1b32f58018498ea2225959b0ba11c18f0c433deefEvgeniy Stepanov#include <stdlib.h> 2b32f58018498ea2225959b0ba11c18f0c433deefEvgeniy Stepanov/* To be run with --freelist-vol=1000000 --freelist-big-blocks=50000 */ 3b32f58018498ea2225959b0ba11c18f0c433deefEvgeniy Stepanovstatic void jumped(void) 4b32f58018498ea2225959b0ba11c18f0c433deefEvgeniy Stepanov{ 5b32f58018498ea2225959b0ba11c18f0c433deefEvgeniy Stepanov ; 6b32f58018498ea2225959b0ba11c18f0c433deefEvgeniy Stepanov} 7b32f58018498ea2225959b0ba11c18f0c433deefEvgeniy Stepanovint main(int argc, char *argv[]) 8b32f58018498ea2225959b0ba11c18f0c433deefEvgeniy Stepanov{ 9b32f58018498ea2225959b0ba11c18f0c433deefEvgeniy Stepanov char *semi_big = NULL; 10b32f58018498ea2225959b0ba11c18f0c433deefEvgeniy Stepanov char *big = NULL; 11b32f58018498ea2225959b0ba11c18f0c433deefEvgeniy Stepanov char *small = NULL; 12b32f58018498ea2225959b0ba11c18f0c433deefEvgeniy Stepanov char *other_small = NULL; 13b32f58018498ea2225959b0ba11c18f0c433deefEvgeniy Stepanov int i; 14b32f58018498ea2225959b0ba11c18f0c433deefEvgeniy Stepanov int j; 15b32f58018498ea2225959b0ba11c18f0c433deefEvgeniy Stepanov 16b32f58018498ea2225959b0ba11c18f0c433deefEvgeniy Stepanov /* Verify that access via a dangling pointer to a big block bigger than 17b32f58018498ea2225959b0ba11c18f0c433deefEvgeniy Stepanov the free list is found by memcheck (still on the free list). */ 18b32f58018498ea2225959b0ba11c18f0c433deefEvgeniy Stepanov semi_big = malloc (900000); 19eb0bae136f4eeaaf29761dddb148b118fb824632Dmitriy Ivanov big = malloc (1000015); 20b32f58018498ea2225959b0ba11c18f0c433deefEvgeniy Stepanov free(semi_big); 21b32f58018498ea2225959b0ba11c18f0c433deefEvgeniy Stepanov free(big); 22b32f58018498ea2225959b0ba11c18f0c433deefEvgeniy Stepanov if (big[1000] > 0x0) jumped(); 23b32f58018498ea2225959b0ba11c18f0c433deefEvgeniy Stepanov if (semi_big[1000] > 0x0) jumped(); 24b32f58018498ea2225959b0ba11c18f0c433deefEvgeniy Stepanov 25b32f58018498ea2225959b0ba11c18f0c433deefEvgeniy Stepanov /* Then verify that dangling pointers for small blocks is not hampered 26b32f58018498ea2225959b0ba11c18f0c433deefEvgeniy Stepanov by doing big alloc/free. */ 27b32f58018498ea2225959b0ba11c18f0c433deefEvgeniy Stepanov small = malloc (10000); 28b32f58018498ea2225959b0ba11c18f0c433deefEvgeniy Stepanov free(small); 29b32f58018498ea2225959b0ba11c18f0c433deefEvgeniy Stepanov 30b32f58018498ea2225959b0ba11c18f0c433deefEvgeniy Stepanov /* We should still have a nice error msg for the semi_big 31b32f58018498ea2225959b0ba11c18f0c433deefEvgeniy Stepanov but not for the big block, which has been removed from the free list 32b32f58018498ea2225959b0ba11c18f0c433deefEvgeniy Stepanov with the malloc of small above. */ 33b32f58018498ea2225959b0ba11c18f0c433deefEvgeniy Stepanov if (big[2000] > 0x0) jumped(); 34b32f58018498ea2225959b0ba11c18f0c433deefEvgeniy Stepanov if (semi_big[2000] > 0x0) jumped(); 35b32f58018498ea2225959b0ba11c18f0c433deefEvgeniy Stepanov 36b32f58018498ea2225959b0ba11c18f0c433deefEvgeniy Stepanov big = NULL; 37b32f58018498ea2225959b0ba11c18f0c433deefEvgeniy Stepanov 38b32f58018498ea2225959b0ba11c18f0c433deefEvgeniy Stepanov { 39eb0bae136f4eeaaf29761dddb148b118fb824632Dmitriy Ivanov big = malloc (1000015); 40b32f58018498ea2225959b0ba11c18f0c433deefEvgeniy Stepanov free(big); 41b32f58018498ea2225959b0ba11c18f0c433deefEvgeniy Stepanov if (small[10] > 0x0) jumped(); 42b32f58018498ea2225959b0ba11c18f0c433deefEvgeniy Stepanov 43b32f58018498ea2225959b0ba11c18f0c433deefEvgeniy Stepanov /* Do not common up the below in a loop. We 44b32f58018498ea2225959b0ba11c18f0c433deefEvgeniy Stepanov want a different error/stack trace for each of 45b32f58018498ea2225959b0ba11c18f0c433deefEvgeniy Stepanov these. */ 46b32f58018498ea2225959b0ba11c18f0c433deefEvgeniy Stepanov if (big[10] > 0x0) jumped(); 47b32f58018498ea2225959b0ba11c18f0c433deefEvgeniy Stepanov } 48b32f58018498ea2225959b0ba11c18f0c433deefEvgeniy Stepanov 49b32f58018498ea2225959b0ba11c18f0c433deefEvgeniy Stepanov 50b32f58018498ea2225959b0ba11c18f0c433deefEvgeniy Stepanov for (i = 0; i < 100; i++) { 51b32f58018498ea2225959b0ba11c18f0c433deefEvgeniy Stepanov other_small = malloc(10000); 52b32f58018498ea2225959b0ba11c18f0c433deefEvgeniy Stepanov for (j = 0; j < 10000; j++) 53b32f58018498ea2225959b0ba11c18f0c433deefEvgeniy Stepanov other_small[j] = 0x1; 54b32f58018498ea2225959b0ba11c18f0c433deefEvgeniy Stepanov } 55b32f58018498ea2225959b0ba11c18f0c433deefEvgeniy Stepanov if (small[10] > 0x0) jumped(); 56b32f58018498ea2225959b0ba11c18f0c433deefEvgeniy Stepanov return 0; 57b32f58018498ea2225959b0ba11c18f0c433deefEvgeniy Stepanov} 58