[Valgrind-users] Detecting memory leaks in ld-linux....

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

I have found a nasty memory leak when programs are linked directly
against /lib/ld-linux.so .
That library is entirely written in assemble.  The program slowly eats
main memory and=20
Swap space.  I ran valgrind against it in hopes to see where/what in
that library is causing
Memory leaks?  Valgrind produces this:

=3D=3D20438=3D=3D Memcheck, a memory error detector.
=3D=3D20438=3D=3D Copyright (C) 2002-2005, and GNU GPL'd, by Julian =
Seward et
al.
=3D=3D20438=3D=3D Using LibVEX rev 1575, a library for dynamic binary
translation.
=3D=3D20438=3D=3D Copyright (C) 2004-2005, and GNU GPL'd, by OpenWorks =
LLP.
=3D=3D20438=3D=3D Using valgrind-3.1.1, a dynamic binary instrumentation
framework.
=3D=3D20438=3D=3D Copyright (C) 2000-2005, and GNU GPL'd, by Julian =
Seward et
al.
=3D=3D20438=3D=3D For more details, rerun with: -v
=3D=3D20438=3D=3D
=3D=3D20438=3D=3D My PID =3D 20438, parent PID =3D 17415.  Prog and args =
are:
=3D=3D20438=3D=3D    ./maybeleak.notok
=3D=3D20438=3D=3D
=3D=3D20438=3D=3D Invalid write of size 1
=3D=3D20438=3D=3D    at 0x4010A32: memset (in /lib64/ld-2.3.3.so)
=3D=3D20438=3D=3D    by 0x400F1B2: free (in /lib64/ld-2.3.3.so)
=3D=3D20438=3D=3D    by 0x400723: delstuff (maybeleak.c:32)
=3D=3D20438=3D=3D    by 0x4007AB: main (maybeleak.c:53)
=3D=3D20438=3D=3D  Address 0xFFFFFFFFFFFFFFFF is not stack'd, malloc'd =
or
(recently) fre
e'd
=3D=3D20438=3D=3D
=3D=3D20438=3D=3D Process terminating with default action of signal 11
(SIGSEGV): dumpin
g core
=3D=3D20438=3D=3D  Access not within mapped region at address =
0xFFFFFFFFFFFFFFFF
=3D=3D20438=3D=3D    at 0x4010A32: memset (in /lib64/ld-2.3.3.so)
=3D=3D20438=3D=3D    by 0x400F1B2: free (in /lib64/ld-2.3.3.so)
=3D=3D20438=3D=3D    by 0x400723: delstuff (maybeleak.c:32)
=3D=3D20438=3D=3D    by 0x4007AB: main (maybeleak.c:53)
=3D=3D20438=3D=3D
=3D=3D20438=3D=3D ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 2 =
from 1)
=3D=3D20438=3D=3D malloc/free: in use at exit: 0 bytes in 0 blocks.
=3D=3D20438=3D=3D malloc/free: 0 allocs, 0 frees, 0 bytes allocated.
=3D=3D20438=3D=3D For counts of detected errors, rerun with: -v
=3D=3D20438=3D=3D All heap blocks were freed -- no leaks are possible.

My question is can valgrind detect memory leaks in assembly?  BTW, I've
also tried running
With the following options:

--log-file=3D/tmp/valgrindout --leak-check=3Dfull =
--leak-resolution=3Dhigh
--num-callers=3D40

And that produced this:

=3D=3D22427=3D=3D Memcheck, a memory error detector.
=3D=3D22427=3D=3D Copyright (C) 2002-2005, and GNU GPL'd, by Julian =
Seward et
al.
=3D=3D22427=3D=3D Using LibVEX rev 1575, a library for dynamic binary
translation.
=3D=3D22427=3D=3D Copyright (C) 2004-2005, and GNU GPL'd, by OpenWorks =
LLP.
=3D=3D22427=3D=3D Using valgrind-3.1.1, a dynamic binary instrumentation
framework.
=3D=3D22427=3D=3D Copyright (C) 2000-2005, and GNU GPL'd, by Julian =
Seward et
al.
=3D=3D22427=3D=3D For more details, rerun with: -v
=3D=3D22427=3D=3D
=3D=3D22427=3D=3D My PID =3D 22427, parent PID =3D 17415.  Prog and args =
are:
=3D=3D22427=3D=3D    ./maybeleak.notok
=3D=3D22427=3D=3D
=3D=3D22427=3D=3D Invalid write of size 1
=3D=3D22427=3D=3D    at 0x4A1BF73: memset (mac_replace_strmem.c:464)
=3D=3D22427=3D=3D    by 0x400745: allocstuff (maybeleak.c:21)
=3D=3D22427=3D=3D    by 0x4007E4: main (maybeleak.c:49)
=3D=3D22427=3D=3D  Address 0xFFFFFFFFFFFFFFFF is not stack'd, malloc'd =
or
(recently) fre
e'd
=3D=3D22427=3D=3D
=3D=3D22427=3D=3D Process terminating with default action of signal 11
(SIGSEGV): dumpin
g core
=3D=3D22427=3D=3D  Access not within mapped region at address =
0xFFFFFFFFFFFFFFFF
=3D=3D22427=3D=3D    at 0x4A1BF73: memset (mac_replace_strmem.c:464)
=3D=3D22427=3D=3D    by 0x400745: allocstuff (maybeleak.c:21)
=3D=3D22427=3D=3D    by 0x4007E4: main (maybeleak.c:49)
=3D=3D22427=3D=3D
=3D=3D22427=3D=3D ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 2 =
from 1)
=3D=3D22427=3D=3D malloc/free: in use at exit: 0 bytes in 0 blocks.
=3D=3D22427=3D=3D malloc/free: 0 allocs, 0 frees, 0 bytes allocated.
=3D=3D22427=3D=3D For counts of detected errors, rerun with: -v
=3D=3D22427=3D=3D All heap blocks were freed -- no leaks are possible.

Ths is the C program:

#include <stdio.h>
#include <memory.h>
#include <malloc.h>
#include <string.h>
#include <errno.h>

char *
allocstuff (int len) {
        char *stuff  =3D (char*) 0 ;
//        fprintf(stderr,"Constructing with len %d\n",len);

        if( len < 1 ) {
                (void) fprintf(stderr,"*ERROR*: len %d < 0\n",len);
                return (char*) 0;
        }
        stuff =3D (char *) malloc(len);
        if( stuff  =3D=3D (char*) 0) {
                (void) fprintf(stderr,"malloc(%d) failed: %s\n",
len,strerror(errno));
        }
        (void) memset(stuff,'\0',len);
        return(stuff);
}

void
delstuff(char *stuff)
{
        if( stuff =3D=3D (char*) 0 ) {
                (void) fprintf(stderr,"delstuff(): stuff is NULL\n");
                return;
        }
        free(stuff);
}

int
main()
{
        int sz =3D 1024 * 1024;
        int count;
        char *thing[11];
        int meg;
        int loop =3D 0;
        while (1) {
//           fprintf(stderr,"Loop %u\n",loop++);
           for (meg=3D1; meg <=3D 100; meg++) {
                for (count=3D0; count< 10; count++) {
//                       fprintf(stderr,"Creating thing[%d]\n",count);
                        thing[count]  =3D allocstuff(meg * sz + count);
                }
                for (count=3D9; count >=3D0; count--) {
//                        fprintf(stderr,"Deleting thing[%d]\n",count);
                        delstuff(thing[count]);
                }
          }
        }
        return(0);
}

Thanks...

---
Robert