Re: [Valgrind-users] [PATCH] Improve errors for use-after-free on memory pools
On Thu, 2013-02-14 at 07:21 +0100, Matthias Schwarzott wrote: I will create a bug ticket to track this. No time for the moment to look at your patch, but it is a good idea to enter a bug in bugzilla with the patch and the before/after diffs for the test. Philippe -- The Go Parallel Website, sponsored by Intel - in partnership with Geeknet, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials, tech docs, whitepapers, evaluation guides, and opinion stories. Check out the most recent posts - join the conversation now. http://goparallel.sourceforge.net/ ___ Valgrind-users mailing list Valgrind-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/valgrind-users
Re: [Valgrind-users] [PATCH] Improve errors for use-after-free on memory pools
On 12.02.2013 10:12, Paul Menzel wrote: Dear Matthias, I am new to Valgrind too. Reading the Mailing Lists and IRC Web page [1] there is also a developer list, where your patch might get more attention. Am Dienstag, den 12.02.2013, 07:13 +0100 schrieb Matthias Schwarzott: Currently the valgrind-message for use-after-free for a memory pool consists of the execution callstack and the callstack, where the superblock was allocated. To better diagnose it I wanted to get also the callstack of the place where MEMPOOL_FREE was called. Sounds like a nice idea to me. The attached patch uses the new fields added for use-after-free messages that show two callstacks. It is just a proof of concept. How could it be improved? Could you show a trace without and with your patch applied? testcase memcheck/test/clireq_nofill before: *s=0x5 after MEMPOOL_ALLOC ==21626== Invalid read of size 1 ==21626==at 0x400A52: main (clireq_nofill.c:23) ==21626== Address 0x4c58040 is 0 bytes inside a recently re-allocated block of size 40 alloc'd ==21626==at 0x4A091AD: malloc (vg_replace_malloc.c:270) ==21626==by 0x40091A: main (clireq_nofill.c:16) ==21626== *s=0x5 after MEMPOOL_FREE *s=0x5 after second MEMPOOL_ALLOC *s=0x5 after MALLOCLIKE_BLOCK ==21626== Invalid read of size 1 ==21626==at 0x400C9B: main (clireq_nofill.c:36) ==21626== Address 0x4c580b0 is 0 bytes inside a recently re-allocated block of size 40 alloc'd ==21626==at 0x4A091AD: malloc (vg_replace_malloc.c:270) ==21626==by 0x400B65: main (clireq_nofill.c:29) ==21626== *s=0x5 after FREELIKE_BLOCK after: *s=0x5 after MEMPOOL_ALLOC ==24145== Invalid read of size 1 ==24145==at 0x400A52: main (clireq_nofill.c:23) ==24145== Address 0x4c57040 is 0 bytes inside a recently re-allocated block of size 40 alloc'd ==24145==at 0x4A08C8F: malloc (vg_replace_malloc.c:270) ==24145==by 0x40091A: main (clireq_nofill.c:16) ==24145== block was re-alloced at ==24145==at 0x400A43: main (clireq_nofill.c:22) ==24145== *s=0x5 after MEMPOOL_FREE *s=0x5 after second MEMPOOL_ALLOC *s=0x5 after MALLOCLIKE_BLOCK ==24145== Invalid read of size 1 ==24145==at 0x400C9B: main (clireq_nofill.c:36) ==24145== Address 0x4c570b0 is 0 bytes inside a recently re-allocated block of size 40 alloc'd ==24145==at 0x4A08C8F: malloc (vg_replace_malloc.c:270) ==24145==by 0x400B65: main (clireq_nofill.c:29) ==24145== block was re-alloced at ==24145==at 0x400C8C: main (clireq_nofill.c:35) ==24145== *s=0x5 after FREELIKE_BLOCK *s=0x5 after second MALLOCLIKE_BLOCK I wonder if this will work in all cases. And maybe the text for the third callstack could be changed to block was freed at. I will create a bug ticket to track this. Regards Matthias -- Free Next-Gen Firewall Hardware Offer Buy your Sophos next-gen firewall before the end March 2013 and get the hardware for free! Learn more. http://p.sf.net/sfu/sophos-d2d-feb ___ Valgrind-users mailing list Valgrind-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/valgrind-users
Re: [Valgrind-users] [PATCH] Improve errors for use-after-free on memory pools
Dear Matthias, I am new to Valgrind too. Reading the Mailing Lists and IRC Web page [1] there is also a developer list, where your patch might get more attention. Am Dienstag, den 12.02.2013, 07:13 +0100 schrieb Matthias Schwarzott: Currently the valgrind-message for use-after-free for a memory pool consists of the execution callstack and the callstack, where the superblock was allocated. To better diagnose it I wanted to get also the callstack of the place where MEMPOOL_FREE was called. Sounds like a nice idea to me. The attached patch uses the new fields added for use-after-free messages that show two callstacks. It is just a proof of concept. How could it be improved? Could you show a trace without and with your patch applied? Thanks, Paul [1] http://valgrind.org/support/ signature.asc Description: This is a digitally signed message part -- Free Next-Gen Firewall Hardware Offer Buy your Sophos next-gen firewall before the end March 2013 and get the hardware for free! Learn more. http://p.sf.net/sfu/sophos-d2d-feb___ Valgrind-users mailing list Valgrind-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/valgrind-users