svn commit: r237017 - stable/9/lib/libc/stdlib
John Baldwin
jhb at FreeBSD.org
Wed Jun 13 19:04:40 UTC 2012
Author: jhb
Date: Wed Jun 13 19:04:39 2012
New Revision: 237017
URL: http://svn.freebsd.org/changeset/base/237017
Log:
Ensure that the beginning of the DSS is aligned on a chunk boundary.
If the _end symbol used an address with the low bit set, then the initial
arena could end up with corrupted rb trees causing a crash during the
first call to malloc().
This is a direct commit to stable/9 as it does not affect the version
of malloc in HEAD.
Reviewed by: jasone
MFC after: 1 week
Modified:
stable/9/lib/libc/stdlib/malloc.c
Modified: stable/9/lib/libc/stdlib/malloc.c
==============================================================================
--- stable/9/lib/libc/stdlib/malloc.c Wed Jun 13 19:00:29 2012 (r237016)
+++ stable/9/lib/libc/stdlib/malloc.c Wed Jun 13 19:04:39 2012 (r237017)
@@ -5790,6 +5790,9 @@ MALLOC_OUT:
#ifdef MALLOC_DSS
malloc_mutex_init(&dss_mtx);
dss_base = sbrk(0);
+ i = (uintptr_t)dss_base & QUANTUM_MASK;
+ if (i != 0)
+ dss_base = sbrk(QUANTUM - i);
dss_prev = dss_base;
dss_max = dss_base;
extent_tree_szad_new(&dss_chunks_szad);
More information about the svn-src-stable-9
mailing list