[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [avr-libc-dev] [bug #25723] Realloc corrupts free list when growing
|
From: |
Ron Kreymborg |
|
Subject: |
RE: [avr-libc-dev] [bug #25723] Realloc corrupts free list when growing into the next free item |
|
Date: |
Sun, 1 Mar 2009 23:13:42 +1100 |
> void testMalloc()
> {
> size_t* array = (size_t*)malloc(4 * sizeof(size_t));
> free(array);
> array = NULL;
>
> array = (size_t*)realloc(array, sizeof(size_t));
> array = (size_t*)realloc(array, 2 * sizeof(size_t));
> array = (size_t*)realloc(array, 3 * sizeof(size_t));
> realloc(array, 4 * sizeof(size_t));
> }
> There is a bug in the free list manager in Realloc, specifically when growing
> a buffer into the next free entry. I was convinced I had a bug in a fairly
> large codebase, and whittled it down to this reproduction. I’m now playing
> with a couple of fixes, but need to figure out how to get a ‘blessed’ fix
> into lib-avr.
Lou's posting prompted me to use this code to check my doubly liked memory pool
implementation of malloc/free/realloc, and while all was ok, the test showed my
realloc was non-standard in that it did not call malloc for a null pointer, or
call free for a zero size. For those interested I have updated both the web
page and the zip file containing an avr-gcc implementation at
http://www.jennaron.com.au/avr/DoublyLinkedMemory.html.
Interestingly, with 4.3.2 this code uses 800 words whereas the builtin version
uses 940.
Ron
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- RE: [avr-libc-dev] [bug #25723] Realloc corrupts free list when growing into the next free item,
Ron Kreymborg <=