Fix xallocx(..., MALLOCX_ZERO) bugs.

Zero all trailing bytes of large allocations when --enable-cache-oblivious configure option is enabled. This regression was introduced by 8a03cf039cd06f9fa6972711195055d865673966 (Implement cache index randomization for large allocations.). Zero trailing bytes of huge allocations when resizing from/to a size class that is not a multiple of the chunk size.
author: Jason Evans <jasone@canonware.com> 2015-09-24 16:38:45 -0700
committer: Jason Evans <jasone@canonware.com> 2015-09-24 16:38:45 -0700
commit: d260f442ce693de4351229027b37b3293fcbfd7d (patch)
tree: a9cebdbc2ed9012a116a38a71d7027fa4c1fa2a4 /src/arena.c
parent: fb64ec29ec05fbcba09898a3c93211966a6fa985 (diff)
download: jemalloc-d260f442ce693de4351229027b37b3293fcbfd7d.tar.gz
1 files changed, 10 insertions, 0 deletions
diff --git a/src/arena.c b/src/arena.c
index 7f4a6ca..3081519 100644
--- a/src/arena.c
+++ b/src/arena.c
@@ -2679,6 +2679,16 @@ arena_ralloc_large_grow(arena_t *arena, arena_chunk_t *chunk, void *ptr,
 		if (arena_run_split_large(arena, run, splitsize, zero))
 			goto label_fail;
 
+		if (config_cache_oblivious && zero) {
+			/*
+			 * Zero the trailing bytes of the original allocation's
+			 * last page, since they are in an indeterminate state.
+			 */
+			assert(PAGE_CEILING(oldsize) == oldsize);
+			memset((void *)((uintptr_t)ptr + oldsize), 0,
+			    PAGE_CEILING((uintptr_t)ptr) - (uintptr_t)ptr);
+		}
+
 		size = oldsize + splitsize;
 		npages = (size + large_pad) >> LG_PAGE;
author	Jason Evans <jasone@canonware.com>	2015-09-24 16:38:45 -0700
committer	Jason Evans <jasone@canonware.com>	2015-09-24 16:38:45 -0700
commit	d260f442ce693de4351229027b37b3293fcbfd7d (patch)
tree	a9cebdbc2ed9012a116a38a71d7027fa4c1fa2a4 /src/arena.c
parent	fb64ec29ec05fbcba09898a3c93211966a6fa985 (diff)
download	jemalloc-d260f442ce693de4351229027b37b3293fcbfd7d.tar.gz