From 092f6431191598df687a1f5b31d1047fa0a1d0b7 Mon Sep 17 00:00:00 2001
From: Andreas Kling <kling@serenityos.org>
Date: Wed, 15 Jul 2020 23:23:21 +0200
Subject: [PATCH] UserspaceEmulator: Log invalid and double free() calls :^)

We can easily catch free() on never-malloced addresses, as well as
double calls to free() on the same address, so let's do it!
---
 DevTools/UserspaceEmulator/MallocTracer.cpp | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/DevTools/UserspaceEmulator/MallocTracer.cpp b/DevTools/UserspaceEmulator/MallocTracer.cpp
index ed24dafee7..ea9ef7428c 100644
--- a/DevTools/UserspaceEmulator/MallocTracer.cpp
+++ b/DevTools/UserspaceEmulator/MallocTracer.cpp
@@ -51,11 +51,20 @@ void MallocTracer::target_did_free(Badge<SoftCPU>, FlatPtr address)
 {
     for (auto& mallocation : m_mallocations) {
         if (mallocation.address == address) {
+            if (mallocation.freed) {
+                dbgprintf("\n");
+                dbgprintf("==%d==  \033[31;1mDouble free()\033[0m, %p\n", s_pid, address);
+                dbgprintf("==%d==  Address %p has already been passed to free()\n", s_pid, address);
+                Emulator::the().dump_backtrace();
+            }
             mallocation.freed = true;
             return;
         }
     }
-    ASSERT_NOT_REACHED();
+    dbgprintf("\n");
+    dbgprintf("==%d==  \033[31;1mInvalid free()\033[0m, %p\n", s_pid, address);
+    dbgprintf("==%d==  Address %p has never been returned by malloc()\n", s_pid, address);
+    Emulator::the().dump_backtrace();
 }
 
 MallocTracer::Mallocation* MallocTracer::find_mallocation(FlatPtr address)