diff options
| author | Jason Evans <jasone@canonware.com> | 2012-05-11 03:59:39 (GMT) |
|---|---|---|
| committer | Jason Evans <jasone@canonware.com> | 2012-05-11 04:49:43 (GMT) |
| commit | d8ceef6c5558fdab8f9448376ae065a9e5ffcbdd (patch) | |
| tree | e00e21b3cd41a4f7e3078a2c9b4c3e29183f363b /ChangeLog | |
| parent | 30fe12b866edbc2cf9aaef299063b392ea125aac (diff) | |
| download | jemalloc-d8ceef6c5558fdab8f9448376ae065a9e5ffcbdd.zip jemalloc-d8ceef6c5558fdab8f9448376ae065a9e5ffcbdd.tar.gz jemalloc-d8ceef6c5558fdab8f9448376ae065a9e5ffcbdd.tar.bz2 | |
Fix large calloc() zeroing bugs.
Refactor code such that arena_mapbits_{large,small}_set() always
preserves the unzeroed flag, and manually manipulate the unzeroed flag
in the one case where it actually gets reset (in arena_chunk_purge()).
This fixes unzeroed preservation bugs in arena_run_split() and
arena_ralloc_large_grow(). These bugs caused large calloc() to return
non-zeroed memory under some circumstances.
Diffstat (limited to 'ChangeLog')
| -rw-r--r-- | ChangeLog | 1 |
1 files changed, 1 insertions, 0 deletions
@@ -71,6 +71,7 @@ found in the git revision history: write-after-free memory corruption. - Fix a potential deadlock that could occur during interval- and growth-triggered heap profile dumps. + - Fix large calloc() zeroing bugs due to dropping chunk map unzeroed flags. - Fix chunk_alloc_dss() to stop claiming memory is zeroed. This bug could cause memory corruption and crashes with --enable-dss specified. - Fix fork-related bugs that could cause deadlock in children between fork |