On Sat, Jul 07, 2001 at 08:33:54AM +0100, David Reid wrote:
> I'd be interested to know of other tools that people use that are available
> for others here * on the list to use improving the code. So far when pools
insure-lite may help _if_ you use the following trick.
insure-lite is availabe in the non-free section of
redhat 6 cds. insure itself is about $4,000 USD and
no, they have never heard of open source projects
so they are not interested in providing licenses as
a promotional loss-leader [in complete contrast to
vmware who are very supportive of open source].
these code fragments come from samba source (GPL):
/*******************************************************************
close the low 3 fd's and open /dev/null in their place
********************************************************************/
void close_low_fds(void)
{
int fd;
int i;
close(0);
close(1);
#ifndef __INSURE__
close(2);
#endif
/* try and use up these file descriptors, so silly
library routines writing to stdout etc won't cause havoc */
for (i = 0; i < 3; i++)
{
fd = open("/dev/null", O_RDWR, 0);
...
...
[except that insure writes out to stderr, so you can't close
that one]
#ifdef __INSURE__
/*******************************************************************
This routine is a trick to immediately catch errors when debugging
with insure. A xterm with a gdb is popped up when insure catches
a error. It is Linux specific.
********************************************************************/
int _Insure_trapr_error(int a1, int a2, int a3, int a4, int a5, int a6)
{
static int (*fn) ();
int ret;
char pidstr[10];
pstring cmd =
"/usr/X11R6/bin/xterm -display :0 -T Panic -n Panic -e /bin/sh
-c 'cat /tmp/ierrs.*.%d ; gdb /proc/%d/exe %d'";
slprintf(pidstr, sizeof(pidstr), "%d", sys_getpid());
pstring_sub(cmd, "%d", pidstr);
if (!fn)
{
static void *h;
h =
dlopen
("/usr/local/parasoft/insure++lite/lib.linux2/libinsure.so",
RTLD_LAZY);
fn = dlsym(h, "_Insure_trapr_error");
}
ret = fn(a1, a2, a3, a4, a5, a6);
system(cmd);
return ret;
}
#endif
[this little trick _is_ actually documented in the insure
documentation. insure-lite strips out stack-debugging
info, making it almost completely useless... _unless_
you use the above little trick.]
insure is *extremely* good. if you have used purify, you will
be laughing at it.
insure detects at *run-time*:
- pointer overwriting:
a = malloc(20);
a = b;
return;
(but it doesn,t detect this:
struct foo
{
void *a;
}
f->a = malloc(20);
memset(f, 0, sizeof(struct foo));
or, it _does_, it detects it as a loss of memory f->a
but not _why_.
but _does_ detect this:
struct foo fa;
struct foo fb;
fa.a = malloc(20);
fa = fb;
cool, huh? :)
- underwriting and overwriting of memory regions and strings
- not freed, freed more than once memory
so, when you do an apr_pool_destroy, it will let you
know immediately if there are any problems AND, get this:
it tells you the stack at the point where the memory
was ALLOCATED!
etc. there's lots more. it does a little bit of
compile-time checking, too.
the down-side: a normal 3mb executable compiles up at
80mb. a 30-times increment in binary size....
> One of the things we really need to improve is our test suite.
yespleasetestsuitesmakeforeasycuttingandpastingtogetrealliveworkingcoderealquick
:)
luke
