diff mbox

[v4] tests: set MALLOC_PERTURB_ to expose memory bugs

Message ID 1369661331-28041-1-git-send-email-stefanha@redhat.com
State New
Headers show

Commit Message

Stefan Hajnoczi May 27, 2013, 1:28 p.m. UTC 
glibc wipes malloc(3) memory when the MALLOC_PERTURB_ environment
variable is set.  The value of the environment variable determines the
bit pattern used to wipe memory.  For more information, see
http://udrepper.livejournal.com/11429.html.

Set MALLOC_PERTURB_ for gtester and qemu-iotests.  Note we pick a random
value from 1 to 255 to expose more bugs.  If you need to reproduce a
crash use 'show environment' in gdb to extract the MALLOC_PERTURB_
value from a core dump.

Both make check and qemu-iotests pass with MALLOC_PERTURB_ enabled.

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
---
Embarassing how long it's taking to get this right :P

v4:
 * Drop dash-incompatible $$RANDOM [eblake]

v3:
 * Use $ escaping in tests/Makefile [eblake]

v2:
 * Randomize MALLOC_PERTURB_ value [armbru]
 * Preserve existing MALLOC_PERTURB_ variable, if set [danpb]

 tests/Makefile           | 5 ++++-
 tests/qemu-iotests/check | 3 ++-
 2 files changed, 6 insertions(+), 2 deletions(-)

Comments

Eric Blake May 28, 2013, 12:31 p.m. UTC | #1 
On 05/27/2013 07:28 AM, Stefan Hajnoczi wrote:
> glibc wipes malloc(3) memory when the MALLOC_PERTURB_ environment
> variable is set.  The value of the environment variable determines the
> bit pattern used to wipe memory.  For more information, see
> http://udrepper.livejournal.com/11429.html.
> 
> Set MALLOC_PERTURB_ for gtester and qemu-iotests.  Note we pick a random
> value from 1 to 255 to expose more bugs.  If you need to reproduce a
> crash use 'show environment' in gdb to extract the MALLOC_PERTURB_
> value from a core dump.
> 
> Both make check and qemu-iotests pass with MALLOC_PERTURB_ enabled.
> 
> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
> ---
> Embarassing how long it's taking to get this right :P

But at least the code review process prevents your embarrassment from
being codified into qemu.git across multiple commits :)

Reviewed-by: Eric Blake <eblake@redhat.com>
Anthony Liguori May 31, 2013, 6:48 p.m. UTC | #2 
Applied.  Thanks.

Regards,

Anthony Liguori
diff mbox

Patch

diff --git a/tests/Makefile b/tests/Makefile
index a307d5a..c107489 100644
--- a/tests/Makefile
+++ b/tests/Makefile
@@ -171,6 +171,7 @@  GCOV_OPTIONS = -n $(if $(V),-f,)
 $(patsubst %, check-qtest-%, $(QTEST_TARGETS)): check-qtest-%: $(check-qtest-y)
 	$(if $(CONFIG_GCOV),@rm -f *.gcda */*.gcda */*/*.gcda */*/*/*.gcda,)
 	$(call quiet-command,QTEST_QEMU_BINARY=$*-softmmu/qemu-system-$* \
+		MALLOC_PERTURB_=$${MALLOC_PERTURB_:-$$((RANDOM % 255 + 1))} \
 		gtester $(GTESTER_OPTIONS) -m=$(SPEED) $(check-qtest-$*-y),"GTESTER $@")
 	$(if $(CONFIG_GCOV),@for f in $(gcov-files-$*-y); do \
 	  echo Gcov report for $$f:;\
@@ -180,7 +181,9 @@  $(patsubst %, check-qtest-%, $(QTEST_TARGETS)): check-qtest-%: $(check-qtest-y)
 .PHONY: $(patsubst %, check-%, $(check-unit-y))
 $(patsubst %, check-%, $(check-unit-y)): check-%: %
 	$(if $(CONFIG_GCOV),@rm -f *.gcda */*.gcda */*/*.gcda */*/*/*.gcda,)
-	$(call quiet-command,gtester $(GTESTER_OPTIONS) -m=$(SPEED) $*,"GTESTER $*")
+	$(call quiet-command, \
+		MALLOC_PERTURB_=$${MALLOC_PERTURB_:-$$((RANDOM % 255 + 1))} \
+		gtester $(GTESTER_OPTIONS) -m=$(SPEED) $*,"GTESTER $*")
 	$(if $(CONFIG_GCOV),@for f in $(gcov-files-$(subst tests/,,$*)-y); do \
 	  echo Gcov report for $$f:;\
 	  $(GCOV) $(GCOV_OPTIONS) $$f -o `dirname $$f`; \
diff --git a/tests/qemu-iotests/check b/tests/qemu-iotests/check
index 432732c..74628ae 100755
--- a/tests/qemu-iotests/check
+++ b/tests/qemu-iotests/check
@@ -214,7 +214,8 @@  do
 	start=`_wallclock`
 	$timestamp && echo -n "	["`date "+%T"`"]"
 	[ ! -x $seq ] && chmod u+x $seq # ensure we can run it
-	./$seq >$tmp.out 2>&1
+	MALLOC_PERTURB_=${MALLOC_PERTURB_:-$(($RANDOM % 255 + 1))} \
+		./$seq >$tmp.out 2>&1
 	sts=$?
 	$timestamp && _timestamp
 	stop=`_wallclock`