memalign() bug found & fixed
Jason Evans
jasone at canonware.com
Fri Jan 16 18:08:56 PST 2015
On Jan 16, 2015, at 5:44 PM, Kurt Wampler <Kurt.Wampler at asml.com> wrote:
> I'd like to report a bug which we found and fixed in jemalloc-3.6.0.
>
> In the imemalign() function, when the allocation fails, there are
> "goto" statements that end up reaching "label_return:" without ever
> dereferencing memptr (the first argument). However, je_memalign() is
> written in a way that ignores imemalign()'s function return value, and
> depends instead on imemalign() to communicate the results using memptr.
>
> Our local fix for this problem was to move one line in imemalign() below
> "label_return:".
>
>
> Original code:
> -------------
>
> *memptr = result;
> ret = 0;
> label_return:
>
>
> Revised code:
> ------------
>
> ret = 0;
> label_return:
> *memptr = result;
>
>
> The above seemed like the simplest fix, but maybe it would be clearer
> to change je_memalign() to follow the same convention as je_posix_memalign()?
Yes, imemalign() works as intended, but memalign() and valloc() are wrong to ignore the return value. Fixed:
https://github.com/jemalloc/jemalloc/commit/44b57b8e8b25797b94c7cccc0e32705f76fcf03b
Thanks,
Jason
More information about the jemalloc-discuss
mailing list