Bug Summary

File:malloc/memalign.c
Location:line 37, column 9
Description:Assigned value is garbage or undefined

Annotated Source Code

1#include <stdlib.h>
2#include <stdint.h>
3#include <errno(*__errno_location()).h>
4#include "libc.h"
5
6/* This function should work with most dlmalloc-like chunk bookkeeping
7 * systems, but it's only guaranteed to work with the native implementation
8 * used in this library. */
9
10void *__memalign(size_t align, size_t len)
11{
12 unsigned char *mem, *new, *end;
13 size_t header, footer;
14
15 if ((align & -align) != align) {
1
Taking false branch
16 errno(*__errno_location()) = EINVAL22;
17 return NULL((void*)0);
18 }
19
20 if (len > SIZE_MAX(0xffffffffffffffffu) - align) {
2
Taking false branch
21 errno(*__errno_location()) = ENOMEM12;
22 return NULL((void*)0);
23 }
24
25 if (align <= 4*sizeof(size_t)) {
3
Taking false branch
26 if (!(mem = malloc(len)))
27 return NULL((void*)0);
28 return mem;
29 }
30
31 if (!(mem = malloc(len + align-1)))
4
Assuming 'mem' is not null
5
Taking false branch
32 return NULL((void*)0);
33
34 new = (void *)((uintptr_t)mem + align-1 & -align);
35 if (new == mem) return mem;
6
Taking false branch
36
37 header = ((size_t *)mem)[-1];
7
Assigned value is garbage or undefined
38
39 if (!(header & 7)) {
40 ((size_t *)new)[-2] = ((size_t *)mem)[-2] + (new-mem);
41 ((size_t *)new)[-1] = ((size_t *)mem)[-1] - (new-mem);
42 return new;
43 }
44
45 end = mem + (header & -8);
46 footer = ((size_t *)end)[-2];
47
48 ((size_t *)mem)[-1] = header&7 | new-mem;
49 ((size_t *)new)[-2] = footer&7 | new-mem;
50 ((size_t *)new)[-1] = header&7 | end-new;
51 ((size_t *)end)[-2] = footer&7 | end-new;
52
53 free(mem);
54 return new;
55}
56
57weak_alias(__memalign, memalign)extern __typeof(__memalign) memalign __attribute__((weak, alias
("__memalign")));