[valgrind] [Bug 466762] Add redirs for C23 free_sized() and free_aligned_sized()

Sat, 17 Feb 2024 03:10:10 -0800 

https://bugs.kde.org/show_bug.cgi?id=466762

--- Comment #4 from Paul Floyd <[email protected]> ---
To test

git clone https://github.com/jemalloc/jemalloc.git
cd jemalloc
./autogen.sh
./configure

I didn't bother installing jemalloc, I just used it in place.

Without any changes I get

==32192== Conditional jump or move depends on uninitialised value(s)
==32192==    at 0x487B5DB: free_fastpath (jemalloc_internal_inlines_c.h:516)
==32192==    by 0x487B5DB: je_sdallocx_noflags
(jemalloc_internal_inlines_c.h:578)
==32192==    by 0x487B5DB: free_sized (jemalloc.c:3022)
==32192==    by 0x201899: main (c23_free.c:24)
==32192== 
==32192== Use of uninitialised value of size 8
==32192==    at 0x487B5FC: sz_size2index_lookup_impl (sz.h:192)
==32192==    by 0x487B5FC: sz_size2index_lookup (sz.h:198)
==32192==    by 0x487B5FC: free_fastpath (jemalloc_internal_inlines_c.h:521)
==32192==    by 0x487B5FC: je_sdallocx_noflags
(jemalloc_internal_inlines_c.h:578)
==32192==    by 0x487B5FC: free_sized (jemalloc.c:3022)
==32192==    by 0x201899: main (c23_free.c:24)
==32192== 
==32192== Conditional jump or move depends on uninitialised value(s)
==32192==    at 0x48804B3: sz_sa2u (sz.h:320)
==32192==    by 0x48804B3: aligned_usize_get (jemalloc.c:2346)
==32192==    by 0x48804B3: inallocx (jemalloc.c:3826)
==32192==    by 0x48804B3: je_sdallocx_default (jemalloc.c:3838)
==32192==    by 0x201903: main (c23_free.c:36)
==32192== 
==32192== Conditional jump or move depends on uninitialised value(s)
==32192==    at 0x48804D0: sz_s2u (sz.h:303)
==32192==    by 0x48804D0: sz_sa2u (sz.h:335)
==32192==    by 0x48804D0: aligned_usize_get (jemalloc.c:2346)
==32192==    by 0x48804D0: inallocx (jemalloc.c:3826)
==32192==    by 0x48804D0: je_sdallocx_default (jemalloc.c:3838)
==32192==    by 0x201903: main (c23_free.c:36)
==32192== 
==32192== Use of uninitialised value of size 8
==32192==    at 0x48804E5: sz_size2index_lookup_impl (sz.h:192)
==32192==    by 0x48804E5: sz_size2index_lookup (sz.h:198)
==32192==    by 0x48804E5: sz_s2u_lookup (sz.h:291)
==32192==    by 0x48804E5: sz_s2u (sz.h:304)
==32192==    by 0x48804E5: sz_sa2u (sz.h:335)
==32192==    by 0x48804E5: aligned_usize_get (jemalloc.c:2346)
==32192==    by 0x48804E5: inallocx (jemalloc.c:3826)
==32192==    by 0x48804E5: je_sdallocx_default (jemalloc.c:3838)
==32192==    by 0x201903: main (c23_free.c:36)
==32192== 
==32192== Conditional jump or move depends on uninitialised value(s)
==32192==    at 0x487B66B: free_aligned_sized (jemalloc.c:3029)
==32192==    by 0x201926: main (c23_free.c:40)
==32192== 
==32192== Conditional jump or move depends on uninitialised value(s)
==32192==    at 0x487B66F: free_aligned_sized (jemalloc.c:3029)
==32192==    by 0x201926: main (c23_free.c:40)
==32192== 
==32192== Conditional jump or move depends on uninitialised value(s)
==32192==    at 0x487B677: je_sdallocx_impl (jemalloc_internal_inlines_c.h:585)
==32192==    by 0x487B677: sdallocx (jemalloc.c:3862)
==32192==    by 0x487B677: free_aligned_sized (jemalloc.c:3029)
==32192==    by 0x201926: main (c23_free.c:40)
==32192== 
==32192== Conditional jump or move depends on uninitialised value(s)
==32192==    at 0x488049E: aligned_usize_get (jemalloc.c:2331)
==32192==    by 0x488049E: inallocx (jemalloc.c:3826)
==32192==    by 0x488049E: je_sdallocx_default (jemalloc.c:3838)
==32192==    by 0x201926: main (c23_free.c:40)
==32192== 
==32192== Conditional jump or move depends on uninitialised value(s)
==32192==    at 0x48804B3: sz_sa2u (sz.h:320)
==32192==    by 0x48804B3: aligned_usize_get (jemalloc.c:2346)
==32192==    by 0x48804B3: inallocx (jemalloc.c:3826)
==32192==    by 0x48804B3: je_sdallocx_default (jemalloc.c:3838)
==32192==    by 0x201926: main (c23_free.c:40)
==32192== 
==32192== Conditional jump or move depends on uninitialised value(s)
==32192==    at 0x48804D0: sz_s2u (sz.h:303)
==32192==    by 0x48804D0: sz_sa2u (sz.h:335)
==32192==    by 0x48804D0: aligned_usize_get (jemalloc.c:2346)
==32192==    by 0x48804D0: inallocx (jemalloc.c:3826)
==32192==    by 0x48804D0: je_sdallocx_default (jemalloc.c:3838)
==32192==    by 0x201926: main (c23_free.c:40)
==32192== 
==32192== Use of uninitialised value of size 8
==32192==    at 0x48804E5: sz_size2index_lookup_impl (sz.h:192)
==32192==    by 0x48804E5: sz_size2index_lookup (sz.h:198)
==32192==    by 0x48804E5: sz_s2u_lookup (sz.h:291)
==32192==    by 0x48804E5: sz_s2u (sz.h:304)
==32192==    by 0x48804E5: sz_sa2u (sz.h:335)
==32192==    by 0x48804E5: aligned_usize_get (jemalloc.c:2346)
==32192==    by 0x48804E5: inallocx (jemalloc.c:3826)
==32192==    by 0x48804E5: je_sdallocx_default (jemalloc.c:3838)
==32192==    by 0x201926: main (c23_free.c:40)
==32192== 
==32192== Conditional jump or move depends on uninitialised value(s)
==32192==    at 0x488069C: mallocx_tcache_get (jemalloc.c:3235)
==32192==    by 0x488069C: je_sdallocx_default (jemalloc.c:3841)
==32192==    by 0x201926: main (c23_free.c:40)
==32192== 
==32192== 
==32192== HEAP SUMMARY:
==32192==     in use at exit: 14,044 bytes in 16 blocks
==32192==   total heap usage: 16 allocs, 0 frees, 14,044 bytes allocated

That's lots of errors in libjemalloc because the functions aren't being
redirected. Everything leaks as well. Funnily no crash.

With the changes I'm going to make

==34877== Mismatched aligned_alloc/free_sized size value: 1024
==34877==    at 0x484F433: free_sized (vg_replace_malloc.c:1037)
==34877==    by 0x201856: main (c23_free.c:16)
==34877==  Address 0x58a7890 is 0 bytes inside a block of size 1,000 alloc'd
==34877==    at 0x484D294: malloc (vg_replace_malloc.c:450)
==34877==    by 0x201844: main (c23_free.c:14)
==34877== 
==34877== Conditional jump or move depends on uninitialised value(s)
==34877==    at 0x484F3E8: free_sized (vg_replace_malloc.c:1037)
==34877==    by 0x201899: main (c23_free.c:24)
==34877== 
==34877== Invalid alignment value: 1000 (should be a power of 2)
==34877==    at 0x484F691: free_aligned_sized (vg_replace_malloc.c:1078)
==34877==    by 0x2018B8: main (c23_free.c:28)
==34877== 
==34877== Mismatched aligned_alloc/free_aligned_sized alignment alloc value: 0
dealloc value: 1000
==34877==    at 0x484F691: free_aligned_sized (vg_replace_malloc.c:1078)
==34877==    by 0x2018B8: main (c23_free.c:28)
==34877==  Address 0x58a8240 is 0 bytes inside a block of size 1,000 alloc'd
==34877==    at 0x484D294: malloc (vg_replace_malloc.c:450)
==34877==    by 0x2018A3: main (c23_free.c:26)
==34877== 
==34877== Mismatched aligned_alloc/free_aligned_sized alignment alloc value:
256 dealloc value: 128
==34877==    at 0x484F691: free_aligned_sized (vg_replace_malloc.c:1078)
==34877==    by 0x2018DE: main (c23_free.c:32)
==34877==  Address 0x58a8700 is 0 bytes inside a block of size 4,096 alloc'd
==34877==    at 0x48535B2: aligned_alloc (vg_replace_malloc.c:2380)
==34877==    by 0x2018C7: main (c23_free.c:30)
==34877== 
==34877== Conditional jump or move depends on uninitialised value(s)
==34877==    at 0x484F642: free_aligned_sized (vg_replace_malloc.c:1078)
==34877==    by 0x201903: main (c23_free.c:36)
==34877== 
==34877== Conditional jump or move depends on uninitialised value(s)
==34877==    at 0x484F639: free_aligned_sized (vg_replace_malloc.c:1078)
==34877==    by 0x201926: main (c23_free.c:40)
==34877== 
==34877== 
==34877== HEAP SUMMARY:
==34877==     in use at exit: 1,828 bytes in 7 blocks
==34877==   total heap usage: 16 allocs, 9 frees, 14,044 bytes allocated

(the other 7 frees are suppressed and in libthr)

-- 
You are receiving this mail because:
You are watching all bug changes.

Reply via email to