From 85cfbc035370d2a3715ea9de3e590ba83fae52d1 Mon Sep 17 00:00:00 2001 From: Zhiqiang Zhang Date: Wed, 18 Mar 2015 18:44:50 +0800 Subject: malloc: checked_request2size failure deadlocks For some rarely cases(almost App bugs), calling malloc with a very largre size, checked_request2size check will fail,set ENOMEM, and return 0 to caller. But this will let __malloc_lock futex locked and owned by the caller. In multithread circumstance, other thread calling malloc/calloc will NOT succeed and get locked. Signed-off-by: Zhiqiang Zhang Signed-off-by: Bernhard Reutner-Fischer --- libc/stdlib/malloc-standard/malloc.c | 5 +++-- libc/stdlib/malloc-standard/memalign.c | 2 +- libc/stdlib/malloc-standard/realloc.c | 2 +- 3 files changed, 5 insertions(+), 4 deletions(-) (limited to 'libc/stdlib') diff --git a/libc/stdlib/malloc-standard/malloc.c b/libc/stdlib/malloc-standard/malloc.c index 2abb5bbdd..fd33b50c7 100644 --- a/libc/stdlib/malloc-standard/malloc.c +++ b/libc/stdlib/malloc-standard/malloc.c @@ -832,8 +832,6 @@ void* malloc(size_t bytes) } #endif - __MALLOC_LOCK; - av = get_malloc_state(); /* Convert request size to internal form by adding (sizeof(size_t)) bytes overhead plus possibly more to obtain necessary alignment and/or @@ -845,6 +843,9 @@ void* malloc(size_t bytes) checked_request2size(bytes, nb); + __MALLOC_LOCK; + av = get_malloc_state(); + /* Bypass search if no frees yet */ diff --git a/libc/stdlib/malloc-standard/memalign.c b/libc/stdlib/malloc-standard/memalign.c index 6303c1dd9..e9ae5a7b9 100644 --- a/libc/stdlib/malloc-standard/memalign.c +++ b/libc/stdlib/malloc-standard/memalign.c @@ -52,8 +52,8 @@ void* memalign(size_t alignment, size_t bytes) alignment = a; } - __MALLOC_LOCK; checked_request2size(bytes, nb); + __MALLOC_LOCK; /* Strategy: find a spot within that chunk that meets the alignment * request, and then possibly free the leading and trailing space. */ diff --git a/libc/stdlib/malloc-standard/realloc.c b/libc/stdlib/malloc-standard/realloc.c index e060b70ea..e49d11125 100644 --- a/libc/stdlib/malloc-standard/realloc.c +++ b/libc/stdlib/malloc-standard/realloc.c @@ -54,9 +54,9 @@ void* realloc(void* oldmem, size_t bytes) return NULL; } + checked_request2size(bytes, nb); __MALLOC_LOCK; av = get_malloc_state(); - checked_request2size(bytes, nb); oldp = mem2chunk(oldmem); oldsize = chunksize(oldp); -- cgit v1.2.3 From be61486447ab447ac24892845af92489fe0b7148 Mon Sep 17 00:00:00 2001 From: Bernhard Reutner-Fischer Date: Wed, 18 Mar 2015 23:11:39 +0100 Subject: malloc-standard: Add locking to malloc_trim Closes bugzilla #4586 Signed-off-by: Bernhard Reutner-Fischer --- libc/stdlib/malloc-standard/free.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'libc/stdlib') diff --git a/libc/stdlib/malloc-standard/free.c b/libc/stdlib/malloc-standard/free.c index 39e54d635..8b7a81fca 100644 --- a/libc/stdlib/malloc-standard/free.c +++ b/libc/stdlib/malloc-standard/free.c @@ -104,9 +104,13 @@ static int __malloc_trim(size_t pad, mstate av) */ int malloc_trim(size_t pad) { + int r; + __MALLOC_LOCK; mstate av = get_malloc_state(); __malloc_consolidate(av); - return __malloc_trim(pad, av); + r = __malloc_trim(pad, av); + __MALLOC_UNLOCK; + return r; } /* -- cgit v1.2.3 From 9faa7e94b824e1dc5fd9ce1b6f16c1b3f13c601a Mon Sep 17 00:00:00 2001 From: Khem Raj Date: Sat, 23 Jun 2012 13:26:30 -0700 Subject: atexit_old: Do not add it to shared libc atexit should only be in either uclibc_nonshared.a shared libc case or libc.a in static build case Signed-off-by: Khem Raj Signed-off-by: Bernhard Reutner-Fischer --- libc/stdlib/Makefile.in | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'libc/stdlib') diff --git a/libc/stdlib/Makefile.in b/libc/stdlib/Makefile.in index 880de78d8..071f91119 100644 --- a/libc/stdlib/Makefile.in +++ b/libc/stdlib/Makefile.in @@ -61,7 +61,6 @@ CSRC-$(if $(findstring yyy,$(UCLIBC_HAS_FLOATS)$(UCLIBC_HAS_WCHAR)$(UCLIBC_HAS_X # multi source _atexit.c CSRC-y += __cxa_atexit.c __cxa_finalize.c __exit_handler.c exit.c on_exit.c -CSRC-$(COMPAT_ATEXIT) += old_atexit.c STDLIB_DIR := $(top_srcdir)libc/stdlib STDLIB_OUT := $(top_builddir)libc/stdlib @@ -71,11 +70,12 @@ STDLIB_OBJ := $(patsubst %.c,$(STDLIB_OUT)/%.o,$(CSRC-y)) libc-y += $(STDLIB_OBJ) libc-static-y += $(STDLIB_OUT)/atexit.o $(STDLIB_OUT)/system.o +libc-static-$(COMPAT_ATEXIT) += $(STDLIB_OUT)/old_atexit.o libc-shared-y += $(STDLIB_OUT)/system.oS # this should always be the PIC version, because it could be used in shared libs libc-nonshared-y += $(STDLIB_OUT)/atexit.os - +libc-nonshared-$(COMPAT_ATEXIT) += $(STDLIB_OUT)/old_atexit.os libc-nomulti-y += $(STDLIB_OUT)/labs.o $(STDLIB_OUT)/atol.o $(STDLIB_OUT)/_stdlib_strto_l.o $(STDLIB_OUT)/_stdlib_strto_ll.o libc-nomulti-$(UCLIBC_HAS_XLOCALE) += $(STDLIB_OUT)/_stdlib_strto_l_l.o $(STDLIB_OUT)/_stdlib_strto_ll_l.o -- cgit v1.2.3