From: Julian Seward Date: Sun, 4 Dec 2005 23:27:14 +0000 (+0000) Subject: Defensive hacks to detect cases where V corrupts its own heap and/or X-Git-Tag: svn/VALGRIND_3_2_0~541 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=07f008c0f2bc54be917d5a1ca5779f88bfad976f;p=thirdparty%2Fvalgrind.git Defensive hacks to detect cases where V corrupts its own heap and/or uses memory after freeing. Check the redzones for all non-client frees, and fill all non-client freed areas with garbage. Unroll VG_(memset) as a precautionary measure against performance lossage. git-svn-id: svn://svn.valgrind.org/valgrind/trunk@5283 --- diff --git a/coregrind/m_libcbase.c b/coregrind/m_libcbase.c index b420b68713..4a53095227 100644 --- a/coregrind/m_libcbase.c +++ b/coregrind/m_libcbase.c @@ -372,10 +372,19 @@ void* VG_(memcpy) ( void *dest, const void *src, SizeT sz ) void* VG_(memset) ( void *dest, Int c, SizeT sz ) { Char *d = (Char *)dest; - - while (sz--) - *d++ = c; - + while (sz >= 4) { + d[0] = c; + d[1] = c; + d[2] = c; + d[3] = c; + d += 4; + sz -= 4; + } + while (sz > 0) { + d[0] = c; + d++; + sz--; + } return dest; } diff --git a/coregrind/m_mallocfree.c b/coregrind/m_mallocfree.c index a5916ae4c6..d975f0879d 100644 --- a/coregrind/m_mallocfree.c +++ b/coregrind/m_mallocfree.c @@ -1058,9 +1058,10 @@ void VG_(arena_free) ( ArenaId aid, void* ptr ) b = get_payload_block(a, ptr); -# ifdef DEBUG_MALLOC - vg_assert(blockSane(a, b)); -# endif + /* If this is one of V's areas, check carefully the block we're + getting back. This picks up simple block-end overruns. */ + if (aid != VG_AR_CLIENT) + vg_assert(blockSane(a, b)); b_bszB = get_bszB(b); b_pszB = bszB_to_pszB(a, b_bszB); @@ -1070,6 +1071,15 @@ void VG_(arena_free) ( ArenaId aid, void* ptr ) a->bytes_on_loan -= b_pszB; + /* If this is one of V's areas, fill it up with junk to enhance the + chances of catching any later reads of it. Note, 0xDD is + carefully chosen junk :-), in that: (1) 0xDDDDDDDD is an invalid + and non-word-aligned address on most systems, and (2) 0xDD is a + value which is unlikely to be generated by the new compressed + Vbits representation for memcheck. */ + if (aid != VG_AR_CLIENT) + VG_(memset)(ptr, 0xDD, (SizeT)b_pszB); + // Put this chunk back on a list somewhere. b_listno = pszB_to_listNo(b_pszB); mkFreeBlock( a, b, b_bszB, b_listno );