malloc: ensure set_max_fast never stores zero

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

malloc: ensure set_max_fast never stores zero

Sourceware - libc-alpha mailing list

The code for set_max_fast() stores an "impossibly small value"
instead of zero, when the parameter is zero.  However, for
small values of the parameter (ex: 1 or 2) the computation
results in a zero being stored anyway.

This patch checks for the parameter being small enough for the
computation to result in zero instead, so that a zero is never
stored.

key values which result in zero being stored:

x86-64:  1..7  (or other 64-bit)
i686:    1..11
armhfp:  1..3  (or other 32-bit)

diff --git a/malloc/malloc.c b/malloc/malloc.c
index 6acb5ad43a..ee87ddbbf9 100644
--- a/malloc/malloc.c
+++ b/malloc/malloc.c
@@ -1632,7 +1632,7 @@ static INTERNAL_SIZE_T global_max_fast;
  */
 
 #define set_max_fast(s) \
-  global_max_fast = (((s) == 0)      \
+  global_max_fast = (((size_t) (s) <= MALLOC_ALIGN_MASK - SIZE_SZ) \
                      ? MIN_CHUNK_SIZE / 2 : ((s + SIZE_SZ) & ~MALLOC_ALIGN_MASK))
 
 static inline INTERNAL_SIZE_T

Reply | Threaded
Open this post in threaded view
|

Re: malloc: ensure set_max_fast never stores zero

Sourceware - libc-alpha mailing list
On 4/4/20 1:52 AM, DJ Delorie via Libc-alpha wrote:
>
> The code for set_max_fast() stores an "impossibly small value"
> instead of zero, when the parameter is zero.  However, for
> small values of the parameter (ex: 1 or 2) the computation
> results in a zero being stored anyway.

Agreed.

> This patch checks for the parameter being small enough for the
> computation to result in zero instead, so that a zero is never
> stored.

Right, because (1 + SIZE_SZ) & ~MALLOC_ALIGN_MASK is zero.

> key values which result in zero being stored:
>
> x86-64:  1..7  (or other 64-bit)
> i686:    1..11
> armhfp:  1..3  (or other 32-bit)
>

OK with bug # attached.

Reviewed-by: Carlos O'Donell <[hidden email]>

> diff --git a/malloc/malloc.c b/malloc/malloc.c
> index 6acb5ad43a..ee87ddbbf9 100644
> --- a/malloc/malloc.c
> +++ b/malloc/malloc.c
> @@ -1632,7 +1632,7 @@ static INTERNAL_SIZE_T global_max_fast;
>   */
>  
>  #define set_max_fast(s) \
> -  global_max_fast = (((s) == 0)      \
> +  global_max_fast = (((size_t) (s) <= MALLOC_ALIGN_MASK - SIZE_SZ) \
>                       ? MIN_CHUNK_SIZE / 2 : ((s + SIZE_SZ) & ~MALLOC_ALIGN_MASK))
>  
>  static inline INTERNAL_SIZE_T
>

--
Cheers,
Carlos.

Reply | Threaded
Open this post in threaded view
|

Re: malloc: ensure set_max_fast never stores zero

Sourceware - libc-alpha mailing list
"Carlos O'Donell" <[hidden email]> writes:
> OK with bug # attached.

Attached and pushed.  Thanks!

> Reviewed-by: Carlos O'Donell <[hidden email]>

And I even remembered this this time!  :-)

Reply | Threaded
Open this post in threaded view
|

Re: malloc: ensure set_max_fast never stores zero

Sourceware - libc-alpha mailing list
On 4/6/20 4:29 PM, DJ Delorie wrote:
> "Carlos O'Donell" <[hidden email]> writes:
>> OK with bug # attached.
>
> Attached and pushed.  Thanks!
>
>> Reviewed-by: Carlos O'Donell <[hidden email]>
>
> And I even remembered this this time!  :-)
 
Thank you :-)

--
Cheers,
Carlos.