I have a test for this situation:
// Diabolical wild free #2.
int main() {
char* a = (char*) my_malloc(200);
char* b = (char*) my_malloc(50);
char* c = (char*) my_malloc(200);
char* p = (char*) my_malloc(3000);
(void) a, (void) c;
memcpy(p, b - 200, 450);
my_free(b);
memcpy(b - 200, p, 450);
my_free(b);
m61_printstatistics();
}
Expected result:
//! MEMORY BUG: invalid free of pointer
I now that we can use free list to check second free()
call, but
1) second free()
call, free another object, because memcpy(b - 200, p, 450)
2) In this situation we also call multiple times free()
on the same object, but this is correct execution
// A correct execution should not report errors.
int main() {
for (int i = 0; i < 10; ++i)
{
int* ptr = (int*) my_malloc(sizeof(int) * 10);
for (int j = 0; j < 10; ++j)
{
ptr[i] = i;
}
my_free(ptr);
}
m61_printstatistics();
}
So how to check invalid free of pointer in free()
implementation?