[Bug libc/457] New: Incorrect checks in MALLOC_CHECK_ functions under high mem usage

["mwdalton at stanford dot edu" <sourceware-bugzilla at sources dot redhat dot com>]

In malloc/hooks.c, the code in mem2chunk_check(lines 178-179,183) and
check_top_chunk(line 234) assumes that 
anything allocated in main_arena will always be between main_arena.sbrk_base
and main_arena.sbrk_base + main_arena.system_mem. This is not true, as 
when brk fails, mmap can be used for main_arena, which happens in lines
2906-2935 of malloc.c. Chunks allocated(including the top) from this
mmap'd portion of main_arena will not fall under the sbrk_base-sbrk_base 
+ system_mem bounds, cause spurious "top chunk corurpt" 
and invalid pointer messages from mem2chunk_check and check_top_check. The
corect fix is to check if main arena
is contiguous before applying those checks(this is done in the MALLOC_DEBUG
function do_check_malloc_state, malloc.c line 2576). The noncontiguous bit 
set as soon as we begin using mmap as a brk replacement, so any and all
checks relating to sbrk_base in the MALLOC_CHECK_ functions should be
changed to check for said condition || noncontiguous(&main_arena). Hope this 
helped, please e-mail me if I need to clarify any points I've made, as
I must admit that this is my first bug report =)

-- 
           Summary: Incorrect checks in MALLOC_CHECK_  functions under high
                    mem usage
           Product: glibc
           Version: 2.3.3
            Status: NEW
          Severity: normal
          Priority: P2
         Component: libc
        AssignedTo: gotom at debian dot or dot jp
        ReportedBy: mwdalton at stanford dot edu
                CC: glibc-bugs at sources dot redhat dot com
 GCC build triplet: i686-pc-linux-gnu
  GCC host triplet: i686-pc-linux-gnu
GCC target triplet: i686-pc-linux-gnu


http://sources.redhat.com/bugzilla/show_bug.cgi?id=457

------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.