On Tue, Oct 26, 2004 at 03:21:18PM +0200, Leopold Toetsch wrote:
> Nicholas Clark wrote:
>
> >The for loop inside trace_mem_block steps right over it. This if fails:
> >
> > /* Do a quick approximate range check by bit-masking */
> > if ((ptr & mask) == prefix || !prefix) {
>
> Argh, yes. I have pointed out quite a time ago that this mask check
> isn't ok. Small and big memory chunks are allocated from different
> malloc pools so that the check doesn't really work.
>
> I'd drop the mask test - or if possible you can fix it ;)
It also doesn't help that a << 8 * sizeof(a) is undefined behaviour in C
so gcc is not wrong returning 0xFFFFFFFF for ~(size_t)0 << i; when i=32
[Thanks to Abhijit on IRC for confirming my suspicion on this one]
so I checked in a change to find_common_mask to remove that undefined
behaviour and correctly return 0 for that case. This is enough to fix the
DOD problem. I've not changed any of the code further, but I assume that
the problem with small and big chunks is that their pointers differ so much
that prefix will almost always be zero, and many many random pointers found
during the stack walk will have to be checked to eliminated. Is it worth
having separate entries for large and small buffer min and max in the
interpreter struct?
> Thanks for your thorough analysis,
No problem. Thanks for your support when I got stuck.
Nicholas Clark
