Mail Archives: djgpp-workers/1998/07/30/13:08:14
As we are here, I found another bug (and I thougt
that such basic functions are bugfree).
When a block is malloc'ed, the size of the block is
remembered in BLOCK struct and when returning from
the malloc() function the size member is or'ed with 1.
==>> we must do the reverse!! when using this size
member in the realloc() function. In the patch below
I do the calculation only once and use then the
copysize variable, since it is not changed.
--- src/libc/ansi/stdlib/malloc.c~ Tue Jul 28 20:42:38 1998
+++ src/libc/ansi/stdlib/malloc.c Thu Jul 30 18:53:42 1998
@@ -335,12 +335,12 @@
return malloc(size);
b = (BLOCK *)((char *)ptr-4);
- copysize = b->size;
- if (size <= b->size)
+ copysize = b->size & ~1;
+ if (size <= copysize)
{
#if 0
- if (b->size < 2*MIN_SAVE_EXTRA
- || (size >= b->size-512 && size >= b->size/2))
+ if (copysize < 2*MIN_SAVE_EXTRA
+ || (size >= copysize-512 && size >= copysize/2))
#endif
return ptr;
copysize = size;
@@ -349,7 +349,7 @@
newptr = (char *)malloc(size);
#if DEBUG
printf("realloc %d %d/%08x %08x->%08, %d\n",
- size, b->size, b, ptr, newptr, copysize);
+ size, b->size & ~1, b, ptr, newptr, copysize);
#endif
memcpy(newptr, ptr, copysize);
free(ptr);
- Raw text -