summaryrefslogtreecommitdiff
path: root/src/lib/libc/stdlib/malloc.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* environ and __progname are not declared in a public header; declare themguenther2016-03-131-3/+1
| | | | | | in libc's hidden/stdlib.h instead of in each .c file that needs one ok deraadt@ gsoares@ mpi@
* refactor option letter parsing into a subfunction, to increase clarityderaadt2016-02-251-93/+102
| | | | | about which options are turned on/off by 's' and 'S' ok tedu
* Don't crash dumping malloc stats if malloc_init hasn't been called, noted byotto2016-01-261-1/+3
| | | | David CARLIER
* Long ago, malloc internally had two kinds of failures, warnings and errors.tedu2016-01-061-8/+4
| | | | | | | | The 'A' option elevated warnings to errors, and has been the default for some time. Then warnings were effectively eliminated in favor of everything being an error, but then the 'a' flag turned real errors into warnings! Remove the 'a' option entirely. You shouldn't have used it anyway. ok tb tdeval
* another case where bad things would happen after wrterrortedu2015-12-301-2/+4
|
* if somebody makes the mistake of disabling abort, don't deref null intedu2015-12-301-2/+4
| | | | validate_junk. from Michal Mazurek
* Integrate two patches originally from Daniel Micay.tedu2015-12-091-8/+76
| | | | | | | | | | | | 1. Optionally add random "canaries" to the end of an allocation. This requires increasing the internal size of the allocation slightly, which probably results in a large effective increase with current power of two sizing. Therefore, this option is only enabled via 'C'. 2. When writing junk (0xdf) to freed chunks (current default behavior), check that the junk is still intact when finally freeing the delayed chunk to catch some potential use after free. This should be pretty cheap so there's no option to control it separately. ok deraadt tb
* For now, permit overriding of the malloc family, to make emacs happyguenther2015-09-131-6/+6
|
* Wrap <stdlib.h> so that calls go direct and the symbols not in theguenther2015-09-131-1/+8
| | | | | | C standard are all weak. Apply __{BEGIN,END}_HIDDEN_DECLS to gdtoa{,imp}.h, hiding the arch-specific __strtorx, __ULtox_D2A, __strtorQ, __ULtoQ_D2A symbols.
* improve realloc. when expanding a region, actually use the free page cachetedu2015-04-061-7/+16
| | | | | instead of simply zapping it. this can save many syscalls in a program that repeatedly grows and shrinks a buffer, as observed in the wild.
* Move to the <limits.h> universe.deraadt2015-01-161-2/+2
| | | | review by millert, binary checking process with doug, concept with guenther
* rename kern enter/exit macros to malloc enter/leave to better reflecttedu2015-01-051-7/+7
| | | | what's going on.
* a small tweak to improve malloc in multithreaded programs. we don't needtedu2014-08-181-7/+21
| | | | | | | to hold the malloc lock across mmap syscalls in all cases. dropping it allows another thread to access the existing chunk cache if necessary. could be improved to be a bit more aggressive, but i've been testing this simple diff for some time now with good results.
* reduce obvious dependency on global g_pool by moving to local aliasestedu2014-07-091-42/+48
| | | | ok otto
* extra evil spaces snuck in over the last whilederaadt2014-06-271-20/+20
|
* Move to a smaller rbytes buffer and skip a random part. Not tootto2014-06-271-3/+4
| | | | | | improve the random stream itself (it doesn't), but to introduce noise in the arc4random calling pattern. Thanks to matthew@ who pointed out bias in a previous diff, ok deraadt@ matthew@
* move random bytes buffer to be part of mmaped pages; ok tedu@otto2014-06-021-21/+18
|
* move all stats collecting under MALLOC_STATS; ok krw@otto2014-05-261-28/+33
|
* fix MALLOC_STATS (not compiled in by default); ok tedu@otto2014-05-211-18/+19
|
* factor out a bit of the chunk index code and use it to make sure that atedu2014-05-181-14/+33
| | | | | freed chunk is actually freeable immediately. catch more errors. hints/ok otto
* change to having four freelists per size, to reduce another source oftedu2014-05-121-16/+20
| | | | | deterministic behavior. four selected because it's more than three, less than five. i.e., no particular reason.
* fix MALLOC_STATS code that was broken in rev 1.159, not compiled in by defaultotto2014-05-101-2/+2
|
* move reallocarray() to a seperate file so that -portable applicationsderaadt2014-05-081-12/+1
| | | | | can avoid reinventing the wheel ok guenther schwarze
* comment style fixhalex2014-05-071-2/+3
| | | | ok crickets@
* nibbles aren't enough random, use bytes. does a better job of pickingtedu2014-05-011-14/+14
| | | | | a free chunk at random and may allow to increase delayed chunk array. ok otto
* remove Z option and default to something halfway to J.tedu2014-04-231-32/+22
| | | | | | | we always junk small chunks now, and the first part of pages, but only after free. J still does the old thing. j disables everything. Consider experimental as we evaluate performance in the real world. ok otto
* explain a bit more what's going on for stupid me.espie2014-04-231-1/+4
| | | | okay otto@
* Better, cleaner hash function that computes the same on be and le archs.otto2014-04-231-10/+8
| | | | Should improve sparc64 and other be archs. ok matthew@ miod@
* change mallocarray to reallocarray. useful in a few more situations.tedu2014-04-221-3/+3
| | | | | malloc can, as always, be emulated via realloc(NULL). ok deraadt
* Introducing: void *mallocarray(size_t nmemb, size_t size);deraadt2014-04-211-1/+12
| | | | | Like calloc(), except without the cleared-memory gaurantee ok beck guenther, discussed for more than a year...
* print pid in error messages; ok reyk@otto2014-04-141-14/+18
|
* Update Copyright notice; ok otto@ beck@ deraadt@.schwarze2014-04-031-2/+4
| | | | | This is merely a by-product of figuring out the amount of phk@ code contained herein; i'm not planning to hack on this file.
* Poul-Henning Kamp informed me he is allright with this licensing change.beck2014-03-251-11/+4
|
* avoid arithetic on void *deraadt2013-11-121-4/+4
| | | | ok guenther otto
* Fix bug in random offset introduced in rev 1.143; random range wasotto2012-12-221-3/+3
| | | | expanded, but not enough due to precedence error. Spotted by Thorsten Glaser.
* Add a new malloc option 'U' => "Free unmap" that does the guarding/djm2012-11-021-15/+24
| | | | | | | | | | | | unmapping of freed allocations without disabling chunk randomisation like the "Freeguard" ('F') option does. Make security 'S' option use 'U' and not 'F'. Rationale: guarding with no chunk randomisation is great for debugging use-after-free, but chunk randomisation offers better defence against "heap feng shui" style attacks that depend on carefully constructing a particular heap layout so we should leave this enabled when requesting security options.
* Fix precedence bug (& has lower precedence than !=).pirofti2012-09-131-2/+2
| | | | | | Okay otto@. Found by Michal Mazurek <akfaew at jasminek dot net>, thanks!
* use PAGE_SHIFT instead of PGSHIFT, in preperation for futurederaadt2012-07-091-2/+2
| | | | | param.h symbol reduction. ok guenther
* after a talk with ariane, use MAP_FIXED for mquery to avoid the cost oftedu2012-06-261-2/+2
| | | | | | scanning for free space if the hint isn't available. also, on further inspection, this will prevent pmap_prefer from "improving" our hint.
* two changes which should improve realloc. first, fix zapcacheregion totedu2012-06-221-10/+19
| | | | | | clear out the entire requested area, not just a perfect fit. second, use mquery to check for room to avoid getting an address we don't like and having to send it back.
* two small fixes to free page cache. first, we need two nibbles of randomtedu2012-06-201-4/+4
| | | | | | in order to span the the entire cache. second, on free use the same offset to put things in the cache instead of always starting at zero. ok otto
* Support larger-than-page-alignment requests in posix_memalign() bymatthew2012-06-181-19/+128
| | | | | | overallocating and then releasing unneeded memory pages. ok otto
* - Test for the retrieved page address not being NULL. This turns free((void*)1)otto2012-02-291-2/+7
| | | | | | into an bogus pointer error instead of a segfault. - Document that we use the assumption that a non-MAP_FIXED mmap() with hint 0 never returns NULL.
* Make struct chunk_info a variable sized struct, wasting lessotto2011-10-061-28/+55
| | | | | space for meta data by only allocating space actually needed for the bitmap (modulo alignment requirements). ok deraadt@
* on malloc flag S, set cache size to 0; will catch even moreotto2011-07-121-2/+6
| | | | use-after-free bugs; ok krw@ dlg@ pirofti@
* as man page states, lower case undoes upper case. add support for little s,tedu2011-06-201-1/+5
| | | | | no security, for consistency. use of this option is discouraged. :) ok deraadt guenther millert
* save errno dance in wrterror() and malloc_dump(); prompted by and ok deraadt@otto2011-05-201-2/+6
|
* introduce symbolic constant for initial number of regionsotto2011-05-181-2/+3
|
* zap regions_bits and rework MALLOC_MAXSHIFT a bit; ok djm@otto2011-05-181-14/+8
|
* Avoid fp computations for stats, this make calling malloc_dump() safe in moreotto2011-05-121-10/+7
| | | | cases.
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-26 19:25:16 +0000