It has an option to zero out allocations/deallocations. I wonder if it would be useful to randomize the memory instead. It seems like this would help surface bugs better than either zeroing it or leaving it alone?
The choice of CRC32 together with a secret seems odd, it seems to be relying on a security property which CRC32 doesn't have.
This looks like the kind of application that SipHash is designed for.
How does scudo compare with libdislocator?