diff --git a/include/nuttx/mm/mm.h b/include/nuttx/mm/mm.h index 265f92c9867..3e440947908 100644 --- a/include/nuttx/mm/mm.h +++ b/include/nuttx/mm/mm.h @@ -139,6 +139,10 @@ #define MM_DUMP_LEAK(dump, pid) \ ((dump) == PID_MM_LEAK && (pid) >= 0 && nxsched_get_tcb(pid) == NULL) +#define MM_INIT_MAGIC 0xcc +#define MM_ALLOC_MAGIC 0xaa +#define MM_FREE_MAGIC 0x55 + /**************************************************************************** * Public Types ****************************************************************************/ diff --git a/mm/Kconfig b/mm/Kconfig index f53501cff3b..37e5a4f2551 100644 --- a/mm/Kconfig +++ b/mm/Kconfig @@ -322,8 +322,10 @@ config MM_FILL_ALLOCATIONS bool "Fill allocations with debug value" default n ---help--- - Fill all malloc() allocations with 0xAA. This helps - detecting uninitialized variable errors. + Fill all malloc() allocations with MM_ALLOC_MAGIC. + Fill all add_addregion() with MM_INIT_MAGIC. + Fill all free() with MM_FREE_MAGIC. + This helps detecting uninitialized variable errors. config MM_BACKTRACE int "The depth of backtrace" diff --git a/mm/mempool/mempool.c b/mm/mempool/mempool.c index 206c835583d..46f278e373d 100644 --- a/mm/mempool/mempool.c +++ b/mm/mempool/mempool.c @@ -274,7 +274,7 @@ retry: } #ifdef CONFIG_MM_FILL_ALLOCATIONS - memset(blk, 0xaa, pool->blocksize); + memset(blk, MM_ALLOC_MAGIC, pool->blocksize); #endif #if CONFIG_MM_BACKTRACE >= 0 @@ -317,7 +317,7 @@ void mempool_free(FAR struct mempool_s *pool, FAR void *blk) #endif #ifdef CONFIG_MM_FILL_ALLOCATIONS - memset(blk, 0x55, pool->blocksize); + memset(blk, MM_FREE_MAGIC, pool->blocksize); #endif if (pool->interruptsize > blocksize) diff --git a/mm/mm_heap/mm_free.c b/mm/mm_heap/mm_free.c index d29f901e846..39e869d8596 100644 --- a/mm/mm_heap/mm_free.c +++ b/mm/mm_heap/mm_free.c @@ -90,7 +90,7 @@ void mm_delayfree(FAR struct mm_heap_s *heap, FAR void *mem, bool delay) } #ifdef CONFIG_MM_FILL_ALLOCATIONS - memset(mem, 0x55, mm_malloc_size(heap, mem)); + memset(mem, MM_FREE_MAGIC, mm_malloc_size(heap, mem)); #endif kasan_poison(mem, mm_malloc_size(heap, mem)); diff --git a/mm/mm_heap/mm_initialize.c b/mm/mm_heap/mm_initialize.c index 676f1901f42..31c44d64ef8 100644 --- a/mm/mm_heap/mm_initialize.c +++ b/mm/mm_heap/mm_initialize.c @@ -129,6 +129,12 @@ void mm_addregion(FAR struct mm_heap_s *heap, FAR void *heapstart, DEBUGASSERT(heapsize <= MMSIZE_MAX + 1); #endif +#ifdef CONFIG_MM_FILL_ALLOCATIONS + /* Use the fill value to mark uninitialized user memory */ + + memset(heapstart, MM_INIT_MAGIC, heapsize); +#endif + /* Register to KASan for access check */ kasan_register(heapstart, &heapsize); diff --git a/mm/mm_heap/mm_malloc.c b/mm/mm_heap/mm_malloc.c index 30e307f5778..68e919a3118 100644 --- a/mm/mm_heap/mm_malloc.c +++ b/mm/mm_heap/mm_malloc.c @@ -305,7 +305,7 @@ FAR void *mm_malloc(FAR struct mm_heap_s *heap, size_t size) MM_ADD_BACKTRACE(heap, node); kasan_unpoison(ret, mm_malloc_size(heap, ret)); #ifdef CONFIG_MM_FILL_ALLOCATIONS - memset(ret, 0xaa, alignsize - MM_ALLOCNODE_OVERHEAD); + memset(ret, MM_ALLOC_MAGIC, alignsize - MM_ALLOCNODE_OVERHEAD); #endif #ifdef CONFIG_DEBUG_MM minfo("Allocated %p, size %zu\n", ret, alignsize); diff --git a/mm/tlsf/mm_tlsf.c b/mm/tlsf/mm_tlsf.c index ad7801f670e..0fc627ab17e 100644 --- a/mm/tlsf/mm_tlsf.c +++ b/mm/tlsf/mm_tlsf.c @@ -503,7 +503,7 @@ static void mm_delayfree(FAR struct mm_heap_s *heap, FAR void *mem, if (mm_lock(heap) == 0) { #ifdef CONFIG_MM_FILL_ALLOCATIONS - memset(mem, 0x55, mm_malloc_size(heap, mem)); + memset(mem, MM_FREE_MAGIC, mm_malloc_size(heap, mem)); #endif kasan_poison(mem, mm_malloc_size(heap, mem)); @@ -575,6 +575,12 @@ void mm_addregion(FAR struct mm_heap_s *heap, FAR void *heapstart, # define idx 0 #endif +#ifdef CONFIG_MM_FILL_ALLOCATIONS + /* Use the fill value to mark uninitialized user memory */ + + memset(heapstart, 0xcc, heapsize); +#endif + /* Register to KASan for access check */ kasan_register(heapstart, &heapsize); @@ -1144,7 +1150,7 @@ FAR void *mm_malloc(FAR struct mm_heap_s *heap, size_t size) kasan_unpoison(ret, mm_malloc_size(heap, ret)); #ifdef CONFIG_MM_FILL_ALLOCATIONS - memset(ret, 0xaa, mm_malloc_size(heap, ret)); + memset(ret, 0xaa, nodesize); #endif }