On 12.02.2013 10:12, Paul Menzel wrote: > Dear Matthias, > > > I am new to Valgrind too. Reading the Mailing Lists and IRC Web page [1] > there is also a developer list, where your patch might get more > attention. > > > Am Dienstag, den 12.02.2013, 07:13 +0100 schrieb Matthias Schwarzott: > >> Currently the valgrind-message for use-after-free for a memory pool >> consists of the execution callstack and the callstack, where the >> superblock was allocated. To better diagnose it I wanted to get also the >> callstack of the place where MEMPOOL_FREE was called. > Sounds like a nice idea to me. > >> The attached patch uses the new fields added for use-after-free messages >> that show two callstacks. >> It is just a proof of concept. >> How could it be improved? > Could you show a trace without and with your patch applied? > testcase memcheck/test/clireq_nofill before: *s=0x5 after MEMPOOL_ALLOC ==21626== Invalid read of size 1 ==21626== at 0x400A52: main (clireq_nofill.c:23) ==21626== Address 0x4c58040 is 0 bytes inside a recently re-allocated block of size 40 alloc'd ==21626== at 0x4A091AD: malloc (vg_replace_malloc.c:270) ==21626== by 0x40091A: main (clireq_nofill.c:16) ==21626== *s=0x5 after MEMPOOL_FREE *s=0x5 after second MEMPOOL_ALLOC *s=0x5 after MALLOCLIKE_BLOCK ==21626== Invalid read of size 1 ==21626== at 0x400C9B: main (clireq_nofill.c:36) ==21626== Address 0x4c580b0 is 0 bytes inside a recently re-allocated block of size 40 alloc'd ==21626== at 0x4A091AD: malloc (vg_replace_malloc.c:270) ==21626== by 0x400B65: main (clireq_nofill.c:29) ==21626== *s=0x5 after FREELIKE_BLOCK
after: *s=0x5 after MEMPOOL_ALLOC ==24145== Invalid read of size 1 ==24145== at 0x400A52: main (clireq_nofill.c:23) ==24145== Address 0x4c57040 is 0 bytes inside a recently re-allocated block of size 40 alloc'd ==24145== at 0x4A08C8F: malloc (vg_replace_malloc.c:270) ==24145== by 0x40091A: main (clireq_nofill.c:16) ==24145== block was re-alloced at ==24145== at 0x400A43: main (clireq_nofill.c:22) ==24145== *s=0x5 after MEMPOOL_FREE *s=0x5 after second MEMPOOL_ALLOC *s=0x5 after MALLOCLIKE_BLOCK ==24145== Invalid read of size 1 ==24145== at 0x400C9B: main (clireq_nofill.c:36) ==24145== Address 0x4c570b0 is 0 bytes inside a recently re-allocated block of size 40 alloc'd ==24145== at 0x4A08C8F: malloc (vg_replace_malloc.c:270) ==24145== by 0x400B65: main (clireq_nofill.c:29) ==24145== block was re-alloced at ==24145== at 0x400C8C: main (clireq_nofill.c:35) ==24145== *s=0x5 after FREELIKE_BLOCK *s=0x5 after second MALLOCLIKE_BLOCK I wonder if this will work in all cases. And maybe the text for the third callstack could be changed to "block was freed at". I will create a bug ticket to track this. Regards Matthias ------------------------------------------------------------------------------ Free Next-Gen Firewall Hardware Offer Buy your Sophos next-gen firewall before the end March 2013 and get the hardware for free! Learn more. http://p.sf.net/sfu/sophos-d2d-feb _______________________________________________ Valgrind-users mailing list Valgrind-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/valgrind-users
