Re: more deadbeef

[Theo de Raadt]

> how would you like your deadbeef? well done?
> 
> since we support variable poison values, we should invert the patterns
> sometimes to find bugs where the deadbeef values hide the bugs. (we
> can of course do even more with extra tricksy bit patterns, but start
> with this.)

I have been worried about this for quite a while.  Especially for flag
bits .

more deadbeef

[Ted Unangst]

how would you like your deadbeef? well done?

since we support variable poison values, we should invert the patterns
sometimes to find bugs where the deadbeef values hide the bugs. (we
can of course do even more with extra tricksy bit patterns, but start
with this.)

Index: subr_poison.c
===
RCS file: /cvs/src/sys/kern/subr_poison.c,v
retrieving revision 1.7
diff -u -p -r1.7 subr_poison.c
--- subr_poison.c   19 May 2014 14:30:03 -  1.7
+++ subr_poison.c   8 Jul 2014 20:09:38 -
@@ -43,7 +43,17 @@ poison_value(void *v)
 
l = l >> PAGE_SHIFT;
 
-   return (l & 1) ? POISON0 : POISON1;
+   switch (l & 3) {
+   case 0:
+   return POISON0;
+   case 1:
+   return POISON1;
+   case 2:
+   return ~POISON0;
+   case 3:
+   return ~POISON1;
+   }
+   return 0;
 }
 
 void