From patchwork Wed Dec 10 00:07:21 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Simon Glass X-Patchwork-Id: 887 Return-Path: X-Original-To: u-boot-concept@u-boot.org Delivered-To: u-boot-concept@u-boot.org DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=u-boot.org; s=default; t=1765325414; bh=RAWv3kmKGLPxON78VgH6JTZ8eSkyoFjDIG+QkaZxHWA=; h=From:To:Date:In-Reply-To:References:CC:Subject:List-Id: List-Archive:List-Help:List-Owner:List-Post:List-Subscribe: List-Unsubscribe:From; b=TPvy2GP/szH2JcgWXHSPH523uSvb3hHPhxIYPsbh2EuGueqYdGATvqUC7xRkH9tN0 jY8ZW2uE6wkiY8s3EyomzE1jcPoUlN1gBjsWmSqlTIcBs3pZZ3Q2Qpb08O3YdTaOXX Mw6NHocZj2Yditg+GcjB0RSD1arm/6IT4UYtnDxjmKoUkEtnUEY0pAv9BHjFxawTke Tu3D6LJrIDKH08G+TID8EUw82aa50s6X1BDXPXKcFZ2gTNTvi0ulmZWK6ZQS8+3oOs grU7V2Oplp79U8X8HmKj68bR+tBQA1dGOZccAHRhyfX8Q+c9PtTC4gQDirdqCg4kN9 iDfNg2Q06sz2Q== Received: from localhost (localhost [127.0.0.1]) by mail.u-boot.org (Postfix) with ESMTP id 0649C68A3E for ; Tue, 9 Dec 2025 17:10:14 -0700 (MST) X-Virus-Scanned: Debian amavis at Received: from mail.u-boot.org ([127.0.0.1]) by localhost (mail.u-boot.org [127.0.0.1]) (amavis, port 10024) with ESMTP id X-NP68xDcWjd for ; Tue, 9 Dec 2025 17:10:13 -0700 (MST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=u-boot.org; s=default; t=1765325412; bh=RAWv3kmKGLPxON78VgH6JTZ8eSkyoFjDIG+QkaZxHWA=; h=From:To:Date:In-Reply-To:References:CC:Subject:List-Id: List-Archive:List-Help:List-Owner:List-Post:List-Subscribe: List-Unsubscribe:From; b=hqSVC/uzDC+2n5JZKG7kRH5ra9ARoiaw9ONypVFKsnRTWolcc4PqDTNjbiUCEBX1r v1MPY1E/w0J2SUlzqROfQqEKcDeKIlFUNEAoEstNjQht3E9MlOUMlmYYExFPc2dRaD 6+ZDFrKeyYdiXT14FS5fE7AW5lfMO5txy7blPjqP78643Sjd/1F73CoCQ9kU1VJGGV DCHpaopHfsNl6KaLrScyCQABip4Fo22GJ+Z5XnLbR+1dNlgwhpFYQYSAGVNf74FnEL oCHrmMVYneyCPskNxirXBL16cacJl0mxo+xNEy62qY/MnSckSY421eAfAcMggegFKt GD+DB1rZD0S/Q== Received: from mail.u-boot.org (localhost [127.0.0.1]) by mail.u-boot.org (Postfix) with ESMTP id 02A0E687A7 for ; Tue, 9 Dec 2025 17:10:12 -0700 (MST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=u-boot.org; s=default; t=1765325409; bh=/Oo39TzjwYLcS554eBwFoxnfkAnriVbv0iwOyLtWDnw=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=SEiZnxSE3aKPkoepWSKzEWet7UCh6QRP780UZt2apfs1Ff57blAlCKWyIWw/YSYOx 1fSQ8VwTVw/xjzhClUzCm/1x7IVeCg5saa/Nuw09AIWuLYaa/G808QkzFxbAo64oDb v12TkrKU/MnHVagLQ8fGCcEqRIU0oNfS4j2hetWVjLuAxoK9mLuQkySKrS5mYyKXtl OAchrplp0hoBP2QCLe9GgR81xKfUuhjCoE0msln0kF4HOFwqrknSd2coycSF4WiJLO 2m2TBOEIzdSvr9Tbv6dHQdbu8mb6TY4J2DmuRsJgzDtA3ZaWsv803Fgmo+/z9MTQyx npSwLx5fCXowA== Received: from localhost (localhost [127.0.0.1]) by mail.u-boot.org (Postfix) with ESMTP id 586DC68972; Tue, 9 Dec 2025 17:10:09 -0700 (MST) X-Virus-Scanned: Debian amavis at Received: from mail.u-boot.org ([127.0.0.1]) by localhost (mail.u-boot.org [127.0.0.1]) (amavis, port 10026) with ESMTP id q8BqZeNrjQZt; Tue, 9 Dec 2025 17:10:09 -0700 (MST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=u-boot.org; s=default; t=1765325408; bh=LvH1mr8CQDiiki+y/05ngRaWJdNRgumdGzh59gBkphU=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=BSgCTZsMb0y0w0BAF+0oaAxhyRUaEOnV4NRXQr5YgGWBc9rGTxvFMt7ewm5YfHCjJ QWODt7a3O1sp8xm0oW0CodnDG2X/H064ef40CQ1j9bgO93ahccO42T2gpc3x+b5dAW tFcHwTFoJ1ilIZZCRWvSPL/+DmNXBXkVTKvCKp/SWLufHKzBSC+hc1sPm+GSi9sU45 htqU2kcpbBKXfsasbWt2mIyDhOPR1Y8nnMbppSYmA8vTNT525XX7zPmRpJBTxcGzhH elwG8i6L3yz/yAoLgNrJcPjrx68QVSYyMxKO2W0iNcxCFubP8Q3k+tgPvZ4llyWRau eTm4l7JIq9W3g== Received: from u-boot.org (unknown [73.34.74.121]) by mail.u-boot.org (Postfix) with ESMTPSA id 2C7FA6896E; Tue, 9 Dec 2025 17:10:08 -0700 (MST) From: Simon Glass To: U-Boot Concept Date: Tue, 9 Dec 2025 17:07:21 -0700 Message-ID: <20251210000737.180797-31-sjg@u-boot.org> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20251210000737.180797-1-sjg@u-boot.org> References: <20251210000737.180797-1-sjg@u-boot.org> MIME-Version: 1.0 Message-ID-Hash: HO422WWLCIBJ7XO3ROV4SUQ3JHZSOMAG X-Message-ID-Hash: HO422WWLCIBJ7XO3ROV4SUQ3JHZSOMAG X-MailFrom: sjg@u-boot.org X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: Heinrich Schuchardt , Simon Glass , Claude X-Mailman-Version: 3.3.10 Precedence: list Subject: [Concept] [PATCH 30/35] malloc: Fix malloc_dump to find mcheck headers in memalign chunks List-Id: Discussion and patches related to U-Boot Concept Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: From: Simon Glass For memalign allocations, the mcheck header is placed at an offset from the chunk start to maintain alignment. The current assumption is that the header is always at the start of the chunk, but this is not true for memalign allocations. Add find_mcheck_hdr_in_chunk() which looks up the header in the mcheck registry and validates: - The header falls within the chunk's memory range - The aln_skip field is consistent with the header position - The canary is MAGICWORD (active), not MAGICFREE (freed) This ensures malloc_dump correctly displays caller info for all allocations including those made via memalign. Co-developed-by: Claude Signed-off-by: Simon Glass --- common/dlmalloc.c | 52 +++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 50 insertions(+), 2 deletions(-) diff --git a/common/dlmalloc.c b/common/dlmalloc.c index b40963604e4..14515e423cc 100644 --- a/common/dlmalloc.c +++ b/common/dlmalloc.c @@ -7021,6 +7021,53 @@ void malloc_disable_testing(void) malloc_testing = false; } +/** + * find_mcheck_hdr_in_chunk() - find mcheck header within a chunk + * + * For memalign allocations, the mcheck header may be at an offset from + * the chunk start to maintain alignment. Look up the header in the + * mcheck registry, which stores pointers to all active headers. + * + * @mem: chunk memory pointer (from chunk2mem) + * @sz: chunk size + * Return: pointer to mcheck header if found, NULL otherwise + */ +#if CONFIG_IS_ENABLED(MCHECK_HEAP_PROTECTION) +static struct mcheck_hdr *find_mcheck_hdr_in_chunk(void *mem, size_t sz) +{ + struct mcheck_hdr *hdr; + char *start = (char *)mem; + char *end = start + sz; + int i, j; + + for (i = 0; i < REGISTRY_SZ; i++) { + hdr = mcheck_registry[i]; + if (!hdr) + continue; + + /* Check if this header falls within our chunk */ + if ((char *)hdr < start || (char *)hdr >= end) + continue; + + /* Validate the aln_skip is consistent with position */ + if ((char *)hdr != start + hdr->aln_skip) + continue; + + /* Verify canary is valid (not freed) */ + for (j = 0; j < CANARY_DEPTH; j++) { + if (hdr->canary.elems[j] != MAGICWORD) + goto next; + } + + return hdr; +next: + continue; + } + + return NULL; +} +#endif + void malloc_dump(void) { mchunkptr q; @@ -7052,9 +7099,10 @@ void malloc_dump(void) if (is_inuse(q)) { #if CONFIG_IS_ENABLED(MCHECK_HEAP_PROTECTION) - struct mcheck_hdr *hdr = (struct mcheck_hdr *)mem; + struct mcheck_hdr *hdr; - if (hdr->caller[0]) + hdr = find_mcheck_hdr_in_chunk(mem, sz); + if (hdr && hdr->caller[0]) printf("%12lx %10zx %s\n", (ulong)mem, sz, hdr->caller); else