PR# 14663 Malloc_free_list can allocate memory unnecessarily on 64-bit platform
Problem Report Summary
Submitter: prestoat2000
Category: Runtime
Priority: Medium
Date: 2008/07/24
Class: Bug
Severity: Serious
Number: 14663
Release: 6.3.74123
Confidential: No
Status: Open
Responsible:
Environment: Mozilla/5.0 (X11; U; SunOS sun4u; en-US; rv:1.8.1.13) Gecko/20080328 Firefox/2.0.0.13
Solaris 10 on SPARC
Synopsis: Malloc_free_list can allocate memory unnecessarily on 64-bit platform
Description
Based on code inspection only, it appears that routine `malloc_free_list' (in malloc.c) can call `allocate_from_core' when it does not need to on a 64-bit platform. The problem is that `estimate_free_space' is declared as an unsigned int, but it is assigned via estimated_free_space = (unsigned int) (rt_c_data.ml_total - rt_c_data.ml_used); Both `ml_total' and `ml_used' structure members have type rt_uint_ptr. So if the difference is bigger than 4 GB, the estimated free space will have a value much smaller than the amount of space that is actually free. This will cause the comparison (nbytes <= estimated_free_space) to be false, so the routine will call `allocate_from_core' rather than trying to do a full coalesce first. It looks like the fix is to simply change the type of `estimated_free_space' to rt_uint_ptr.
To Reproduce
Problem Report Interactions