When the firewall process (DFWD) is allocating heap memory, it uses a private memory allocator that writes a special pattern at the end of each allocated segment of heap memory. Later, when de-allocating this memory, DFWD checks for the pattern. If it does not find the previously written pattern, it means the memory was overwritten, which indicates a wild-write in DFWD.
The problem related to this syslog message is described in the following sections:
The DFWD_TRASHED_RED_ZONE message is logged each time the DFWD process detects that a segment of heap memory it has allocated has been overwritten beyond the allocation limit.
When the DFWD process detects a heap memory segment has been overwritten beyond that allocation, it logs the action into the syslog. Below is an example of the message as it would be seen in the syslog:
dfwd[4048]: DFWD_TRASHED_RED_ZONE: Trashed red zone pointer in block 0x8171e00
The cause for such a notification is due to the DFWD process writing more bytes than allocated by malloc for the region length.
The following logs can help determine why the DFWD process is using more of the heap memory than it should:
show log dcd show log dfwd show log messages
These logs might show a trigger event, such as a commit, that may have contributed to the behavior of DFWD.
To troubleshoot this issue, it is recommend that a case be opened with your technical support representative to investigate why the DFWD process is writing to more heap memory than is allocated to the process.
show log dcd show log dfwd show log messages