diff --git a/0007-Fix-segfault-in-extent_try_coalesce_impl.patch b/0007-Fix-segfault-in-extent_try_coalesce_impl.patch new file mode 100644 index 0000000000000000000000000000000000000000..32ca9c212070f38063d50fdf6f630243799abe0c --- /dev/null +++ b/0007-Fix-segfault-in-extent_try_coalesce_impl.patch @@ -0,0 +1,35 @@ +From a1552bf58619d415c40730780624fb18623d2617 Mon Sep 17 00:00:00 2001 +From: Piggy +Date: Wed, 30 Jul 2025 19:10:07 +0800 +Subject: [PATCH] Fix segfault in extent_try_coalesce_impl + +--- + src/extent.c | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/src/extent.c b/src/extent.c +index cf3d1f3..627d1d3 100644 +--- a/src/extent.c ++++ b/src/extent.c +@@ -820,6 +820,7 @@ static edata_t * + extent_try_coalesce_impl(tsdn_t *tsdn, pac_t *pac, ehooks_t *ehooks, + ecache_t *ecache, edata_t *edata, bool *coalesced) { + assert(!edata_guarded_get(edata)); ++ assert(coalesced != NULL); + /* + * We avoid checking / locking inactive neighbors for large size + * classes, since they are eagerly coalesced on deallocation which can +@@ -926,8 +927,9 @@ extent_record(tsdn_t *tsdn, pac_t *pac, ehooks_t *ehooks, ecache_t *ecache, + goto label_skip_coalesce; + } + if (!ecache->delay_coalesce) { ++ bool coalesced_unused; + edata = extent_try_coalesce(tsdn, pac, ehooks, ecache, edata, +- NULL); ++ &coalesced_unused); + } else if (edata_size_get(edata) >= SC_LARGE_MINCLASS) { + assert(ecache == &pac->ecache_dirty); + /* Always coalesce large extents eagerly. */ +-- +2.36.1.windows.1 + diff --git a/jemalloc.spec b/jemalloc.spec index 56e4a33da8d23ec6a81f12c3020c58a61465164b..06950f3fa6749f06dc7988a813a77457822f30f6 100644 --- a/jemalloc.spec +++ b/jemalloc.spec @@ -12,7 +12,7 @@ Name: jemalloc Version: 5.3.0 -Release: 5 +Release: 6 Summary: General-purpose scalable concurrent malloc implementation License: BSD-2-Clause URL: http://www.canonware.com/jemalloc/ @@ -24,6 +24,7 @@ Patch0003: 0003-Fix-possible-NULL-pointer-dereference-from-mallctl.patch Patch0004: 0004-Fix-possible-NULL-pointer-dereference-in-VERIFY_READ.patch Patch0005: 0005-Fix-purging-during-arena-migration-when-bgthd-on.patch Patch0006: 0006-Fix-bitmap_ffu-out-of-range-read.patch +Patch0007: 0007-Fix-segfault-in-extent_try_coalesce_impl.patch BuildRequires: perl-generators gcc /usr/bin/xsltproc @@ -86,6 +87,9 @@ make check %{_mandir}/man3/jemalloc.3* %changelog +* Mon Aug 04 2025 Piggy - 5.3.0-6 +- Fix segfault in extent_try_coalesce_impl + * Sun Aug 03 2025 Piggy - 5.3.0-5 - Fix bitmap_ffu out of range read