Author: jhb
Date: Wed Jun 13 19:04:39 2012
New Revision: 237017
URL: http://svn.freebsd.org/changeset/base/237017
Log:
Ensure that the beginning of the DSS is aligned on a chunk boundary.
If the _end symbol used an address with the low bit set, then the initial
arena could end up with corrupted rb trees causing a crash during the
first call to malloc().
This is a direct commit to stable/9 as it does not affect the version
of malloc in HEAD.
Reviewed by: jasone
MFC after: 1 week
Modified:
stable/9/lib/libc/stdlib/malloc.c
Modified: stable/9/lib/libc/stdlib/malloc.c
==============================================================================
--- stable/9/lib/libc/stdlib/malloc.c Wed Jun 13 19:00:29 2012
(r237016)
+++ stable/9/lib/libc/stdlib/malloc.c Wed Jun 13 19:04:39 2012
(r237017)
@@ -5790,6 +5790,9 @@ MALLOC_OUT:
#ifdef MALLOC_DSS
malloc_mutex_init(&dss_mtx);
dss_base = sbrk(0);
+ i = (uintptr_t)dss_base & QUANTUM_MASK;
+ if (i != 0)
+ dss_base = sbrk(QUANTUM - i);
dss_prev = dss_base;
dss_max = dss_base;
extent_tree_szad_new(&dss_chunks_szad);
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-stable-9
To unsubscribe, send any mail to "[email protected]"
