Ensure typed objects descriptor is never located in the first word

Free objects are linked in the collector through the first word in the
object.  This commit prevents placing type descriptor to the first
word of the allocated object by ensuring that the size of typed objects
(requested by a client) is non-zero.

* typd_mlc.c (GC_malloc_explicitly_typed,
GC_malloc_explicitly_typed_ignore_off_page): If lb is zero, then assume
lb is 1 (byte).
* typd_mlc.c (GC_calloc_explicitly_typed): If lb or n is zero, then
assume that lb*n is 1.

1 files changed, 4 insertions, 1 deletions

diff --git a/typd_mlc.c b/typd_mlc.c
index ea40f08c..59643b72 100644
--- a/typd_mlc.c
+++ b/typd_mlc.c
@@ -283,6 +283,7 @@ GC_API GC_ATTR_MALLOC void * GC_CALL GC_malloc_explicitly_typed(size_t lb,
     size_t nwords;
 
     GC_ASSERT(GC_explicit_typing_initialized);
+    if (EXPECT(0 == lb, FALSE)) lb = 1; /* ensure nwords > 1 */
     lb = SIZET_SAT_ADD(lb, TYPD_EXTRA_BYTES);
     op = GC_malloc_kind(lb, GC_explicit_kind);
     if (EXPECT(NULL == op, FALSE))
@@ -309,6 +310,7 @@ GC_API GC_ATTR_MALLOC void * GC_CALL
     DCL_LOCK_STATE;
 
     GC_ASSERT(GC_explicit_typing_initialized);
+    if (EXPECT(0 == lb, FALSE)) lb = 1;
     lb = SIZET_SAT_ADD(lb, TYPD_EXTRA_BYTES);
     if (SMALL_OBJ(lb)) {
         void **opp;
@@ -501,8 +503,9 @@ GC_API GC_ATTR_MALLOC void * GC_CALL GC_calloc_explicitly_typed(size_t n,
 
     GC_STATIC_ASSERT(sizeof(struct LeafDescriptor) % sizeof(word) == 0);
     GC_ASSERT(GC_explicit_typing_initialized);
+    if (EXPECT(0 == lb || 0 == n, FALSE)) lb = n = 1;
     if (EXPECT((lb | n) > GC_SQRT_SIZE_MAX, FALSE) /* fast initial check */
-        && lb > 0 && n > GC_SIZE_MAX / lb)
+        && n > GC_SIZE_MAX / lb)
       return (*GC_get_oom_fn())(GC_SIZE_MAX); /* n*lb overflow */
 
     descr_type = GC_make_array_descriptor((word)n, (word)lb, d,