malloc: Avoid premature fallback to mmap [BZ #20284]

Before this change, the while loop in reused_arena which avoids
returning a corrupt arena would never execute its body if the selected
arena were not corrupt.  As a result, result == begin after the loop,
and the function returns NULL, triggering fallback to mmap.

diff --git a/ChangeLog b/ChangeLog
index 437fb6d..e418cc0 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@
+2016-06-21  Florian Weimer  <fweimer@redhat.com>
+
+       [BZ #20284]
+       * malloc/arena.c (reused_arena): Do not return NULL if we start
+       out with a non-corrupted arena.
+
 2016-06-21 Adhemerval Zanella  <adhemerval.zanella@linaro.org>
 
        * misc/Makefile (tests): Add tst-preadvwritev and tst-preadvwritev64.

diff --git a/malloc/arena.c b/malloc/arena.c
index ed5a4d5..229783f 100644 (file)
--- a/malloc/arena.c
+++ b/malloc/arena.c
@@ -771,14 +771,12 @@ reused_arena (mstate avoid_arena)
     {
       result = result->next;
       if (result == begin)
-       break;
+       /* We looped around the arena list.  We could not find any
+          arena that was either not corrupted or not the one we
+          wanted to avoid.  */
+       return NULL;
     }
 
-  /* We could not find any arena that was either not corrupted or not the one
-     we wanted to avoid.  */
-  if (result == begin || result == avoid_arena)
-    return NULL;
-
   /* No arena available without contention.  Wait for the next in line.  */
   LIBC_PROBE (memory_arena_reuse_wait, 3, &result->mutex, result, avoid_arena);
   (void) mutex_lock (&result->mutex);