Select Git revision
Forked from
Reform / reform-boundary-uboot
Source project has a limited visibility.
-
Kumar Gala authored
Since we set #define MORECORE_CLEARS 1, the code assumes 'sbrk' always returns zero'd out memory. However since its possible that free() returns memory back to sbrk() via malloc_trim we could possible get non-zero'd memory from sbrk(). This is a problem for when code might call calloc() and expect the memory to have been zero'd out. There are two possible solutions to this problem. 1. change #define MORECORE_CLEARS 0 2. memset to zero memory returned to sbrk. We go with the second since the sbrk being called to free up memory should be pretty rare. The following code problems an example test to show the issue. This test code was inserted right after the call to mem_malloc_init(). ... u8 *p2; int i; printf("MALLOC TEST\n"); p1 = malloc(135176); printf("P1 = %p\n", p1); memset(p1, 0xab, 135176); free(p1); p2 = calloc(4097, 1); printf("P2 = %p %p\n", p2, p2 + 4097); for (i = 0; i < 4097; i++) { if (p2[i] != 0) printf("miscompare at byte %d got %x\n", i, p2[i]); free(p2); printf("END MALLOC TEST\n\n"); ... Signed-off-by:Kumar Gala <galak@kernel.crashing.org> Tested-by:
Wolfgang Denk <wd@denx.de>
Kumar Gala authoredSince we set #define MORECORE_CLEARS 1, the code assumes 'sbrk' always returns zero'd out memory. However since its possible that free() returns memory back to sbrk() via malloc_trim we could possible get non-zero'd memory from sbrk(). This is a problem for when code might call calloc() and expect the memory to have been zero'd out. There are two possible solutions to this problem. 1. change #define MORECORE_CLEARS 0 2. memset to zero memory returned to sbrk. We go with the second since the sbrk being called to free up memory should be pretty rare. The following code problems an example test to show the issue. This test code was inserted right after the call to mem_malloc_init(). ... u8 *p2; int i; printf("MALLOC TEST\n"); p1 = malloc(135176); printf("P1 = %p\n", p1); memset(p1, 0xab, 135176); free(p1); p2 = calloc(4097, 1); printf("P2 = %p %p\n", p2, p2 + 4097); for (i = 0; i < 4097; i++) { if (p2[i] != 0) printf("miscompare at byte %d got %x\n", i, p2[i]); free(p2); printf("END MALLOC TEST\n\n"); ... Signed-off-by:
