From 2e7e1c12a74c64c1f908e7f071af8d2286537e95 Mon Sep 17 00:00:00 2001 From: Matthew Sotoudeh Date: Thu, 16 May 2024 19:31:52 -0700 Subject: check "reserve", fix bugs --- imc/checker.c | 15 +++++++++++++++ 1 file changed, 15 insertions(+) (limited to 'imc/checker.c') diff --git a/imc/checker.c b/imc/checker.c index 2bde59f..2ddf978 100644 --- a/imc/checker.c +++ b/imc/checker.c @@ -42,6 +42,17 @@ void check_main() { get_random(magic, MAGIC_COOKIE_BYTES); init_buddy(pool, pool_size, magic, curr_buddy); + void *redzone_start = 0; + void *redzone_end = 0; + if (choose(2, 0)) { + redzone_start = (uint8_t*)pool + 1365; + redzone_end = (uint8_t*)redzone_start + (1024 * 2); + verbose("Reserving %p -- %p\n", redzone_start, redzone_end); + assert(reserve(redzone_start, + (uint8_t*)redzone_end - (uint8_t*)redzone_start, + curr_buddy)); + } + size_t size_options[] = {1, 128, 1024, 5, 167, 10500}; const size_t n_size_options = sizeof(size_options) / sizeof(size_options[0]); @@ -82,6 +93,7 @@ void check_main() { p->data_size = size_options[action]; size_t new_size = p->data_size + sizeof(struct ll); p = reallocate(p, new_size, old_size, curr_buddy); + assert(!(redzone_start <= (void*)p && (void*)p < redzone_end)); for (size_t i = 0; i < p->data_size; i++) p->data[i] = (uint8_t)p->data_size; int lifetime = choose(n_timesteps - t, 0) + 1; @@ -97,6 +109,9 @@ void check_main() { size_t size = size_options[choose(n_size_options, 0)]; struct ll *ll = allocate(size + sizeof(struct ll), curr_buddy); if (!ll) continue; + verbose("Got allocation: %p\n", ll); + assert(!(redzone_start <= (void*)ll && (void*)ll < redzone_end)); + assert((void*)ll >= pool); assert((uint8_t*)ll + size + sizeof(struct ll) < (uint8_t*)pool + pool_size); -- cgit v1.2.3