[Gc] Allocation functions which don't return the true object base

Alec Orr Alec.Orr at wbemsolutions.com
Wed Jul 7 10:34:34 PDT 2004


Folks:

I encountered functions in a 3rd party module which allocates a memory 
block, but does not return the base address of the object allocated:

#define OFFSET 0x2

void* allocMem(size_t s) {
	void *p = GC_MALLOC(s);

	/* Return a pointer INSIDE the object if OFFSET > 0*/
	return &(p[OFFSET]); }

void freeMem(void* p) {

	/* Translate p to the true block's beginning */
	p = &(p[ -OFFSET]);
	GC_FREE(p);
}

int main(int argc, char** argv) {
	while (1) {
		void *p = allocMem(1024);
		...
		GC_invoke();
		freeMem(p);
	}	
}

I reproduced a problem where for some large offsets's, or many 
allocations with small offsets, the 6.2/6.3alpha GC will report 'Attempt 
to free invalid pointer' after full world stop allocation.  The GC 
relies on the base pointer being present in the stack scan and/or static 
roots, correct?

Thanks for any input,
Alec



More information about the Gc mailing list