2016-06-08 Florian Weimer <fweimer@redhat.com>
Emacs bug 23726.
* malloc/malloc.c (dumped_main_arena_start): Update comment.
(__libc_realloc): Correct size computation for dumped fake mmapped
chunks.
diff --git a/malloc/malloc.c b/malloc/malloc.c
index ead9a21..6f77d37 100644
--- a/malloc/malloc.c
+++ b/malloc/malloc.c
@@ -1748,7 +1748,9 @@ static struct malloc_state main_arena =
/* These variables are used for undumping support. Chunked are marked
as using mmap, but we leave them alone if they fall into this
- range. */
+ range. NB: The chunk size for these chunks only includes the
+ initial size field (of SIZE_SZ bytes), there is no trailing size
+ field (unlike with regular mmapped chunks). */
static mchunkptr dumped_main_arena_start; /* Inclusive. */
static mchunkptr dumped_main_arena_end; /* Exclusive. */
@@ -3029,9 +3031,11 @@ __libc_realloc (void *oldmem, size_t bytes)
if (newmem == 0)
return NULL;
/* Copy as many bytes as are available from the old chunk
- and fit into the new size. */
- if (bytes > oldsize - 2 * SIZE_SZ)
- bytes = oldsize - 2 * SIZE_SZ;
+ and fit into the new size. NB: The overhead for faked
+ mmapped chunks is only SIZE_SZ, not 2 * SIZE_SZ as for
+ regular mmapped chunks. */
+ if (bytes > oldsize - SIZE_SZ)
+ bytes = oldsize - SIZE_SZ;
memcpy (newmem, oldmem, bytes);
return newmem;
}