[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[avr-libc-dev] [bug #2143] malloc() routines chunk smaller than requeste
|
From: |
nobody |
|
Subject: |
[avr-libc-dev] [bug #2143] malloc() routines chunk smaller than requested |
|
Date: |
Thu, 10 Jul 2003 10:09:42 -0400 |
|
User-agent: |
Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR 1.0.3705) |
=================== BUG #2143: LATEST MODIFICATIONS ==================
http://savannah.nongnu.org/bugs/?func=detailbug&bug_id=2143&group_id=2140
Changes by: Anonymous user Date: Thu 07/10/03 at 10:09
------------------ Additional Follow-up Comments ----------------------------
malloc fails to detect that insufficient memory
is available if you allocate a block with length
larger than (unsigned)(0xffff) - brkval due to overflow
in the data types used.
doing it the quick way:
malloc()
{
unsigned long reqend;
/* ..... */
line 201:
reqend = (unsigned long)(brkval) + (unsigned long)(len) + (unsigned
long)(sizeof(size_t));
if ( reqend < (unsigned long)(cp) ) {
/* ... */
}
OR you could detect that brkval+len < len if you do want to keep
it somewhat independent of size_t being 16 bits (which doesn't
seem to make sense on the AVR?).
Hope this helps
Regards
Titus
=================== BUG #2143: FULL BUG SNAPSHOT ===================
Submitted by: None Project: AVR C Runtime Library
Submitted on: Mon 01/06/03 at 10:18
Category: Library Severity: 5 - Major
Bug Group: None Resolution: None
Assigned to: joerg_wunsch Originator Email: address@hidden
Status: Open
Summary: malloc() routines chunk smaller than requested
Original Submission:
I believe I've found in bug that exists in the malloc() implementation in the
snapshots from 17dec2002 and 04nov2002.
Here's (basically) the code I'm running:
char *ptrs[32];
__malloc_heap_start = 0x8000;
__malloc_heap_end = 0xFFFF;
for (j = 0; j < 32; j++) {
ptrs[j] = (char *)malloc(1024);
/* output j and ptrs[j] to serial port */
}
I would expect the last malloc() to return NULL, since there's not 1024 bytes
left in the heap. Instead, I get the following output:
0 = 00008002
1 = 00008404
2 = 00008806
-cut-
29 = 0000f43c
30 = 0000f83e
31 = 0000fc40
The last malloc() returns a chunk of memory that is only 959 bytes before the
end of the heap!
Follow-up Comments
*******************
-------------------------------------------------------
Date: Thu 07/10/03 at 10:09 By: None
malloc fails to detect that insufficient memory
is available if you allocate a block with length
larger than (unsigned)(0xffff) - brkval due to overflow
in the data types used.
doing it the quick way:
malloc()
{
unsigned long reqend;
/* ..... */
line 201:
reqend = (unsigned long)(brkval) + (unsigned long)(len) + (unsigned
long)(sizeof(size_t));
if ( reqend < (unsigned long)(cp) ) {
/* ... */
}
OR you could detect that brkval+len < len if you do want to keep
it somewhat independent of size_t being 16 bits (which doesn't
seem to make sense on the AVR?).
Hope this helps
Regards
Titus
-------------------------------------------------------
Date: Tue 02/25/03 at 06:19 By: None
creating a memmory heap malloc function writes some bytes of header information
for handling heap size
-------------------------------------------------------
Date: Mon 01/06/03 at 17:02 By: joerg_wunsch
malloc() is my baby.
CC list is empty
No files currently attached
For detailed info, follow this link:
http://savannah.nongnu.org/bugs/?func=detailbug&bug_id=2143&group_id=2140
_______________________________________________
Message sent via/by Savannah
http://savannah.nongnu.org/
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [avr-libc-dev] [bug #2143] malloc() routines chunk smaller than requested,
nobody <=