bin/62859: [patch] malloc(0) fails to call malloc_init()

Stefan Farfeleder stefan at fafoe.narf.at
Sat Feb 14 16:30:17 PST 2004 

>Number:         62859
>Category:       bin
>Synopsis:       [patch] malloc(0) fails to call malloc_init()
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sat Feb 14 16:30:17 PST 2004
>Closed-Date:
>Last-Modified:
>Originator:     Stefan Farfeleder
>Release:        FreeBSD 5.2-CURRENT i386
>Organization:
>Environment:
System: FreeBSD wombat.fafoe.narf.at 5.2-CURRENT FreeBSD 5.2-CURRENT #13: Thu Feb 5 23:10:05 CET 2004 stefan at wombat.fafoe.narf.at:/usr/home/stefan/freebsd/obj/usr/home/stefan/freebsd/src/sys/WOMBAT i386

>Description:
The function malloc_init() parses malloc()'s options from /etc/malloc.conf,
MALLOC_OPTIONS and _malloc_options.  It's the function imalloc() that calls
malloc_init(), and the former one is not called on malloc(0).  This isn't a
problem per se, but the v/V flag controls the behaviour of malloc(0) and so it
never returns a null pointer until malloc() is called with a positived size.

>How-To-Repeat:
This program demonstrates that the V flag is ignored:

#include <stdio.h>
#include <stdlib.h>

int
main(void)
{
	_malloc_options = "V";
	printf("malloc(0) = %p\n", malloc(0));
	return (0);
}

>Fix:
This moves the malloc_init() calls into malloc() and realloc().
--- malloc.c.diff begins here ---
Index: src/lib/libc/stdlib/malloc.c
===================================================================
RCS file: /usr/home/ncvs/src/lib/libc/stdlib/malloc.c,v
retrieving revision 1.84
diff -I.svn -u -r1.84 malloc.c
--- src/lib/libc/stdlib/malloc.c	28 Nov 2003 18:03:22 -0000	1.84
+++ src/lib/libc/stdlib/malloc.c	14 Feb 2004 23:42:47 -0000
@@ -736,9 +736,6 @@
 {
     void *result;
 
-    if (!malloc_started)
-	malloc_init();
-
     if (suicide)
 	abort();
 
@@ -1111,6 +1108,9 @@
 {
     void *r;
 
+    if (!malloc_started)
+	malloc_init();
+
     _MALLOC_LOCK();
     malloc_func = " in malloc():";
     if (malloc_active++) {
@@ -1161,6 +1161,9 @@
 {
     void *r;
     int err = 0;
+
+    if (!malloc_started)
+	malloc_init();
 
     _MALLOC_LOCK();
     malloc_func = " in realloc():";
--- malloc.c.diff ends here ---
>Release-Note:
>Audit-Trail:
>Unformatted:

More information about the freebsd-bugs mailing list