These are appearing in the wild - tcmalloc seems to provide them. I have tried to build tcmalloc. But it requires bazel. So far all I've managed to get out of bazel is java exceptions.
These functions are now in the latest jemalloc. I don't know when FreeBSD will switch to using that.
Created attachment 165885 [details] Makefile for testcase Adapt paths as necessary
Created attachment 165886 [details] Small testcase
To test git clone https://github.com/jemalloc/jemalloc.git cd jemalloc ./autogen.sh ./configure I didn't bother installing jemalloc, I just used it in place. Without any changes I get ==32192== Conditional jump or move depends on uninitialised value(s) ==32192== at 0x487B5DB: free_fastpath (jemalloc_internal_inlines_c.h:516) ==32192== by 0x487B5DB: je_sdallocx_noflags (jemalloc_internal_inlines_c.h:578) ==32192== by 0x487B5DB: free_sized (jemalloc.c:3022) ==32192== by 0x201899: main (c23_free.c:24) ==32192== ==32192== Use of uninitialised value of size 8 ==32192== at 0x487B5FC: sz_size2index_lookup_impl (sz.h:192) ==32192== by 0x487B5FC: sz_size2index_lookup (sz.h:198) ==32192== by 0x487B5FC: free_fastpath (jemalloc_internal_inlines_c.h:521) ==32192== by 0x487B5FC: je_sdallocx_noflags (jemalloc_internal_inlines_c.h:578) ==32192== by 0x487B5FC: free_sized (jemalloc.c:3022) ==32192== by 0x201899: main (c23_free.c:24) ==32192== ==32192== Conditional jump or move depends on uninitialised value(s) ==32192== at 0x48804B3: sz_sa2u (sz.h:320) ==32192== by 0x48804B3: aligned_usize_get (jemalloc.c:2346) ==32192== by 0x48804B3: inallocx (jemalloc.c:3826) ==32192== by 0x48804B3: je_sdallocx_default (jemalloc.c:3838) ==32192== by 0x201903: main (c23_free.c:36) ==32192== ==32192== Conditional jump or move depends on uninitialised value(s) ==32192== at 0x48804D0: sz_s2u (sz.h:303) ==32192== by 0x48804D0: sz_sa2u (sz.h:335) ==32192== by 0x48804D0: aligned_usize_get (jemalloc.c:2346) ==32192== by 0x48804D0: inallocx (jemalloc.c:3826) ==32192== by 0x48804D0: je_sdallocx_default (jemalloc.c:3838) ==32192== by 0x201903: main (c23_free.c:36) ==32192== ==32192== Use of uninitialised value of size 8 ==32192== at 0x48804E5: sz_size2index_lookup_impl (sz.h:192) ==32192== by 0x48804E5: sz_size2index_lookup (sz.h:198) ==32192== by 0x48804E5: sz_s2u_lookup (sz.h:291) ==32192== by 0x48804E5: sz_s2u (sz.h:304) ==32192== by 0x48804E5: sz_sa2u (sz.h:335) ==32192== by 0x48804E5: aligned_usize_get (jemalloc.c:2346) ==32192== by 0x48804E5: inallocx (jemalloc.c:3826) ==32192== by 0x48804E5: je_sdallocx_default (jemalloc.c:3838) ==32192== by 0x201903: main (c23_free.c:36) ==32192== ==32192== Conditional jump or move depends on uninitialised value(s) ==32192== at 0x487B66B: free_aligned_sized (jemalloc.c:3029) ==32192== by 0x201926: main (c23_free.c:40) ==32192== ==32192== Conditional jump or move depends on uninitialised value(s) ==32192== at 0x487B66F: free_aligned_sized (jemalloc.c:3029) ==32192== by 0x201926: main (c23_free.c:40) ==32192== ==32192== Conditional jump or move depends on uninitialised value(s) ==32192== at 0x487B677: je_sdallocx_impl (jemalloc_internal_inlines_c.h:585) ==32192== by 0x487B677: sdallocx (jemalloc.c:3862) ==32192== by 0x487B677: free_aligned_sized (jemalloc.c:3029) ==32192== by 0x201926: main (c23_free.c:40) ==32192== ==32192== Conditional jump or move depends on uninitialised value(s) ==32192== at 0x488049E: aligned_usize_get (jemalloc.c:2331) ==32192== by 0x488049E: inallocx (jemalloc.c:3826) ==32192== by 0x488049E: je_sdallocx_default (jemalloc.c:3838) ==32192== by 0x201926: main (c23_free.c:40) ==32192== ==32192== Conditional jump or move depends on uninitialised value(s) ==32192== at 0x48804B3: sz_sa2u (sz.h:320) ==32192== by 0x48804B3: aligned_usize_get (jemalloc.c:2346) ==32192== by 0x48804B3: inallocx (jemalloc.c:3826) ==32192== by 0x48804B3: je_sdallocx_default (jemalloc.c:3838) ==32192== by 0x201926: main (c23_free.c:40) ==32192== ==32192== Conditional jump or move depends on uninitialised value(s) ==32192== at 0x48804D0: sz_s2u (sz.h:303) ==32192== by 0x48804D0: sz_sa2u (sz.h:335) ==32192== by 0x48804D0: aligned_usize_get (jemalloc.c:2346) ==32192== by 0x48804D0: inallocx (jemalloc.c:3826) ==32192== by 0x48804D0: je_sdallocx_default (jemalloc.c:3838) ==32192== by 0x201926: main (c23_free.c:40) ==32192== ==32192== Use of uninitialised value of size 8 ==32192== at 0x48804E5: sz_size2index_lookup_impl (sz.h:192) ==32192== by 0x48804E5: sz_size2index_lookup (sz.h:198) ==32192== by 0x48804E5: sz_s2u_lookup (sz.h:291) ==32192== by 0x48804E5: sz_s2u (sz.h:304) ==32192== by 0x48804E5: sz_sa2u (sz.h:335) ==32192== by 0x48804E5: aligned_usize_get (jemalloc.c:2346) ==32192== by 0x48804E5: inallocx (jemalloc.c:3826) ==32192== by 0x48804E5: je_sdallocx_default (jemalloc.c:3838) ==32192== by 0x201926: main (c23_free.c:40) ==32192== ==32192== Conditional jump or move depends on uninitialised value(s) ==32192== at 0x488069C: mallocx_tcache_get (jemalloc.c:3235) ==32192== by 0x488069C: je_sdallocx_default (jemalloc.c:3841) ==32192== by 0x201926: main (c23_free.c:40) ==32192== ==32192== ==32192== HEAP SUMMARY: ==32192== in use at exit: 14,044 bytes in 16 blocks ==32192== total heap usage: 16 allocs, 0 frees, 14,044 bytes allocated That's lots of errors in libjemalloc because the functions aren't being redirected. Everything leaks as well. Funnily no crash. With the changes I'm going to make ==34877== Mismatched aligned_alloc/free_sized size value: 1024 ==34877== at 0x484F433: free_sized (vg_replace_malloc.c:1037) ==34877== by 0x201856: main (c23_free.c:16) ==34877== Address 0x58a7890 is 0 bytes inside a block of size 1,000 alloc'd ==34877== at 0x484D294: malloc (vg_replace_malloc.c:450) ==34877== by 0x201844: main (c23_free.c:14) ==34877== ==34877== Conditional jump or move depends on uninitialised value(s) ==34877== at 0x484F3E8: free_sized (vg_replace_malloc.c:1037) ==34877== by 0x201899: main (c23_free.c:24) ==34877== ==34877== Invalid alignment value: 1000 (should be a power of 2) ==34877== at 0x484F691: free_aligned_sized (vg_replace_malloc.c:1078) ==34877== by 0x2018B8: main (c23_free.c:28) ==34877== ==34877== Mismatched aligned_alloc/free_aligned_sized alignment alloc value: 0 dealloc value: 1000 ==34877== at 0x484F691: free_aligned_sized (vg_replace_malloc.c:1078) ==34877== by 0x2018B8: main (c23_free.c:28) ==34877== Address 0x58a8240 is 0 bytes inside a block of size 1,000 alloc'd ==34877== at 0x484D294: malloc (vg_replace_malloc.c:450) ==34877== by 0x2018A3: main (c23_free.c:26) ==34877== ==34877== Mismatched aligned_alloc/free_aligned_sized alignment alloc value: 256 dealloc value: 128 ==34877== at 0x484F691: free_aligned_sized (vg_replace_malloc.c:1078) ==34877== by 0x2018DE: main (c23_free.c:32) ==34877== Address 0x58a8700 is 0 bytes inside a block of size 4,096 alloc'd ==34877== at 0x48535B2: aligned_alloc (vg_replace_malloc.c:2380) ==34877== by 0x2018C7: main (c23_free.c:30) ==34877== ==34877== Conditional jump or move depends on uninitialised value(s) ==34877== at 0x484F642: free_aligned_sized (vg_replace_malloc.c:1078) ==34877== by 0x201903: main (c23_free.c:36) ==34877== ==34877== Conditional jump or move depends on uninitialised value(s) ==34877== at 0x484F639: free_aligned_sized (vg_replace_malloc.c:1078) ==34877== by 0x201926: main (c23_free.c:40) ==34877== ==34877== ==34877== HEAP SUMMARY: ==34877== in use at exit: 1,828 bytes in 7 blocks ==34877== total heap usage: 16 allocs, 9 frees, 14,044 bytes allocated (the other 7 frees are suppressed and in libthr)
commit 9903f2fe0b82b49467157adb6ac087bf49c1dead (HEAD -> master, origin/users/paulf/try-bug466762, origin/master, origin/HEAD, bug466762) Author: Paul Floyd <pjfloyd@wanadoo.fr> Date: Sat Feb 17 11:56:32 2024 +0100 Bug 466762 - Add redirs for C23 free_sized() and free_aligned_sized() No testcase for the moment - I still need to link with a non-system to be able to test