This is the mail archive of the glibc-bugs@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

[Bug libc/11126] New: malloc_info() segfaults when no memory has been allocated

From: "aurelien at aurel32 dot net" <sourceware-bugzilla at sourceware dot org>
To: glibc-bugs at sources dot redhat dot com
Date: 2 Jan 2010 19:02:03 -0000
Subject: [Bug libc/11126] New: malloc_info() segfaults when no memory has been allocated
Reply-to: sourceware-bugzilla at sourceware dot org

The following code segfaults, given it does not allocate memory

#include <stdio.h>
#include <stdlib.h>
#include <malloc.h>
int
main (void)
{
  malloc_info(0,stdout);
  return 0;
}

The patch below might be a possible fix, but is a bit hackish:
diff --git a/malloc/malloc.c b/malloc/malloc.c
index ea10d17..e44abde 100644
--- a/malloc/malloc.c
+++ b/malloc/malloc.c
@@ -6369,7 +6369,7 @@ malloc_info (int options, FILE *fp)

     mbinptr bin = bin_at (ar_ptr, 1);
     struct malloc_chunk *r = bin->fd;
-    while (r != bin)
+    while (r && r != bin)
       {
        ++sizes[NFASTBINS].count;
        sizes[NFASTBINS].total += r->size;
@@ -6388,7 +6388,7 @@ malloc_info (int options, FILE *fp)
        sizes[NFASTBINS - 1 + i].to = sizes[NFASTBINS - 1 + i].total
          = sizes[NFASTBINS - 1 + i].count = 0;

-       while (r != bin)
+       while (r && r != bin)
          {
            ++sizes[NFASTBINS - 1 + i].count;
            sizes[NFASTBINS - 1 + i].total += r->size;
@@ -6469,7 +6469,7 @@ malloc_info (int options, FILE *fp)
       mi_arena (ar_ptr);
       ar_ptr = ar_ptr->next;
     }
-  while (ar_ptr != &main_arena);
+  while (ar_ptr && ar_ptr != &main_arena);

   fprintf (fp,
           "<total type=\"fast\" count=\"%zu\" size=\"%zu\"/>\n"

-- 
           Summary: malloc_info() segfaults when no memory has been
                    allocated
           Product: glibc
           Version: unspecified
            Status: NEW
          Severity: minor
          Priority: P2
         Component: libc
        AssignedTo: drepper at redhat dot com
        ReportedBy: aurelien at aurel32 dot net
                CC: glibc-bugs at sources dot redhat dot com
 GCC build triplet: x86_64-unknown-linux-gnu
  GCC host triplet: x86_64-unknown-linux-gnu
GCC target triplet: x86_64-unknown-linux-gnu


http://sourceware.org/bugzilla/show_bug.cgi?id=11126

------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.

Follow-Ups:
- [Bug libc/11126] malloc_info() segfaults when no memory has been allocated
  - From: drepper at redhat dot com

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]