diff options
author | Florian Weimer <fweimer@redhat.com> | 2017-11-28 19:10:16 +0530 |
---|---|---|
committer | Andreas K. Huettel <dilfridge@gentoo.org> | 2017-12-21 20:19:11 +0100 |
commit | b66700e2f0ba3e578dc4f4d0d8350ce4f22f5199 (patch) | |
tree | 4ef322dec512d9d8e5a4911b8a0547b6f848d840 | |
parent | malloc: Remove check_action variable [BZ #21754] (diff) | |
download | glibc-b66700e2f0ba3e578dc4f4d0d8350ce4f22f5199.tar.gz glibc-b66700e2f0ba3e578dc4f4d0d8350ce4f22f5199.tar.bz2 glibc-b66700e2f0ba3e578dc4f4d0d8350ce4f22f5199.zip |
malloc: Remove corrupt arena flag
This is no longer needed because we now abort immediately
once heap corruption is detected.
(cherry-picked from a9da0bb2667ab20f1dbcd0a9ae6846db02fbc96a)
-rw-r--r-- | ChangeLog | 8 | ||||
-rw-r--r-- | malloc/arena.c | 20 | ||||
-rw-r--r-- | malloc/malloc.c | 13 |
3 files changed, 10 insertions, 31 deletions
@@ -1,5 +1,13 @@ 2017-08-30 Florian Weimer <fweimer@redhat.com> + * malloc/malloc.c (ARENA_CORRUPTION_BIT, arena_is_corrupt) + (set_arena_corrupt): Remove definitions. + (mtrim): Do not check for corrupt arena. + * malloc/arena.c (arena_lock, reused_arena, arena_get_retry): + Likewise. + +2017-08-30 Florian Weimer <fweimer@redhat.com> + [BZ #21754] * malloc/arena.c (TUNABLE_CALLBACK set_mallopt_check): Do not set check_action. diff --git a/malloc/arena.c b/malloc/arena.c index 39cbfbc282..afd423240a 100644 --- a/malloc/arena.c +++ b/malloc/arena.c @@ -116,7 +116,7 @@ int __malloc_initialized = -1; } while (0) #define arena_lock(ptr, size) do { \ - if (ptr && !arena_is_corrupt (ptr)) \ + if (ptr) \ __libc_lock_lock (ptr->mutex); \ else \ ptr = arena_get2 ((size), NULL); \ @@ -832,7 +832,7 @@ reused_arena (mstate avoid_arena) result = next_to_use; do { - if (!arena_is_corrupt (result) && !__libc_lock_trylock (result->mutex)) + if (!__libc_lock_trylock (result->mutex)) goto out; /* FIXME: This is a data race, see _int_new_arena. */ @@ -845,18 +845,6 @@ reused_arena (mstate avoid_arena) if (result == avoid_arena) result = result->next; - /* Make sure that the arena we get is not corrupted. */ - mstate begin = result; - while (arena_is_corrupt (result) || result == avoid_arena) - { - result = result->next; - if (result == begin) - /* We looped around the arena list. We could not find any - arena that was either not corrupted or not the one we - wanted to avoid. */ - return NULL; - } - /* No arena available without contention. Wait for the next in line. */ LIBC_PROBE (memory_arena_reuse_wait, 3, &result->mutex, result, avoid_arena); __libc_lock_lock (result->mutex); @@ -953,10 +941,6 @@ arena_get_retry (mstate ar_ptr, size_t bytes) if (ar_ptr != &main_arena) { __libc_lock_unlock (ar_ptr->mutex); - /* Don't touch the main arena if it is corrupt. */ - if (arena_is_corrupt (&main_arena)) - return NULL; - ar_ptr = &main_arena; __libc_lock_lock (ar_ptr->mutex); } diff --git a/malloc/malloc.c b/malloc/malloc.c index 7a90fda6a2..65deb2f386 100644 --- a/malloc/malloc.c +++ b/malloc/malloc.c @@ -1626,15 +1626,6 @@ typedef struct malloc_chunk *mfastbinptr; #define set_noncontiguous(M) ((M)->flags |= NONCONTIGUOUS_BIT) #define set_contiguous(M) ((M)->flags &= ~NONCONTIGUOUS_BIT) -/* ARENA_CORRUPTION_BIT is set if a memory corruption was detected on the - arena. Such an arena is no longer used to allocate chunks. Chunks - allocated in that arena before detecting corruption are not freed. */ - -#define ARENA_CORRUPTION_BIT (4U) - -#define arena_is_corrupt(A) (((A)->flags & ARENA_CORRUPTION_BIT)) -#define set_arena_corrupt(A) ((A)->flags |= ARENA_CORRUPTION_BIT) - /* Maximum size of memory handled in fastbins. */ static INTERNAL_SIZE_T global_max_fast; @@ -4718,10 +4709,6 @@ _int_memalign (mstate av, size_t alignment, size_t bytes) static int mtrim (mstate av, size_t pad) { - /* Don't touch corrupt arenas. */ - if (arena_is_corrupt (av)) - return 0; - /* Ensure initialization/consolidation */ malloc_consolidate (av); |