justin/jsix
1
1
Fork 0
mirror of https://github.com/justinian/jsix.git synced 2025-12-10 00:14:32 -08:00
Code Issues Packages Projects Releases Wiki Activity

[kernel] Fix a heap double-allocate bug

Browse Source 
In the heap allocator, new blocks allocated directly for an allocate
request (instead of indirectly as part of a block split) would only set
their order in the tracking map, not their free flag. This left
uninitialized data in the block info map, which thus meant it was marked
as free for looking up for merges. (Not for allocations, since the block
didn't actually appear in the free list.)
This commit is contained in:
Justin C. Miller
2023-07-10 01:24:13 -07:00
parent 0dc86f2a0d
commit ad3afae315
1 changed files with 6 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
src/kernel/heap_allocator.cpp
View File

@@ -138,11 +138,11 @@ heap_allocator::reallocate(void *p, size_t old_length, size_t new_length)
return p;
lock.release();
void *new_block = allocate(new_length);
memcpy(new_block, p, old_length);
void *reallocated = allocate(new_length);
memcpy(reallocated, p, old_length);
free(p);
return new_block;
return reallocated;
}
heap_allocator::free_header *
@@ -202,7 +202,9 @@ heap_allocator::new_block(unsigned order)
void *block = reinterpret_cast<void*>(m_end);
m_end += 1ull << order;
m_map[map_key(block)].order = order;
block_info &info = m_map[map_key(block)];
info.order = order;
info.free = false;
return block;
}