fix 299756 (for symmetry, --free-fill must be ignored for MEMPOOL_FREE and FREELIKE client requests).

Test program from goodell@mcs.anl.gov



git-svn-id: svn://svn.valgrind.org/valgrind/trunk@12560

NEWS

@@ -99,7 +99,8 @@ n-i-bz  s390x: Shadow registers can now be examined using vgdb
 297992  Support systems missing WIFCONTINUED (e.g. pre-2.6.10 Linux) 
 297993  Fix compilation of valgrind with gcc -g3.
 298394  s390x: Don't bail out on an unknown machine model. Assume it's a new model.
-298943  massif asserts with --pages-as-heap=yes when brk is chaning by value different of page size
+298943  massif asserts with --pages-as-heap=yes when brk is changing by value different of page size
+299756  for symmetry, --free-fill must be ignored for MEMPOOL_FREE and FREELIKE client requests
 
 Release 3.7.0 (5 November 2011)
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

memcheck/docs/mc-manual.xml

@@ -855,7 +855,10 @@ criteria:</para>
       byte.  This can be useful when trying to shake out obscure
       memory corruption problems.  The allocated area is still
       regarded by Memcheck as undefined -- this option only affects its
-      contents.
+      contents. Note that <option>--malloc-fill</option> does not
+      affect a block of memory when it is used as argument
+      to client requests VALGRIND_MEMPOOL_ALLOC or
+      VALGRIND_MALLOCLIKE_BLOCK.
       </para>
     </listitem>
   </varlistentry>
@@ -871,7 +874,9 @@ criteria:</para>
       specified byte value.  This can be useful when trying to shake out
       obscure memory corruption problems.  The freed area is still
       regarded by Memcheck as not valid for access -- this option only
-      affects its contents.
+      affects its contents. Note that <option>--free-fill</option> does not
+      affect a block of memory when it is used as argument to
+      client requests VALGRIND_MEMPOOL_FREE or VALGRIND_FREELIKE_BLOCK.
       </para>
     </listitem>
   </varlistentry>

memcheck/mc_malloc_wrappers.c

@@ -344,7 +344,9 @@ void* MC_(calloc) ( ThreadId tid, SizeT nmemb, SizeT size1 )
 static
 void die_and_free_mem ( ThreadId tid, MC_Chunk* mc, SizeT rzB )
 {
-   if (MC_(clo_free_fill) != -1) {
+   /* Note: we do not free fill the custom allocs produced
+      by MEMPOOL or by MALLOC/FREELIKE_BLOCK requests. */
+   if (MC_(clo_free_fill) != -1 && MC_AllocCustom != mc->allockind ) {
       tl_assert(MC_(clo_free_fill) >= 0x00 && MC_(clo_free_fill) <= 0xFF);
       VG_(memset)((void*)mc->data, MC_(clo_free_fill), mc->szB);
    }

memcheck/tests/Makefile.am

@@ -70,6 +70,8 @@ EXTRA_DIST = \
 	calloc-overflow.stderr.exp calloc-overflow.vgtest\
 	clientperm.stderr.exp \
 	clientperm.stdout.exp clientperm.vgtest \
+	clireq_nofill.stderr.exp \
+	clireq_nofill.stdout.exp clireq_nofill.vgtest \
 	custom_alloc.stderr.exp custom_alloc.vgtest custom_alloc.stderr.exp-s390x-mvc \
 	custom-overlap.stderr.exp custom-overlap.vgtest \
 	deep_templates.vgtest \
@@ -233,6 +235,7 @@ check_PROGRAMS = \
 	bug287260 \
 	calloc-overflow \
 	clientperm \
+	clireq_nofill \
 	custom_alloc \
 	custom-overlap \
 	deep_templates \

memcheck/tests/clireq_nofill.c

@@ -0,0 +1,42 @@
+#include <string.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <assert.h>
+#include "valgrind.h"
+#include "../memcheck.h"
+
+struct super { int x; };
+static struct super superblock = { 12345 };
+
+/* run with `valgrind -q --malloc-fill=0xaf --free-fill=0xdb` */
+int main(int argc, char **argv)
+{
+    unsigned char *s;
+    VALGRIND_CREATE_MEMPOOL(&superblock, /*rzB=*/0, /*is_zeroed=*/0);
+    s = malloc(40);
+    assert(s);
+    assert(*s == 0xaf);
+    *s = 0x05;
+    VALGRIND_MEMPOOL_ALLOC(&superblock, s, 40);
+    printf("*s=%#hhx after MEMPOOL_ALLOC\n", *s);
+    VALGRIND_MEMPOOL_FREE(&superblock, s);
+    printf("*s=%#hhx after MEMPOOL_FREE\n", *s);
+    VALGRIND_MEMPOOL_ALLOC(&superblock, s, 40);
+    printf("*s=%#hhx after second MEMPOOL_ALLOC\n", *s);
+    free(s);
+    VALGRIND_DESTROY_MEMPOOL(&superblock);
+
+    s = malloc(40);
+    assert(s);
+    assert(*s == 0xaf);
+    *s = 0x05;
+    VALGRIND_MALLOCLIKE_BLOCK(s, 40, 0/*rzB*/, 0/*is_zeroed*/);
+    printf("*s=%#hhx after MALLOCLIKE_BLOCK\n", *s);
+    VALGRIND_FREELIKE_BLOCK(s, 0/*rzB*/);
+    printf("*s=%#hhx after FREELIKE_BLOCK\n", *s);
+    VALGRIND_MALLOCLIKE_BLOCK(s, 40, 0/*rzB*/, 0/*is_zeroed*/);
+    printf("*s=%#hhx after second MALLOCLIKE_BLOCK\n", *s);
+
+    return 0;
+}
+

memcheck/tests/clireq_nofill.stderr.exp

@@ -0,0 +1,12 @@
+Invalid read of size 1
+   at 0x........: main (clireq_nofill.c:23)
+ Address 0x........ is 0 bytes inside a recently re-allocated block of size 40 alloc'd
+   at 0x........: malloc (vg_replace_malloc.c:...)
+   by 0x........: main (clireq_nofill.c:16)
+
+Invalid read of size 1
+   at 0x........: main (clireq_nofill.c:36)
+ Address 0x........ is 0 bytes inside a recently re-allocated block of size 40 alloc'd
+   at 0x........: malloc (vg_replace_malloc.c:...)
+   by 0x........: main (clireq_nofill.c:29)
+

memcheck/tests/clireq_nofill.stdout.exp

@@ -0,0 +1,6 @@
+*s=0x5 after MEMPOOL_ALLOC
+*s=0x5 after MEMPOOL_FREE
+*s=0x5 after second MEMPOOL_ALLOC
+*s=0x5 after MALLOCLIKE_BLOCK
+*s=0x5 after FREELIKE_BLOCK
+*s=0x5 after second MALLOCLIKE_BLOCK

memcheck/tests/clireq_nofill.vgtest

@@ -0,0 +1,2 @@
+prog: clireq_nofill
+vgopts: -q --undef-value-errors=no --malloc-fill=0xaf --free-fill=0xdb