[Bug 259076] pthread_mutex_init fails with limited AS

In reply to: bugzilla-noreply_a_freebsd.org: "[Bug 259076] pthread_mutex_init fails with limited AS"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Fri, 15 Oct 2021 15:49:54 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=259076

--- Comment #6 from Denis Koreshkov <dynamic-wind@mail.ru> ---
All right, here's a worse bug in rtld-malloc.

Once morepages has failed, it sets pagepool_start to MAP_FAILED, that is -1.
If the next call to __crt_malloc is for the same bucket, morecore is called
again but does not call morepages, because (amt > pagepool_end -
pagepool_start) is TRUE. And the free list loop crashes.

A quick test (with -lpthread, release >= 12.1):
#include <sys/time.h>
#include <sys/resource.h>
#include <pthread.h>

int
main()
{
        pthread_mutex_t t;
        int lim = 1<<26;

        struct rlimit rl = { lim,lim };
        setrlimit(RLIMIT_AS,&rl);

        for(;;) {
                if (pthread_mutex_init(&t,NULL)) {
                        pthread_mutex_init(&t,NULL);
                        break;
                }
        }
        return 0;
}

-- 
You are receiving this mail because:
You are the assignee for the bug.