1// Regression test for a bug in malloc_create_zone()
2// (https://code.google.com/p/address-sanitizer/issues/detail?id=203)
3// The old implementation of malloc_create_zone() didn't always return a
4// page-aligned address, so we can only test on a best-effort basis.
5
6// RUN: %clangxx_asan %s -o %t
7// RUN: %run %t 2>&1
8
9#include <malloc/malloc.h>
10#include <stdlib.h>
11#include <string.h>
12#include <stdio.h>
13
14const int kNumIter = 4096;
15const int kNumZones = 100;
16int main() {
17 char *mem[kNumIter * 2];
18 // Allocate memory chunks from different size classes up to 1 page.
19 // (For the case malloc() returns memory chunks in descending order)
20 for (int i = 0; i < kNumIter; i++) {
21 mem[i] = (char*)malloc(size: 8 * i);
22 }
23 // Try to allocate a page-aligned malloc zone. Otherwise the mprotect() call
24 // in malloc_set_zone_name() will silently fail.
25 malloc_zone_t *zone = NULL;
26 bool aligned = false;
27 for (int i = 0; i < kNumZones; i++) {
28 zone = malloc_create_zone(0, 0);
29 if (((uintptr_t)zone & (~0xfff)) == (uintptr_t)zone) {
30 aligned = true;
31 break;
32 }
33 }
34 if (!aligned) {
35 printf(format: "Warning: couldn't allocate a page-aligned zone.");
36 return 0;
37 }
38 // malloc_set_zone_name() calls mprotect(zone, 4096, PROT_READ | PROT_WRITE),
39 // modifies the zone contents and then calls mprotect(zone, 4096, PROT_READ).
40 malloc_set_zone_name(zone, "foobar");
41 // Allocate memory chunks from different size classes again.
42 for (int i = 0; i < kNumIter; i++) {
43 mem[i + kNumIter] = (char*)malloc(size: 8 * i);
44 }
45 // Access the allocated memory chunks and free them.
46 for (int i = 0; i < kNumIter * 2; i++) {
47 memset(s: mem[i], c: 'a', n: 8 * (i % kNumIter));
48 free(ptr: mem[i]);
49 }
50 malloc_destroy_zone(zone);
51 return 0;
52}
53

source code of compiler-rt/test/asan/TestCases/Darwin/malloc_set_zone_name-mprotect.cpp