ntdll: implement FLG_HEAP_ENABLE_TAIL_CHECK
Dan Kegel
dank at kegel.com
Wed Nov 18 21:47:20 CST 2009
OK, here's something that seems to mostly work,
and even gives reasonable valgrind errors.
To use it, apply the patch and then do
export WINE_HEAP_REDZONE=16
or so. (Bigger values catch more problems but add more overhead.)
Only eleven tests generate warnings with that set:
runtest -q -P wine -M advapi32.dll -T ../../.. -p advapi32_test.exe.so lsa.c
invalid arena 0x14c520, buffer 0x14c528, corrupt at 0x14c548 (byte 32 of 26)
runtest -q -P wine -M advpack.dll -T ../../.. -p advpack_test.exe.so files.c
invalid arena 0x14d108, buffer 0x14d110, corrupt at 0x14d12e (byte 30 of 30)
invalid arena 0x14d140, buffer 0x14d148, corrupt at 0x14d166 (byte 30 of 30)
runtest -q -P wine -M gdi32.dll -T ../../.. -p gdi32_test.exe.so path.c
invalid arena 0x14bb40, buffer 0x14bb48, corrupt at 0x14bb48 (byte 0 of 0)
runtest -q -P wine -M hlink.dll -T ../../.. -p hlink_test.exe.so hlink.c
invalid arena 0x154158, buffer 0x154160, corrupt at 0x154166 (byte 6 of 6)
runtest -q -P wine -M kernel32.dll -T ../../.. -p kernel32_test.exe.so
format_msg.c
invalid arena 0x14c128, buffer 0x14c130, corrupt at 0x14c132 (byte 2 of 2)
invalid arena 0x14c148, buffer 0x14c150, corrupt at 0x14c152 (byte 2 of 2)
invalid arena 0x14c168, buffer 0x14c170, corrupt at 0x14c172 (byte 2 of 2)
invalid arena 0x14c188, buffer 0x14c190, corrupt at 0x14c192 (byte 2 of 2)
runtest -q -P wine -M msi.dll -T ../../.. -p msi_test.exe.so automation.c
invalid arena 0x164c20, buffer 0x164c28, corrupt at 0x164c2d (byte 5 of 5)
runtest -q -P wine -M netapi32.dll -T ../../.. -p netapi32_test.exe.so access.c
invalid arena 0x110b60, buffer 0x110b68, corrupt at 0x110bea (byte 130 of 130)
runtest -q -P wine -M ole32.dll -T ../../.. -p ole32_test.exe.so moniker.c
invalid arena 0x14fdf8, buffer 0x14fe00, corrupt at 0x14fe00 (byte 0 of 0)
...
invalid arena 0x155ce8, buffer 0x155cf0, corrupt at 0x155cf0 (byte 0 of 0)
runtest -q -P wine -M ole32.dll -T ../../.. -p ole32_test.exe.so usrmarshal.c
invalid arena 0x14fbc0, buffer 0x14fbc8, corrupt at 0x14fbee (byte 38 of 38)
runtest -q -P wine -M oleaut32.dll -T ../../.. -p oleaut32_test.exe.so
tmarshal.c
invalid arena 0x1568f0, buffer 0x1568f8, corrupt at 0x1568fe (byte 6 of 6)
runtest -q -P wine -M oleaut32.dll -T ../../.. -p oleaut32_test.exe.so
usrmarshal.c
invalid arena 0x14ebb8, buffer 0x14ebc0, corrupt at 0x14ebc0 (byte 0 of 0)
and at least some of those seem to be real errors.
To get more details, run under valgrind; it will show you the stack of
where the bad write occurred. I'll try to provide logs tomorrow.
There are still some rough edges, but it might be useful already.
It also adds a missing valgrind annotation in mark_free_block()
that's only needed in the WINEDEBUG=+heap case,
works around a small valgrind quirk that confuses wine's environment setup,
and fixes a whitespace mistake...
- Dan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-ntdll-let-user-turn-on-heap-tail-checking-with-e.g.patch
Type: text/x-patch
Size: 19395 bytes
Desc: not available
URL: <http://www.winehq.org/pipermail/wine-devel/attachments/20091118/f679c520/attachment-0001.bin>
More information about the wine-devel
mailing list