You can subscribe to this list here.
| 2002 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
(1) |
Oct
(122) |
Nov
(152) |
Dec
(69) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2003 |
Jan
(6) |
Feb
(25) |
Mar
(73) |
Apr
(82) |
May
(24) |
Jun
(25) |
Jul
(10) |
Aug
(11) |
Sep
(10) |
Oct
(54) |
Nov
(203) |
Dec
(182) |
| 2004 |
Jan
(307) |
Feb
(305) |
Mar
(430) |
Apr
(312) |
May
(187) |
Jun
(342) |
Jul
(487) |
Aug
(637) |
Sep
(336) |
Oct
(373) |
Nov
(441) |
Dec
(210) |
| 2005 |
Jan
(385) |
Feb
(480) |
Mar
(636) |
Apr
(544) |
May
(679) |
Jun
(625) |
Jul
(810) |
Aug
(838) |
Sep
(634) |
Oct
(521) |
Nov
(965) |
Dec
(543) |
| 2006 |
Jan
(494) |
Feb
(431) |
Mar
(546) |
Apr
(411) |
May
(406) |
Jun
(322) |
Jul
(256) |
Aug
(401) |
Sep
(345) |
Oct
(542) |
Nov
(308) |
Dec
(481) |
| 2007 |
Jan
(427) |
Feb
(326) |
Mar
(367) |
Apr
(255) |
May
(244) |
Jun
(204) |
Jul
(223) |
Aug
(231) |
Sep
(354) |
Oct
(374) |
Nov
(497) |
Dec
(362) |
| 2008 |
Jan
(322) |
Feb
(482) |
Mar
(658) |
Apr
(422) |
May
(476) |
Jun
(396) |
Jul
(455) |
Aug
(267) |
Sep
(280) |
Oct
(253) |
Nov
(232) |
Dec
(304) |
| 2009 |
Jan
(486) |
Feb
(470) |
Mar
(458) |
Apr
(423) |
May
(696) |
Jun
(461) |
Jul
(551) |
Aug
(575) |
Sep
(134) |
Oct
(110) |
Nov
(157) |
Dec
(102) |
| 2010 |
Jan
(226) |
Feb
(86) |
Mar
(147) |
Apr
(117) |
May
(107) |
Jun
(203) |
Jul
(193) |
Aug
(238) |
Sep
(300) |
Oct
(246) |
Nov
(23) |
Dec
(75) |
| 2011 |
Jan
(133) |
Feb
(195) |
Mar
(315) |
Apr
(200) |
May
(267) |
Jun
(293) |
Jul
(353) |
Aug
(237) |
Sep
(278) |
Oct
(611) |
Nov
(274) |
Dec
(260) |
| 2012 |
Jan
(303) |
Feb
(391) |
Mar
(417) |
Apr
(441) |
May
(488) |
Jun
(655) |
Jul
(590) |
Aug
(610) |
Sep
(526) |
Oct
(478) |
Nov
(359) |
Dec
(372) |
| 2013 |
Jan
(467) |
Feb
(226) |
Mar
(391) |
Apr
(281) |
May
(299) |
Jun
(252) |
Jul
(311) |
Aug
(352) |
Sep
(481) |
Oct
(571) |
Nov
(222) |
Dec
(231) |
| 2014 |
Jan
(185) |
Feb
(329) |
Mar
(245) |
Apr
(238) |
May
(281) |
Jun
(399) |
Jul
(382) |
Aug
(500) |
Sep
(579) |
Oct
(435) |
Nov
(487) |
Dec
(256) |
| 2015 |
Jan
(338) |
Feb
(357) |
Mar
(330) |
Apr
(294) |
May
(191) |
Jun
(108) |
Jul
(142) |
Aug
(261) |
Sep
(190) |
Oct
(54) |
Nov
(83) |
Dec
(22) |
| 2016 |
Jan
(49) |
Feb
(89) |
Mar
(33) |
Apr
(50) |
May
(27) |
Jun
(34) |
Jul
(53) |
Aug
(53) |
Sep
(98) |
Oct
(206) |
Nov
(93) |
Dec
(53) |
| 2017 |
Jan
(65) |
Feb
(82) |
Mar
(102) |
Apr
(86) |
May
(187) |
Jun
(67) |
Jul
(23) |
Aug
(93) |
Sep
(65) |
Oct
(45) |
Nov
(35) |
Dec
(17) |
| 2018 |
Jan
(26) |
Feb
(35) |
Mar
(38) |
Apr
(32) |
May
(8) |
Jun
(43) |
Jul
(27) |
Aug
(30) |
Sep
(43) |
Oct
(42) |
Nov
(38) |
Dec
(67) |
| 2019 |
Jan
(32) |
Feb
(37) |
Mar
(53) |
Apr
(64) |
May
(49) |
Jun
(18) |
Jul
(14) |
Aug
(53) |
Sep
(25) |
Oct
(30) |
Nov
(49) |
Dec
(31) |
| 2020 |
Jan
(87) |
Feb
(45) |
Mar
(37) |
Apr
(51) |
May
(99) |
Jun
(36) |
Jul
(11) |
Aug
(14) |
Sep
(20) |
Oct
(24) |
Nov
(40) |
Dec
(23) |
| 2021 |
Jan
(14) |
Feb
(53) |
Mar
(85) |
Apr
(15) |
May
(19) |
Jun
(3) |
Jul
(14) |
Aug
(1) |
Sep
(57) |
Oct
(73) |
Nov
(56) |
Dec
(22) |
| 2022 |
Jan
(3) |
Feb
(22) |
Mar
(6) |
Apr
(55) |
May
(46) |
Jun
(39) |
Jul
(15) |
Aug
(9) |
Sep
(11) |
Oct
(34) |
Nov
(20) |
Dec
(36) |
| 2023 |
Jan
(79) |
Feb
(41) |
Mar
(99) |
Apr
(169) |
May
(48) |
Jun
(16) |
Jul
(16) |
Aug
(57) |
Sep
(19) |
Oct
|
Nov
|
Dec
|
| S | M | T | W | T | F | S |
|---|---|---|---|---|---|---|
|
1
(13) |
2
(33) |
3
(25) |
4
(22) |
5
(22) |
6
(21) |
7
(19) |
|
8
(29) |
9
(34) |
10
(29) |
11
(37) |
12
(36) |
13
(28) |
14
(25) |
|
15
(28) |
16
(23) |
17
(36) |
18
(21) |
19
(12) |
20
(14) |
21
(10) |
|
22
(7) |
23
(15) |
24
(41) |
25
(15) |
26
(9) |
27
(7) |
28
(6) |
|
29
(16) |
30
(24) |
31
(22) |
|
|
|
|
|
From: <sv...@va...> - 2005-05-24 21:36:34
|
Author: njn
Date: 2005-05-24 22:36:32 +0100 (Tue, 24 May 2005)
New Revision: 3801
Modified:
trunk/coregrind/vg_main.c
Log:
Spotted by Madhu Kurup: don't leak memory.
Modified: trunk/coregrind/vg_main.c
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
--- trunk/coregrind/vg_main.c 2005-05-24 21:28:54 UTC (rev 3800)
+++ trunk/coregrind/vg_main.c 2005-05-24 21:36:32 UTC (rev 3801)
@@ -563,6 +563,10 @@
to =3D copy_args(f1_clo, to);
to =3D copy_args(env_clo, to);
to =3D copy_args(f2_clo, to);
+ =20
+ // Free memory
+ free(f1_clo);
+ free(f2_clo);
=20
/* copy original arguments, stopping at command or -- */
while (*from) {
|
|
From: Nicholas N. <nj...@cs...> - 2005-05-24 21:31:26
|
On Tue, 24 May 2005, Madhu M. Kurup wrote: > Loop overrun occurs as the i+1 value is being processed. A code path exists > where i can be uninitialized but incremented (line 1082). Fixed -- not exactly as you suggested, but fixed. Thanks. N |
|
From: <sv...@va...> - 2005-05-24 21:28:58
|
Author: njn
Date: 2005-05-24 22:28:54 +0100 (Tue, 24 May 2005)
New Revision: 3800
Modified:
trunk/massif/ms_main.c
Log:
Fix error found by Madhu Kurup:
Loop overrun occurs as the i+1 value is being processed. A code path
exists where i can be uninitialized but incremented (line 1082). =20
Modified: trunk/massif/ms_main.c
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
--- trunk/massif/ms_main.c 2005-05-24 20:07:20 UTC (rev 3799)
+++ trunk/massif/ms_main.c 2005-05-24 21:28:54 UTC (rev 3800)
@@ -923,7 +923,7 @@
=20
// Sets j to the index of the first not-yet-removed census at or afte=
r i
#define FIND_CENSUS(i, j) \
- for (j =3D i; -1 =3D=3D censi[j].ms_time; j++) { }
+ for (j =3D i; j < MAX_N_CENSI && -1 =3D=3D censi[j].ms_time; j++) =
{ }
=20
for (i =3D 2; i < MAX_N_CENSI; i +=3D 2) {
// Find the censi representing the smallest timespan. The timespa=
n
@@ -989,7 +989,6 @@
static UInt ms_next_census =3D 0; // zero allows startup census
=20
Int ms_time, ms_time_since_prev;
- Int i, K;
Census* census;
=20
VGP_PUSHCC(VgpCensus);
@@ -1010,6 +1009,7 @@
=20
// Heap: snapshot the K most significant XTrees -------------------
if (clo_heap) {
+ Int i, K;
K =3D ( alloc_xpt->n_children < MAX_SNAPSHOTS=20
? alloc_xpt->n_children
: MAX_SNAPSHOTS); // max out
@@ -1086,7 +1086,6 @@
census->stacks_space =3D sigstacks_space;
// slightly abusing this function
VG_(first_matching_thread_stack)( count_stack_size, &census->stack=
s_space );
- i++;
}
=20
// Finish, update interval if necessary -----------------------------
|
|
From: Nicholas N. <nj...@cs...> - 2005-05-24 20:08:36
|
On Tue, 24 May 2005, Madhu M. Kurup wrote: > All other checks with VG_N_THREADS are <, except this one. > > - for(tid = 1; tid <= VG_N_THREADS; tid++) > + for(tid = 1; tid < VG_N_THREADS; tid++) Committed, thanks. N |
|
From: <sv...@va...> - 2005-05-24 20:07:23
|
Author: njn
Date: 2005-05-24 21:07:20 +0100 (Tue, 24 May 2005)
New Revision: 3799
Modified:
trunk/coregrind/vg_scheduler.c
Log:
All other checks with VG_N_THREADS are <, except this one.
(From Madhu Kurup.)
Modified: trunk/coregrind/vg_scheduler.c
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
--- trunk/coregrind/vg_scheduler.c 2005-05-24 15:09:14 UTC (rev 3798)
+++ trunk/coregrind/vg_scheduler.c 2005-05-24 20:07:20 UTC (rev 3799)
@@ -240,7 +240,7 @@
{
ThreadId tid;
=20
- for(tid =3D 1; tid <=3D VG_N_THREADS; tid++)
+ for(tid =3D 1; tid < VG_N_THREADS; tid++)
if (VG_(threads)[tid].status !=3D VgTs_Empty && VG_(threads)[tid].=
os_state.lwpid =3D=3D lwp)
return tid;
=20
|
|
From: Nicholas N. <nj...@cs...> - 2005-05-24 18:07:59
|
On Tue, 24 May 2005, Madhu M Kurup wrote: > There are a bunch of indicators that I could not reconcile with any problem. > I decided to first send what seemed like real issues before reporting the > ones that possible could be a analysis error. I will report all of them for > sure. Great. I'd be interested to see exactly what information the tool is spitting out. N |
|
From: Madhu M K. <mm...@ya...> - 2005-05-24 17:34:53
|
Hi, > > I'll definitely look soon at the ones in code that I understand. You > haven't sent patches for all the files you mentioned (eg. vg_translate.c > ac_main.c) -- are they coming, or are they ones you judged unimportant? > There are a bunch of indicators that I could not reconcile with any problem. I decided to first send what seemed like real issues before reporting the ones that possible could be a analysis error. I will report all of them for sure. Cheerio, M Madhu M Kurup /* Nemo Me Impune Lacessit */ mmk at yahoo-inc dt com |
|
From: Robert W. <rj...@du...> - 2005-05-24 16:33:59
|
> > Sigh. I appear to have forgotten my svn password. If someone could > > apply the appropriate patches, I'd be grateful... :-) >=20 > Done. Thanks, Tom. Regards, Robert. --=20 Robert Walsh Amalgamated Durables, Inc. - "We don't make the things you buy." Email: rj...@du... |
|
From: <sv...@va...> - 2005-05-24 15:09:16
|
Author: sewardj Date: 2005-05-24 16:09:14 +0100 (Tue, 24 May 2005) New Revision: 3798 Added: trunk/memcheck/tests/xml1.stderr.exp64 Modified: trunk/memcheck/tests/Makefile.am Log: amd64-linux output Modified: trunk/memcheck/tests/Makefile.am =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D --- trunk/memcheck/tests/Makefile.am 2005-05-24 15:00:55 UTC (rev 3797) +++ trunk/memcheck/tests/Makefile.am 2005-05-24 15:09:14 UTC (rev 3798) @@ -77,7 +77,7 @@ metadata.stderr.exp metadata.stdout.exp metadata.vgtest \ vgtest_ume.stderr.exp vgtest_ume.vgtest \ writev.stderr.exp writev.stderr.exp2 writev.stderr.exp3 writev.vgtest \ - xml1.stderr.exp xml1.stdout.exp xml1.vgtest \ + xml1.stderr.exp xml1.stderr.exp64 xml1.stdout.exp xml1.vgtest \ zeropage.stderr.exp zeropage.stderr.exp2 zeropage.vgtest =20 check_PROGRAMS =3D \ Added: trunk/memcheck/tests/xml1.stderr.exp64 =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D --- trunk/memcheck/tests/xml1.stderr.exp64 2005-05-24 15:00:55 UTC (rev 3= 797) +++ trunk/memcheck/tests/xml1.stderr.exp64 2005-05-24 15:09:14 UTC (rev 3= 798) @@ -0,0 +1,156 @@ + +<valgrindoutput> + +<protocolversion>1</protocolversion> + +<preamble>...</preamble> +<preamble>...</preamble> +<preamble>...</preamble> +<preamble>...</preamble> +<preamble>...</preamble> +<preamble>...</preamble> + +<pid>...</pid> +<ppid>...</ppid> +<tool>memcheck</tool> + +<argv> + <arg>./xml1</arg> +</argv> + +<status>RUNNING</status> + +<error> + <unique>0x........</unique> + <tid>...</tid> + <kind>InvalidRead</kind> + <what>Invalid read of size 4</what> + <stack> + <frame><ip>0x........</ip><obj>...</obj><fn>frame3</fn><file>xml1.c<= /file><line>11</line></frame> + <frame><ip>0x........</ip><obj>...</obj><fn>frame2</fn><file>xml1.c<= /file><line>39</line></frame> + <frame><ip>0x........</ip><obj>...</obj><fn>frame1</fn><file>xml1.c<= /file><line>44</line></frame> + <frame><ip>0x........</ip><obj>...</obj><fn>main</fn><file>xml1.c</f= ile><line>49</line></frame> + </stack> + <auxwhat>Address 0x........ is 0 bytes after a block of size 40 alloc'= d</auxwhat> + <stack> + <frame><ip>0x........</ip><obj>...</obj><fn>malloc</fn><file>vg_repl= ace_malloc.c</file><line>220</line></frame> + <frame><ip>0x........</ip><obj>...</obj><fn>frame3</fn><file>xml1.c<= /file><line>8</line></frame> + <frame><ip>0x........</ip><obj>...</obj><fn>frame2</fn><file>xml1.c<= /file><line>39</line></frame> + <frame><ip>0x........</ip><obj>...</obj><fn>frame1</fn><file>xml1.c<= /file><line>44</line></frame> + <frame><ip>0x........</ip><obj>...</obj><fn>main</fn><file>xml1.c</f= ile><line>49</line></frame> + </stack> +</error> + +<error> + <unique>0x........</unique> + <tid>...</tid> + <kind>UninitCondition</kind> + <what>Conditional jump or move depends on uninitialised value(s)</what= > + <stack> + <frame><ip>0x........</ip><obj>...</obj><fn>frame3</fn><file>xml1.c<= /file><line>14</line></frame> + <frame><ip>0x........</ip><obj>...</obj><fn>frame2</fn><file>xml1.c<= /file><line>39</line></frame> + <frame><ip>0x........</ip><obj>...</obj><fn>frame1</fn><file>xml1.c<= /file><line>44</line></frame> + <frame><ip>0x........</ip><obj>...</obj><fn>main</fn><file>xml1.c</f= ile><line>49</line></frame> + </stack> +</error> + +<error> + <unique>0x........</unique> + <tid>...</tid> + <kind>UninitValue</kind> + <what>Use of uninitialised value of size 8</what> + <stack> + <frame><ip>0x........</ip><obj>...</obj><fn>frame3</fn><file>xml1.c<= /file><line>21</line></frame> + <frame><ip>0x........</ip><obj>...</obj><fn>frame2</fn><file>xml1.c<= /file><line>39</line></frame> + <frame><ip>0x........</ip><obj>...</obj><fn>frame1</fn><file>xml1.c<= /file><line>44</line></frame> + <frame><ip>0x........</ip><obj>...</obj><fn>main</fn><file>xml1.c</f= ile><line>49</line></frame> + </stack> +</error> + +<error> + <unique>0x........</unique> + <tid>...</tid> + <kind>InvalidFree</kind> + <what>Invalid free() / delete / delete[]</what> + <stack> + <frame><ip>0x........</ip><obj>...</obj><fn>free</fn><file>vg_replac= e_malloc.c</file><line>306</line></frame> + <frame><ip>0x........</ip><obj>...</obj><fn>frame3</fn><file>xml1.c<= /file><line>25</line></frame> + <frame><ip>0x........</ip><obj>...</obj><fn>frame2</fn><file>xml1.c<= /file><line>39</line></frame> + <frame><ip>0x........</ip><obj>...</obj><fn>frame1</fn><file>xml1.c<= /file><line>44</line></frame> + <frame><ip>0x........</ip><obj>...</obj><fn>main</fn><file>xml1.c</f= ile><line>49</line></frame> + </stack> + <auxwhat>Address 0x........ is 0 bytes inside a block of size 40 free'= d</auxwhat> + <stack> + <frame><ip>0x........</ip><obj>...</obj><fn>free</fn><file>vg_replac= e_malloc.c</file><line>306</line></frame> + <frame><ip>0x........</ip><obj>...</obj><fn>frame3</fn><file>xml1.c<= /file><line>24</line></frame> + <frame><ip>0x........</ip><obj>...</obj><fn>frame2</fn><file>xml1.c<= /file><line>39</line></frame> + <frame><ip>0x........</ip><obj>...</obj><fn>frame1</fn><file>xml1.c<= /file><line>44</line></frame> + <frame><ip>0x........</ip><obj>...</obj><fn>main</fn><file>xml1.c</f= ile><line>49</line></frame> + </stack> +</error> + +<error> + <unique>0x........</unique> + <tid>...</tid> + <kind>InvalidFree</kind> + <what>Invalid free() / delete / delete[]</what> + <stack> + <frame><ip>0x........</ip><obj>...</obj><fn>free</fn><file>vg_replac= e_malloc.c</file><line>306</line></frame> + <frame><ip>0x........</ip><obj>...</obj><fn>frame3</fn><file>xml1.c<= /file><line>28</line></frame> + <frame><ip>0x........</ip><obj>...</obj><fn>frame2</fn><file>xml1.c<= /file><line>39</line></frame> + <frame><ip>0x........</ip><obj>...</obj><fn>frame1</fn><file>xml1.c<= /file><line>44</line></frame> + <frame><ip>0x........</ip><obj>...</obj><fn>main</fn><file>xml1.c</f= ile><line>49</line></frame> + </stack> + <auxwhat>Address 0x........ is on thread 1's stack</auxwhat> +</error> + +<error> + <unique>0x........</unique> + <tid>...</tid> + <kind>SyscallParam</kind> + <what>Syscall param exit_group(exit_code) contains uninitialised byte(= s)</what> + <stack> + <frame><ip>0x........</ip><obj>...</obj><fn>_Exit</fn></frame> + <frame><ip>0x........</ip><obj>...</obj><fn>exit</fn></frame> + <frame><ip>0x........</ip><obj>...</obj><fn>__libc_start_main</fn></= frame> + <frame><ip>0x........</ip><obj>...</obj><file>start.S</file><line>11= 3</line></frame> + </stack> +</error> + +<errorcounts> + <pair><count>1</count><unique>0x........</unique></pair> + <pair><count>1</count><unique>0x........</unique></pair> + <pair><count>1</count><unique>0x........</unique></pair> + <pair><count>1</count><unique>0x........</unique></pair> + <pair><count>1</count><unique>0x........</unique></pair> + <pair><count>1</count><unique>0x........</unique></pair> +</errorcounts> + +<status>FINISHED</status> + +<suppcounts> + <pair><count>3</count><name>index-not-intercepted-early-enough-HACK-1<= /name></pair> + <pair><count>1</count><name>strlen-not-intercepted-early-enough-HACK-5= </name></pair> + <pair><count>1</count><name>strlen-not-intercepted-early-enough-HACK-4= </name></pair> + <pair><count>1</count><name>strlen-not-intercepted-early-enough-HACK-3= </name></pair> + <pair><count>2</count><name>dl_relocate_object</name></pair> +<suppcounts> + +<error> + <unique>0x........</unique> + <tid>...</tid> + <kind>Leak_DefinitelyLost</kind> + <what>396 bytes in 1 blocks are definitely lost in loss record 1 of 1<= /what> + <leakedbytes>396</leakedbytes> + <leakedblocks>1</leakedblocks> + <stack> + <frame><ip>0x........</ip><obj>...</obj><fn>malloc</fn><file>vg_repl= ace_malloc.c</file><line>220</line></frame> + <frame><ip>0x........</ip><obj>...</obj><fn>frame3</fn><file>xml1.c<= /file><line>31</line></frame> + <frame><ip>0x........</ip><obj>...</obj><fn>frame2</fn><file>xml1.c<= /file><line>39</line></frame> + <frame><ip>0x........</ip><obj>...</obj><fn>frame1</fn><file>xml1.c<= /file><line>44</line></frame> + <frame><ip>0x........</ip><obj>...</obj><fn>main</fn><file>xml1.c</f= ile><line>49</line></frame> + </stack> +</error> + +</valgrindoutput> + |
|
From: <sv...@va...> - 2005-05-24 15:00:59
|
Author: sewardj
Date: 2005-05-24 16:00:55 +0100 (Tue, 24 May 2005)
New Revision: 3797
Modified:
trunk/README_XML_OUTPUT.txt
trunk/memcheck/tests/xml1.stderr.exp
Log:
More XML output futzing.
Modified: trunk/README_XML_OUTPUT.txt
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
--- trunk/README_XML_OUTPUT.txt 2005-05-24 14:46:02 UTC (rev 3796)
+++ trunk/README_XML_OUTPUT.txt 2005-05-24 15:00:55 UTC (rev 3797)
@@ -59,8 +59,10 @@
=20
The output format
~~~~~~~~~~~~~~~~~
-For the most part this should be self descriptive. It is printed
-in a sort-of human-readable way for easy understanding.
+For the most part this should be self descriptive. It is printed in a
+sort-of human-readable way for easy understanding. You may want to
+read the rest of this together with the results of "valgrind --xml=3Dyes
+memcheck/tests/xml1" as an example.
=20
All tags are balanced: a <foo> tag is always closed by </foo>. Hence
in the description that follows, mention of a tag <foo> implicitly
@@ -72,7 +74,7 @@
The following nonterminals are not described further:
INT is a 64-bit signed decimal integer.
TEXT is arbitrary text.
- HEX64 is a 64-bit hexadecimal number.
+ HEX64 is a 64-bit hexadecimal number, with leading "0x".
=20
=20
TOPLEVEL
@@ -314,7 +316,7 @@
unique tag </unique>. The counts do not have to give a count for each
error so far presented - partial information is allowable.
=20
-As at Valgrind rev 3792, error counts are only emitted at program
+As at Valgrind rev 3793, error counts are only emitted at program
termination. However, it is perfectly acceptable to periodically emit
error counts as the program is running. Doing so would facilitate a
GUI to dynamically update its error-count display as the program runs.
Modified: trunk/memcheck/tests/xml1.stderr.exp
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
--- trunk/memcheck/tests/xml1.stderr.exp 2005-05-24 14:46:02 UTC (rev 379=
6)
+++ trunk/memcheck/tests/xml1.stderr.exp 2005-05-24 15:00:55 UTC (rev 379=
7)
@@ -26,18 +26,18 @@
<kind>InvalidRead</kind>
<what>Invalid read of size 4</what>
<stack>
- <frame><ip>0x........</ip><obj>...</obj><fn>frame3</fn></frame>
- <frame><ip>0x........</ip><obj>...</obj><fn>frame2</fn></frame>
- <frame><ip>0x........</ip><obj>...</obj><fn>frame1</fn></frame>
- <frame><ip>0x........</ip><obj>...</obj><fn>main</fn></frame>
+ <frame><ip>0x........</ip><obj>...</obj><fn>frame3</fn><file>xml1.c<=
/file><line>11</line></frame>
+ <frame><ip>0x........</ip><obj>...</obj><fn>frame2</fn><file>xml1.c<=
/file><line>39</line></frame>
+ <frame><ip>0x........</ip><obj>...</obj><fn>frame1</fn><file>xml1.c<=
/file><line>44</line></frame>
+ <frame><ip>0x........</ip><obj>...</obj><fn>main</fn><file>xml1.c</f=
ile><line>49</line></frame>
</stack>
<auxwhat>Address 0x........ is 0 bytes after a block of size 40 alloc'=
d</auxwhat>
<stack>
<frame><ip>0x........</ip><obj>...</obj><fn>malloc</fn><file>vg_repl=
ace_malloc.c</file><line>220</line></frame>
- <frame><ip>0x........</ip><obj>...</obj><fn>frame3</fn></frame>
- <frame><ip>0x........</ip><obj>...</obj><fn>frame2</fn></frame>
- <frame><ip>0x........</ip><obj>...</obj><fn>frame1</fn></frame>
- <frame><ip>0x........</ip><obj>...</obj><fn>main</fn></frame>
+ <frame><ip>0x........</ip><obj>...</obj><fn>frame3</fn><file>xml1.c<=
/file><line>8</line></frame>
+ <frame><ip>0x........</ip><obj>...</obj><fn>frame2</fn><file>xml1.c<=
/file><line>39</line></frame>
+ <frame><ip>0x........</ip><obj>...</obj><fn>frame1</fn><file>xml1.c<=
/file><line>44</line></frame>
+ <frame><ip>0x........</ip><obj>...</obj><fn>main</fn><file>xml1.c</f=
ile><line>49</line></frame>
</stack>
</error>
=20
@@ -47,10 +47,10 @@
<kind>UninitCondition</kind>
<what>Conditional jump or move depends on uninitialised value(s)</what=
>
<stack>
- <frame><ip>0x........</ip><obj>...</obj><fn>frame3</fn></frame>
- <frame><ip>0x........</ip><obj>...</obj><fn>frame2</fn></frame>
- <frame><ip>0x........</ip><obj>...</obj><fn>frame1</fn></frame>
- <frame><ip>0x........</ip><obj>...</obj><fn>main</fn></frame>
+ <frame><ip>0x........</ip><obj>...</obj><fn>frame3</fn><file>xml1.c<=
/file><line>14</line></frame>
+ <frame><ip>0x........</ip><obj>...</obj><fn>frame2</fn><file>xml1.c<=
/file><line>39</line></frame>
+ <frame><ip>0x........</ip><obj>...</obj><fn>frame1</fn><file>xml1.c<=
/file><line>44</line></frame>
+ <frame><ip>0x........</ip><obj>...</obj><fn>main</fn><file>xml1.c</f=
ile><line>49</line></frame>
</stack>
</error>
=20
@@ -60,10 +60,10 @@
<kind>UninitValue</kind>
<what>Use of uninitialised value of size 4</what>
<stack>
- <frame><ip>0x........</ip><obj>...</obj><fn>frame3</fn></frame>
- <frame><ip>0x........</ip><obj>...</obj><fn>frame2</fn></frame>
- <frame><ip>0x........</ip><obj>...</obj><fn>frame1</fn></frame>
- <frame><ip>0x........</ip><obj>...</obj><fn>main</fn></frame>
+ <frame><ip>0x........</ip><obj>...</obj><fn>frame3</fn><file>xml1.c<=
/file><line>21</line></frame>
+ <frame><ip>0x........</ip><obj>...</obj><fn>frame2</fn><file>xml1.c<=
/file><line>39</line></frame>
+ <frame><ip>0x........</ip><obj>...</obj><fn>frame1</fn><file>xml1.c<=
/file><line>44</line></frame>
+ <frame><ip>0x........</ip><obj>...</obj><fn>main</fn><file>xml1.c</f=
ile><line>49</line></frame>
</stack>
</error>
=20
@@ -74,18 +74,18 @@
<what>Invalid free() / delete / delete[]</what>
<stack>
<frame><ip>0x........</ip><obj>...</obj><fn>free</fn><file>vg_replac=
e_malloc.c</file><line>306</line></frame>
- <frame><ip>0x........</ip><obj>...</obj><fn>frame3</fn></frame>
- <frame><ip>0x........</ip><obj>...</obj><fn>frame2</fn></frame>
- <frame><ip>0x........</ip><obj>...</obj><fn>frame1</fn></frame>
- <frame><ip>0x........</ip><obj>...</obj><fn>main</fn></frame>
+ <frame><ip>0x........</ip><obj>...</obj><fn>frame3</fn><file>xml1.c<=
/file><line>25</line></frame>
+ <frame><ip>0x........</ip><obj>...</obj><fn>frame2</fn><file>xml1.c<=
/file><line>39</line></frame>
+ <frame><ip>0x........</ip><obj>...</obj><fn>frame1</fn><file>xml1.c<=
/file><line>44</line></frame>
+ <frame><ip>0x........</ip><obj>...</obj><fn>main</fn><file>xml1.c</f=
ile><line>49</line></frame>
</stack>
<auxwhat>Address 0x........ is 0 bytes inside a block of size 40 free'=
d</auxwhat>
<stack>
<frame><ip>0x........</ip><obj>...</obj><fn>free</fn><file>vg_replac=
e_malloc.c</file><line>306</line></frame>
- <frame><ip>0x........</ip><obj>...</obj><fn>frame3</fn></frame>
- <frame><ip>0x........</ip><obj>...</obj><fn>frame2</fn></frame>
- <frame><ip>0x........</ip><obj>...</obj><fn>frame1</fn></frame>
- <frame><ip>0x........</ip><obj>...</obj><fn>main</fn></frame>
+ <frame><ip>0x........</ip><obj>...</obj><fn>frame3</fn><file>xml1.c<=
/file><line>24</line></frame>
+ <frame><ip>0x........</ip><obj>...</obj><fn>frame2</fn><file>xml1.c<=
/file><line>39</line></frame>
+ <frame><ip>0x........</ip><obj>...</obj><fn>frame1</fn><file>xml1.c<=
/file><line>44</line></frame>
+ <frame><ip>0x........</ip><obj>...</obj><fn>main</fn><file>xml1.c</f=
ile><line>49</line></frame>
</stack>
</error>
=20
@@ -96,10 +96,10 @@
<what>Invalid free() / delete / delete[]</what>
<stack>
<frame><ip>0x........</ip><obj>...</obj><fn>free</fn><file>vg_replac=
e_malloc.c</file><line>306</line></frame>
- <frame><ip>0x........</ip><obj>...</obj><fn>frame3</fn></frame>
- <frame><ip>0x........</ip><obj>...</obj><fn>frame2</fn></frame>
- <frame><ip>0x........</ip><obj>...</obj><fn>frame1</fn></frame>
- <frame><ip>0x........</ip><obj>...</obj><fn>main</fn></frame>
+ <frame><ip>0x........</ip><obj>...</obj><fn>frame3</fn><file>xml1.c<=
/file><line>28</line></frame>
+ <frame><ip>0x........</ip><obj>...</obj><fn>frame2</fn><file>xml1.c<=
/file><line>39</line></frame>
+ <frame><ip>0x........</ip><obj>...</obj><fn>frame1</fn><file>xml1.c<=
/file><line>44</line></frame>
+ <frame><ip>0x........</ip><obj>...</obj><fn>main</fn><file>xml1.c</f=
ile><line>49</line></frame>
</stack>
<auxwhat>Address 0x........ is on thread 1's stack</auxwhat>
</error>
@@ -140,10 +140,10 @@
<leakedblocks>1</leakedblocks>
<stack>
<frame><ip>0x........</ip><obj>...</obj><fn>malloc</fn><file>vg_repl=
ace_malloc.c</file><line>220</line></frame>
- <frame><ip>0x........</ip><obj>...</obj><fn>frame3</fn></frame>
- <frame><ip>0x........</ip><obj>...</obj><fn>frame2</fn></frame>
- <frame><ip>0x........</ip><obj>...</obj><fn>frame1</fn></frame>
- <frame><ip>0x........</ip><obj>...</obj><fn>main</fn></frame>
+ <frame><ip>0x........</ip><obj>...</obj><fn>frame3</fn><file>xml1.c<=
/file><line>31</line></frame>
+ <frame><ip>0x........</ip><obj>...</obj><fn>frame2</fn><file>xml1.c<=
/file><line>39</line></frame>
+ <frame><ip>0x........</ip><obj>...</obj><fn>frame1</fn><file>xml1.c<=
/file><line>44</line></frame>
+ <frame><ip>0x........</ip><obj>...</obj><fn>main</fn><file>xml1.c</f=
ile><line>49</line></frame>
</stack>
</error>
=20
|
|
From: <sv...@va...> - 2005-05-24 14:46:08
|
Author: sewardj
Date: 2005-05-24 15:46:02 +0100 (Tue, 24 May 2005)
New Revision: 3796
Added:
trunk/memcheck/tests/filter_xml
trunk/memcheck/tests/xml1.c
trunk/memcheck/tests/xml1.stderr.exp
trunk/memcheck/tests/xml1.stdout.exp
trunk/memcheck/tests/xml1.vgtest
Modified:
trunk/memcheck/tests/Makefile.am
Log:
Test XML output.
Modified: trunk/memcheck/tests/Makefile.am
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
--- trunk/memcheck/tests/Makefile.am 2005-05-24 14:23:10 UTC (rev 3795)
+++ trunk/memcheck/tests/Makefile.am 2005-05-24 14:46:02 UTC (rev 3796)
@@ -2,7 +2,7 @@
DIST_SUBDIRS =3D ${VG_ARCH_ALL} .
=20
noinst_SCRIPTS =3D filter_allocs filter_leak_check_size \
- filter_stderr filter_stderr_backtrace
+ filter_stderr filter_stderr_backtrace filter_xml
=20
EXTRA_DIST =3D $(noinst_SCRIPTS) \
addressable.stderr.exp addressable.stdout.exp addressable.vgtest \
@@ -77,6 +77,7 @@
metadata.stderr.exp metadata.stdout.exp metadata.vgtest \
vgtest_ume.stderr.exp vgtest_ume.vgtest \
writev.stderr.exp writev.stderr.exp2 writev.stderr.exp3 writev.vgtest \
+ xml1.stderr.exp xml1.stdout.exp xml1.vgtest \
zeropage.stderr.exp zeropage.stderr.exp2 zeropage.vgtest
=20
check_PROGRAMS =3D \
@@ -100,7 +101,7 @@
str_tester supp1 supp2 suppfree \
trivialleak weirdioctl \
mismatches new_override metadata \
- vgtest_ume \
+ vgtest_ume xml1 \
writev zeropage
=20
=20
@@ -173,6 +174,7 @@
str_tester_SOURCES =3D str_tester.c
str_tester_CFLAGS =3D $(AM_CFLAGS) -Wno-shadow
writev_SOURCES =3D writev.c
+xml1_SOURCES =3D xml1.c
zeropage_SOURCES =3D zeropage.c
=20
# C++ ones
Added: trunk/memcheck/tests/filter_xml
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
--- trunk/memcheck/tests/filter_xml 2005-05-24 14:23:10 UTC (rev 3795)
+++ trunk/memcheck/tests/filter_xml 2005-05-24 14:46:02 UTC (rev 3796)
@@ -0,0 +1,9 @@
+#! /bin/sh
+
+./filter_stderr |
+sed "s/<tid>[0-9]*<\/tid>/<tid>...<\/tid>/" |
+sed "s/<pid>[0-9]*<\/pid>/<pid>...<\/pid>/" |
+sed "s/<ppid>[0-9]*<\/ppid>/<ppid>...<\/ppid>/" |
+sed "s/<obj>.*<\/obj>/<obj>...<\/obj>/" |
+sed "s/<preamble>.*<\/preamble>/<preamble>...<\/preamble>/"
+
Property changes on: trunk/memcheck/tests/filter_xml
___________________________________________________________________
Name: svn:executable
+ *
Added: trunk/memcheck/tests/xml1.c
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
--- trunk/memcheck/tests/xml1.c 2005-05-24 14:23:10 UTC (rev 3795)
+++ trunk/memcheck/tests/xml1.c 2005-05-24 14:46:02 UTC (rev 3796)
@@ -0,0 +1,50 @@
+
+#include <stdlib.h>
+#include <stdio.h>
+
+
+int frame3 ( void )
+{
+ int *a =3D malloc(10 * sizeof(int));
+
+ // bad address;
+ int n =3D a[10];
+
+ // undefined condition
+ if (a[5] =3D=3D 42) {
+ printf("hello from frame3(). The answer is 42.\n");
+ } else {
+ printf("hello from frame3(). The answer is not 42.\n");
+ }
+
+ // undefined address (careful ..)
+ n =3D a[ a[0] & 7 ];
+
+ // invalid free, the second time
+ free(a);
+ free(a);
+
+ // more invalid frees
+ free(&n);
+
+ // leak ..
+ a =3D malloc(99 * sizeof(int));
+
+ // pass garbage to the exit syscall
+ return n;
+}
+
+int frame2 ( void )
+{
+ return frame3() - 1;
+}
+
+int frame1 ( void )
+{
+ return frame2() + 1;
+}
+
+int main ( void )
+{
+ return frame1() - 1;
+}
Added: trunk/memcheck/tests/xml1.stderr.exp
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
--- trunk/memcheck/tests/xml1.stderr.exp 2005-05-24 14:23:10 UTC (rev 379=
5)
+++ trunk/memcheck/tests/xml1.stderr.exp 2005-05-24 14:46:02 UTC (rev 379=
6)
@@ -0,0 +1,151 @@
+
+<valgrindoutput>
+
+<protocolversion>1</protocolversion>
+
+<preamble>...</preamble>
+<preamble>...</preamble>
+<preamble>...</preamble>
+<preamble>...</preamble>
+<preamble>...</preamble>
+<preamble>...</preamble>
+
+<pid>...</pid>
+<ppid>...</ppid>
+<tool>memcheck</tool>
+
+<argv>
+ <arg>./xml1</arg>
+</argv>
+
+<status>RUNNING</status>
+
+<error>
+ <unique>0x........</unique>
+ <tid>...</tid>
+ <kind>InvalidRead</kind>
+ <what>Invalid read of size 4</what>
+ <stack>
+ <frame><ip>0x........</ip><obj>...</obj><fn>frame3</fn></frame>
+ <frame><ip>0x........</ip><obj>...</obj><fn>frame2</fn></frame>
+ <frame><ip>0x........</ip><obj>...</obj><fn>frame1</fn></frame>
+ <frame><ip>0x........</ip><obj>...</obj><fn>main</fn></frame>
+ </stack>
+ <auxwhat>Address 0x........ is 0 bytes after a block of size 40 alloc'=
d</auxwhat>
+ <stack>
+ <frame><ip>0x........</ip><obj>...</obj><fn>malloc</fn><file>vg_repl=
ace_malloc.c</file><line>220</line></frame>
+ <frame><ip>0x........</ip><obj>...</obj><fn>frame3</fn></frame>
+ <frame><ip>0x........</ip><obj>...</obj><fn>frame2</fn></frame>
+ <frame><ip>0x........</ip><obj>...</obj><fn>frame1</fn></frame>
+ <frame><ip>0x........</ip><obj>...</obj><fn>main</fn></frame>
+ </stack>
+</error>
+
+<error>
+ <unique>0x........</unique>
+ <tid>...</tid>
+ <kind>UninitCondition</kind>
+ <what>Conditional jump or move depends on uninitialised value(s)</what=
>
+ <stack>
+ <frame><ip>0x........</ip><obj>...</obj><fn>frame3</fn></frame>
+ <frame><ip>0x........</ip><obj>...</obj><fn>frame2</fn></frame>
+ <frame><ip>0x........</ip><obj>...</obj><fn>frame1</fn></frame>
+ <frame><ip>0x........</ip><obj>...</obj><fn>main</fn></frame>
+ </stack>
+</error>
+
+<error>
+ <unique>0x........</unique>
+ <tid>...</tid>
+ <kind>UninitValue</kind>
+ <what>Use of uninitialised value of size 4</what>
+ <stack>
+ <frame><ip>0x........</ip><obj>...</obj><fn>frame3</fn></frame>
+ <frame><ip>0x........</ip><obj>...</obj><fn>frame2</fn></frame>
+ <frame><ip>0x........</ip><obj>...</obj><fn>frame1</fn></frame>
+ <frame><ip>0x........</ip><obj>...</obj><fn>main</fn></frame>
+ </stack>
+</error>
+
+<error>
+ <unique>0x........</unique>
+ <tid>...</tid>
+ <kind>InvalidFree</kind>
+ <what>Invalid free() / delete / delete[]</what>
+ <stack>
+ <frame><ip>0x........</ip><obj>...</obj><fn>free</fn><file>vg_replac=
e_malloc.c</file><line>306</line></frame>
+ <frame><ip>0x........</ip><obj>...</obj><fn>frame3</fn></frame>
+ <frame><ip>0x........</ip><obj>...</obj><fn>frame2</fn></frame>
+ <frame><ip>0x........</ip><obj>...</obj><fn>frame1</fn></frame>
+ <frame><ip>0x........</ip><obj>...</obj><fn>main</fn></frame>
+ </stack>
+ <auxwhat>Address 0x........ is 0 bytes inside a block of size 40 free'=
d</auxwhat>
+ <stack>
+ <frame><ip>0x........</ip><obj>...</obj><fn>free</fn><file>vg_replac=
e_malloc.c</file><line>306</line></frame>
+ <frame><ip>0x........</ip><obj>...</obj><fn>frame3</fn></frame>
+ <frame><ip>0x........</ip><obj>...</obj><fn>frame2</fn></frame>
+ <frame><ip>0x........</ip><obj>...</obj><fn>frame1</fn></frame>
+ <frame><ip>0x........</ip><obj>...</obj><fn>main</fn></frame>
+ </stack>
+</error>
+
+<error>
+ <unique>0x........</unique>
+ <tid>...</tid>
+ <kind>InvalidFree</kind>
+ <what>Invalid free() / delete / delete[]</what>
+ <stack>
+ <frame><ip>0x........</ip><obj>...</obj><fn>free</fn><file>vg_replac=
e_malloc.c</file><line>306</line></frame>
+ <frame><ip>0x........</ip><obj>...</obj><fn>frame3</fn></frame>
+ <frame><ip>0x........</ip><obj>...</obj><fn>frame2</fn></frame>
+ <frame><ip>0x........</ip><obj>...</obj><fn>frame1</fn></frame>
+ <frame><ip>0x........</ip><obj>...</obj><fn>main</fn></frame>
+ </stack>
+ <auxwhat>Address 0x........ is on thread 1's stack</auxwhat>
+</error>
+
+<error>
+ <unique>0x........</unique>
+ <tid>...</tid>
+ <kind>SyscallParam</kind>
+ <what>Syscall param exit_group(exit_code) contains uninitialised byte(=
s)</what>
+ <stack>
+ <frame><ip>0x........</ip><obj>...</obj><fn>_Exit</fn></frame>
+ <frame><ip>0x........</ip><obj>...</obj><fn>__libc_start_main</fn></=
frame>
+ <frame><ip>0x........</ip><obj>...</obj><file>start.S</file><line>10=
2</line></frame>
+ </stack>
+</error>
+
+<errorcounts>
+ <pair><count>1</count><unique>0x........</unique></pair>
+ <pair><count>1</count><unique>0x........</unique></pair>
+ <pair><count>1</count><unique>0x........</unique></pair>
+ <pair><count>1</count><unique>0x........</unique></pair>
+ <pair><count>1</count><unique>0x........</unique></pair>
+ <pair><count>1</count><unique>0x........</unique></pair>
+</errorcounts>
+
+<status>FINISHED</status>
+
+<suppcounts>
+ <pair><count>18</count><name>Ugly strchr error in /lib/ld-2.3.3.so</na=
me></pair>
+<suppcounts>
+
+<error>
+ <unique>0x........</unique>
+ <tid>...</tid>
+ <kind>Leak_DefinitelyLost</kind>
+ <what>396 bytes in 1 blocks are definitely lost in loss record 1 of 1<=
/what>
+ <leakedbytes>396</leakedbytes>
+ <leakedblocks>1</leakedblocks>
+ <stack>
+ <frame><ip>0x........</ip><obj>...</obj><fn>malloc</fn><file>vg_repl=
ace_malloc.c</file><line>220</line></frame>
+ <frame><ip>0x........</ip><obj>...</obj><fn>frame3</fn></frame>
+ <frame><ip>0x........</ip><obj>...</obj><fn>frame2</fn></frame>
+ <frame><ip>0x........</ip><obj>...</obj><fn>frame1</fn></frame>
+ <frame><ip>0x........</ip><obj>...</obj><fn>main</fn></frame>
+ </stack>
+</error>
+
+</valgrindoutput>
+
Added: trunk/memcheck/tests/xml1.stdout.exp
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
--- trunk/memcheck/tests/xml1.stdout.exp 2005-05-24 14:23:10 UTC (rev 379=
5)
+++ trunk/memcheck/tests/xml1.stdout.exp 2005-05-24 14:46:02 UTC (rev 379=
6)
@@ -0,0 +1 @@
+hello from frame3(). The answer is not 42.
Added: trunk/memcheck/tests/xml1.vgtest
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
--- trunk/memcheck/tests/xml1.vgtest 2005-05-24 14:23:10 UTC (rev 3795)
+++ trunk/memcheck/tests/xml1.vgtest 2005-05-24 14:46:02 UTC (rev 3796)
@@ -0,0 +1,3 @@
+prog: xml1
+vgopts: --xml=3Dyes
+stderr_filter: filter_xml
|
|
From: Dirk M. <dm...@gm...> - 2005-05-24 14:41:51
|
On Tuesday 24 May 2005 06:14, Robert Walsh wrote: > Sigh. I appear to have forgotten my svn password. If someone could > apply the appropriate patches, I'd be grateful... :-) submit a new one crypt'ed to sys...@kd... |
|
From: <sv...@va...> - 2005-05-24 14:23:12
|
Author: sewardj Date: 2005-05-24 15:23:10 +0100 (Tue, 24 May 2005) New Revision: 3795 Modified: trunk/Makefile.am Log: Add in some missing files. Modified: trunk/Makefile.am =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D --- trunk/Makefile.am 2005-05-24 14:21:45 UTC (rev 3794) +++ trunk/Makefile.am 2005-05-24 14:23:10 UTC (rev 3795) @@ -42,7 +42,9 @@ ACKNOWLEDGEMENTS \ README_DEVELOPERS \ README_PACKAGERS \ - README_MISSING_SYSCALL_OR_IOCTL TODO \ + README_XML_OUTPUT.txt \ + THREADS_SYSCALLS_SIGNALS.txt \ + README_MISSING_SYSCALL_OR_IOCTL TODO NOTES.txt \ valgrind.spec valgrind.spec.in valgrind.pc.in \ Makefile.all.am Makefile.tool.am Makefile.core-AM_CPPFLAGS.am \ Makefile.tool-inplace.am |
|
From: <sv...@va...> - 2005-05-24 14:21:52
|
Author: sewardj
Date: 2005-05-24 15:21:45 +0100 (Tue, 24 May 2005)
New Revision: 3794
Modified:
trunk/README_XML_OUTPUT.txt
trunk/coregrind/m_errormgr.c
trunk/coregrind/vg_main.c
Log:
XML output futzing-around-with.
Modified: trunk/README_XML_OUTPUT.txt
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
--- trunk/README_XML_OUTPUT.txt 2005-05-24 14:17:41 UTC (rev 3793)
+++ trunk/README_XML_OUTPUT.txt 2005-05-24 14:21:45 UTC (rev 3794)
@@ -328,7 +328,7 @@
=20
<suppcounts>
zero or more of
- <supp> <count>INT</count> <name>TEXT</name> </supp>
+ <pair> <count>INT</count> <name>TEXT</name> </pair>
</suppcounts>
=20
The <name> is as specified in the suppression name fields in .supp
Modified: trunk/coregrind/m_errormgr.c
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
--- trunk/coregrind/m_errormgr.c 2005-05-24 14:17:41 UTC (rev 3793)
+++ trunk/coregrind/m_errormgr.c 2005-05-24 14:21:45 UTC (rev 3794)
@@ -648,6 +648,9 @@
Supp *su;
Bool any_supp;
=20
+ if (VG_(clo_xml))
+ VG_(message)(Vg_DebugMsg, "<suppcounts>");
+
any_supp =3D False;
for (su =3D suppressions; su !=3D NULL; su =3D su->next) {
if (su->count <=3D 0)
@@ -655,13 +658,16 @@
any_supp =3D True;
if (VG_(clo_xml)) {
VG_(message)(Vg_DebugMsg,=20
- "<supp><count>%d</count><name>%s</name></supp>",=20
+ " <pair><count>%d</count><name>%s</name></pair>",=
=20
su->count, su->sname);
} else {
VG_(message)(Vg_DebugMsg, "supp: %4d %s", su->count, su->sname)=
;
}
}
=20
+ if (VG_(clo_xml))
+ VG_(message)(Vg_DebugMsg, "<suppcounts>");
+
return any_supp;
}
=20
@@ -764,9 +770,9 @@
if (err->count <=3D 0)
continue;
VG_(message)(
- Vg_UserMsg, " <pair><unique>0x%llx</unique>"
- "<count>%d</count></pair>",
- Ptr_to_ULong(err), err->count
+ Vg_UserMsg, " <pair><count>%d</count>"
+ "<unique>0x%llx</unique></pair>",
+ err->count, Ptr_to_ULong(err)
);
}
VG_(message)(Vg_UserMsg, "</errorcounts>");
Modified: trunk/coregrind/vg_main.c
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
--- trunk/coregrind/vg_main.c 2005-05-24 14:17:41 UTC (rev 3793)
+++ trunk/coregrind/vg_main.c 2005-05-24 14:21:45 UTC (rev 3794)
@@ -2025,6 +2025,7 @@
VG_(message)(Vg_UserMsg, "");
VG_(message)(Vg_UserMsg, "<pid>%d</pid>", VG_(getpid)());
VG_(message)(Vg_UserMsg, "<ppid>%d</ppid>", VG_(getppid)());
+ VG_(message)(Vg_UserMsg, "<tool>%s</tool>", toolname);
VG_(message)(Vg_UserMsg, "");
VG_(message)(Vg_UserMsg, "<argv>"); =20
for (i =3D 0; i < VG_(client_argc); i++)=20
|
|
From: <sv...@va...> - 2005-05-24 14:17:46
|
Author: sewardj
Date: 2005-05-24 15:17:41 +0100 (Tue, 24 May 2005)
New Revision: 3793
Added:
trunk/README_XML_OUTPUT.txt
Log:
Documentation on the new XML output facility and format.
Added: trunk/README_XML_OUTPUT.txt
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
--- trunk/README_XML_OUTPUT.txt 2005-05-24 07:22:13 UTC (rev 3792)
+++ trunk/README_XML_OUTPUT.txt 2005-05-24 14:17:41 UTC (rev 3793)
@@ -0,0 +1,335 @@
+
+As of May 2005, Valgrind can produce its output in XML form. The
+intention is to provide an easily parsed, stable format which is
+suitable for GUIs to read.
+
+
+Design goals
+~~~~~~~~~~~~
+
+* Produce XML output which is easily parsed
+
+* Have a stable output format which does not change much over time, so
+ that investments in parser-writing by GUI developers is not lost as
+ new versions of Valgrind appear.
+
+* Have an extensive output format, so that future changes to the
+ format do not break backwards compatibility with existing parsers of
+ it.
+
+* Produce output in a form which suitable for both offline GUIs (run
+ all the way to the end, then examine output) and interactive GUIs
+ (parse XML incrementally, update display as we go).
+
+* Put as much information as possible into the XML and let the GUIs
+ decide what to show the user (a.k.a provide mechanism, not policy).
+
+
+How to use
+~~~~~~~~~~
+
+Run with flag --xml=3Dyes. That's all. Note however several=20
+caveats.
+
+* At the present time only Memcheck is supported. The scheme extends
+ easily enough to cover Addrcheck and Helgrind if needed.
+
+* When XML output is selected, various other settings are made.
+ This is in order that the output format is more controlled.
+ The settings which are changed are:
+
+ - Suppression generation is disabled, as that would require user
+ input.
+
+ - Attaching to GDB is disabled for the same reason.
+
+ - The verbosity level is set to 1 (-v).
+
+ - Error limits are disabled. Usually if the program generates a lot
+ of errors, Valgrind slows down and eventually stops collecting
+ them. When outputting XML this is not the case.
+
+ - VEX emulation warnings are not shown.
+
+ - File descriptor leak checking is disabled. This could be
+ re-enabled at some future point.
+
+ - Maximum-detail leak checking is selected (--leak-check=3Dfull).
+
+
+The output format
+~~~~~~~~~~~~~~~~~
+For the most part this should be self descriptive. It is printed
+in a sort-of human-readable way for easy understanding.
+
+All tags are balanced: a <foo> tag is always closed by </foo>. Hence
+in the description that follows, mention of a tag <foo> implicitly
+means there is a matching closing tag </foo>.
+
+Symbols in CAPITALS are nonterminals in the grammar and are defined
+somewhere below. The root nonterminal is TOPLEVEL.
+
+The following nonterminals are not described further:
+ INT is a 64-bit signed decimal integer.
+ TEXT is arbitrary text.
+ HEX64 is a 64-bit hexadecimal number.
+
+
+TOPLEVEL
+--------
+All output is contained within the tag-pair <valgrindoutput>.
+
+Inside that, the first entity is an indication of the protocol
+version. This is provided so that existing parsers can identify XML
+created by future versions of Valgrind merely by observing that the
+protocol version is one they don't understand. Hence TOPLEVEL is:
+
+ <valgrindoutput>
+ <protocolversion>INT<protocolversion>
+ VERSION1STUFF
+ </valgrindoutput>
+
+The only currently defined protocol version number is 1. This
+document only defines protocol version 1.
+
+
+VERSION1STUFF
+-------------
+This is the main top-level construction. Roughly speaking, it
+contains a load of preamble, the errors from the run of the
+program, and the result of the final leak check. Hence the
+following in sequence:
+
+* Various preamble lines which give version info for the various
+ components. The text in them can be anything; it is not intended
+ for interpretation by the GUI:
+
+ <preamble>Misc version/copyright text</preamble>
+
+* The PID of this process and of its parent:
+
+ <pid>INT</pid>
+ <ppid>INT</ppid>
+
+* The name of the tool being used:
+
+ <tool>TEXT</tool>
+
+* The program and args being run. Note, the program name is not
+ distinguished; it is merely the first presented TEXT:
+
+ <argv>
+ <arg>TEXT</arg>
+ (one or more of)
+ </argv>
+
+* The following, indicating that the program has now started:
+
+ <status>RUNNING</status>
+
+* Zero or more of (either ERROR or ERRORCOUNTS).
+
+* The following, indicating that the program has now finished, and
+ that the wrapup (leak checking) is happening.
+
+ <status>FINISHED</status>
+
+* SUPPCOUNTS, indicating how many times each suppression was used.
+
+* Zero or more ERRORs, each of which is a complaint from the
+ leak checker.
+
+That's it.
+
+
+ERROR
+-----
+This shows an error, and is the most complex nonterminal. The format
+is as follows:
+
+ <error>
+ <unique>HEX64</unique>
+ <tid>INT</tid>
+ <kind>KIND</kind>
+ <what>TEXT</what>
+
+ optionally: <leakedbytes>INT</leakedbytes>
+ optionally: <leakedblocks>INT</leakedblocks>
+
+ STACK
+
+ optionally: <auxwhat>TEXT</auxwhat>
+ optionally: STACK
+
+ </error>
+
+* Each error contains a unique, arbitrary 64-bit hex number. This is
+ used to refer to the error in ERRORCOUNTS nonterminals (see below).
+
+* The <tid> tag indicates the Valgrind thread number. This value
+ is arbitrary but may be used to determine which threads produced
+ which errors (at least, the first instance of each error).
+
+* The <kind> tag specifies one of a small number of fixed error
+ types (enumerated below), so that GUIs may roughly categorise
+ errors by type if they want.
+
+* The <what> tag gives a human-understandable description of the
+ error.
+
+* For <kind> tags specifying a KIND of the form "Leak_*", the
+ optional <leakedbytes> and <leakedblocks> indicate the number of
+ bytes and blocks leaked by this error.
+
+* The primary STACK for this error, indicating where it occurred.
+
+* Some error types may have auxiliary information attached:
+
+ <auxwhat>TEXT</auxwhat> gives an auxiliary human-readable
+ description (usually of invalid addresses)
+
+ STACK gives an auxiliary stack (usually the allocation/free
+ point of a block). If this STACK is present then=20
+ <auxwhat>TEXT</auxwhat> will precede it.
+
+
+KIND
+----
+This is a small enumeration indicating roughly the nature of an error.
+The possible values are:
+
+ InvalidFree
+
+ free/delete/delete[] on an invalid pointer
+
+ MismatchedFree
+
+ free/delete/delete[] does not match allocation function
+ (eg doing new[] then free on the result)
+
+ InvalidRead
+
+ read of an invalid address
+
+ InvalidWrite
+
+ write of an invalid address
+
+ InvalidJump
+
+ jump to an invalid address
+
+ Overlap
+
+ args overlap other otherwise bogus in eg memcpy
+
+ InvalidMemPool
+
+ invalid mem pool specified in client request
+
+ UninitCondition
+
+ conditional jump/move depends on undefined value
+
+ UninitValue
+
+ other use of undefined value (primarily memory addresses)
+
+ SyscallParam
+
+ system call params are undefined or point to
+ undefined/unaddressible memory
+
+ ClientCheck
+
+ "error" resulting from a client check request
+
+ Leak_DefinitelyLost
+
+ memory leak; the referenced blocks are definitely lost
+
+ Leak_IndirectlyLost
+
+ memory leak; the referenced blocks are lost because all pointers
+ to them are also in leaked blocks
+
+ Leak_PossiblyLost
+
+ memory leak; only interior pointers to referenced blocks were
+ found
+
+ Leak_StillReachable
+
+ memory leak; pointers to un-freed blocks are still available
+
+
+STACK
+-----
+STACK indicates locations in the program being debugged. A STACK
+is one or more FRAMEs. The first is the innermost frame, the
+next its caller, etc. =20
+
+ <stack>
+ one or more FRAME
+ </stack>
+
+
+FRAME
+-----
+FRAME records a single program location:
+
+ <frame>
+ <ip>HEX64</ip>
+ optionally <obj>TEXT</obj>
+ optionally <fn>TEXT</fn>
+ optionally <file>TEXT</file>
+ optionally <line>INT</line>
+ </frame>
+
+Only the <ip> field is guaranteed to be present. It indicates a
+code ("instruction pointer") address.
+
+The optional fields, if present, appear in the order stated:
+
+* obj: gives the name of the ELF object containing the code address
+
+* fn: gives the name of the function containing the code address
+
+* file: gives the name of the source file containing the code address
+
+* line: gives the line number in the source file
+
+
+ERRORCOUNTS
+-----------
+This specifies, for each error that has been so far presented,
+the number of occurrences of that error.
+
+ <errorcounts>
+ zero or more of
+ <pair> <count>INT</count> <unique>HEX64</unique> </pair>
+ </errorcounts>
+
+Each <pair> gives the current error count <count> for the error with
+unique tag </unique>. The counts do not have to give a count for each
+error so far presented - partial information is allowable.
+
+As at Valgrind rev 3792, error counts are only emitted at program
+termination. However, it is perfectly acceptable to periodically emit
+error counts as the program is running. Doing so would facilitate a
+GUI to dynamically update its error-count display as the program runs.
+
+
+SUPPCOUNTS
+----------
+A SUPPCOUNTS block appears exactly once, after the program terminates.
+It specifies the number of times each error-suppression was used.
+Suppressions not mentioned were used zero times.
+
+ <suppcounts>
+ zero or more of
+ <supp> <count>INT</count> <name>TEXT</name> </supp>
+ </suppcounts>
+
+The <name> is as specified in the suppression name fields in .supp
+files.
|
|
From: Nicholas N. <nj...@cs...> - 2005-05-24 13:04:29
|
On Tue, 24 May 2005, Madhu M Kurup wrote: > As part of some course work that I'm doing at Stanford, there was a need to > apply static code analysis to some particular free/open source software. I > asked for permission and then applied this analysis on Valgrind. The > symmetry of applying static analysis to *the* dynamic analysis software on > Linux is not lost on me :). The tool used was Prevent [1] from Coverity Inc > [2]. This is a tool in the same lineage that was used with great success on > other free/open source projects such as Linux, OpenBSD etc. Awesome! Thanks for doing this. > Additionally, another resource leak involving get_file_clo from vg_main.c is > probably intended as there's a little comment above the definition of > get_file_clo: > > /* Nb: malloc'd memory never freed -- kept throughout like argv, envp */ Hmm, looking at the code that comment is wrong -- the allocated memory gets copied later in augment_command_line(), and then there is a definite leak. The ones you've sent patches for mostly look pretty minor, but they're worth fixing. > I'll be sending more details for each, it is very possible that I could have > missed the intention of the code, so would it be possible for folks to look > at them and see if the indicator is really a problem? I'm currently going to > send them into the list, I can additionally open bugs if folks feel that > bugzilla is going to be a better interface. I'll definitely look soon at the ones in code that I understand. You haven't sent patches for all the files you mentioned (eg. vg_translate.c ac_main.c) -- are they coming, or are they ones you judged unimportant? Thanks again for doing this. N |
|
From: Julian S. <js...@ac...> - 2005-05-24 10:11:11
|
Just before 2.4.0 went out, there was a long discussion about how thread exiting should work, and possible deadlocking that could result. In the end we settled on an inherently deadlockful scheme (master thread waits for everybody else) but modified the getppid wrapper so as to sidestep the deadlocks. Unfortunately the problem is back, in a hard-to-reproduce way. It afflicts both 2.4.0 and the 3 line. Reproducing it requires a machine with a Quadrics Elan3 network card and the relevant user-space driver and (presumably) kernel module. When a program using this driver starts up, it creates a child thread using clone. No problem. The child hangs around and basically doesn't do anything much (purpose is unclear, but that doesn't matter). It calls a custom ioctl which communicates with the Elan3 kernel module. The ioctl doesn't return until (I assume) the parent thread tells the kernel module that it is done with the card. The ioctl returns and the child exits. Hence the child waits for the parent to exit, then exits itself. Running on V, the result is a deadlock at exit since now we also have that the parent, being the master thread, is waiting for the child to exit. Suggestions on how to fix this? I've been playing with a hacked version of the head, which implements the "last-one-out" strategy we discussed before. I haven't got it working reliably yet, though. J |
|
From: Madhu M. K. <mm...@ya...> - 2005-05-24 09:50:10
|
Fairly elaborate code path that allows this to happen. Probably unlikely or
not possible at all.
--- valgrind.orig/coregrind/vg_dwarf.c 2005-05-21 00:31:58.000000000 -0700
+++ valgrind/coregrind/vg_dwarf.c 2005-05-21 00:57:28.000000000 -0700
@@ -418,7 +418,7 @@
if (state_machine_regs.is_stmt) {
/* only add a statement if there was a previous boundary */
- if (state_machine_regs.last_address)
+ if (state_machine_regs.last_address && fnames )
VG_(addLineInfo) (si,
fnames[state_machine_regs.last_file],
si->offset +
state_machine_regs.last_address,
si->offset +
state_machine_regs.address,
Cheerio,
M
Madhu M Kurup /* Nemo Me Impune Lacessit */ mmk at yahoo-inc dt com
|
|
From: Madhu M. K. <mm...@ya...> - 2005-05-24 09:46:01
|
Loop overrun occurs as the i+1 value is being processed. A code path exists
where i can be uninitialized but incremented (line 1082).
--- valgrind.orig/massif/ms_main.c 2005-05-21 00:31:59.000000000 -0700
+++ valgrind/massif/ms_main.c 2005-05-24 01:51:01.953652251 -0700
@@ -930,7 +930,7 @@
jp = 0;
FIND_CENSUS(1, j);
FIND_CENSUS(j+1, jn);
- while (jn < MAX_N_CENSI) {
+ while (jn < MAX_N_CENSI - 1) {
Int timespan = censi[jn].ms_time - censi[jp].ms_time;
sk_assert(timespan >= 0);
if (timespan < min_span) {
@@ -982,7 +982,7 @@
static UInt ms_next_census = 0; // zero allows startup census
Int ms_time, ms_time_since_prev;
- Int i, K;
+ Int i = 0, K;
Census* census;
VGP_PUSHCC(VgpCensus);
Cheerio,
M
Madhu M Kurup /* Nemo Me Impune Lacessit */ mmk at yahoo-inc dt com
|
|
From: Madhu M. K. <mm...@ya...> - 2005-05-24 09:41:30
|
The loop below can overrun this array. --- valgrind.orig/massif/hp2ps/HpFile.c 2005-05-21 00:32:00.000000000 -0700 +++ valgrind/massif/hp2ps/HpFile.c 2005-05-24 01:54:38.150655395 -0700 @@ -340,7 +340,7 @@ * "thefloatish"). */ -static char numberstring[ NUMBER_LENGTH - 1 ]; +static char numberstring[ NUMBER_LENGTH ]; token GetNumber(infp) Cheerio, M Madhu M Kurup /* Nemo Me Impune Lacessit */ mmk at yahoo-inc dt com |
|
From: Madhu M. K. <mm...@ya...> - 2005-05-24 09:39:58
|
Sending this for completeness, not sure if it needs to be applied.
--- valgrind.orig/coregrind/ume.c 2005-05-21 00:31:56.000000000 -0700
+++ valgrind/coregrind/ume.c 2005-05-24 01:39:27.337152534 -0700
@@ -153,34 +153,41 @@
if (pread(fd, &e->e, sizeof(e->e), 0) != sizeof(e->e)) {
fprintf(stderr, "valgrind: %s: can't read elf header: %s\n",
filename, strerror(errno));
+ free(e);
return NULL;
}
if (memcmp(&e->e.e_ident[0], ELFMAG, SELFMAG) != 0) {
fprintf(stderr, "valgrind: %s: bad ELF magic\n", filename);
+ free(e);
return NULL;
}
if (e->e.e_ident[EI_CLASS] != VG_ELF_CLASS) {
fprintf(stderr, "valgrind: wrong executable class (eg. 32-bit
instead\n"
"valgrind: of 64-bit)\n");
+ free(e);
return NULL;
}
if (e->e.e_ident[EI_DATA] != VG_ELF_ENDIANNESS) {
fprintf(stderr, "valgrind: wrong endian-ness\n");
+ free(e);
return NULL;
}
if (!(e->e.e_type == ET_EXEC || e->e.e_type == ET_DYN)) {
fprintf(stderr, "valgrind: need executable\n");
+ free(e);
return NULL;
}
if (e->e.e_machine != VG_ELF_MACHINE) {
fprintf(stderr, "valgrind: wrong architecture\n");
+ free(e);
return NULL;
}
if (e->e.e_phentsize != sizeof(ESZ(Phdr))) {
fprintf(stderr, "valgrind: sizeof Phdr wrong\n");
+ free(e);
return NULL;
}
@@ -190,6 +197,7 @@
if (pread(fd, e->p, phsz, e->e.e_phoff) != phsz) {
fprintf(stderr, "valgrind: can't read phdr: %s\n", strerror(errno));
+ free(e);
return NULL;
}
@@ -387,14 +395,17 @@
"acceptable range %p-%p\n",
(void *)minaddr + ebase, (void *)maxaddr + ebase,
(void *)info->exe_base, (void *)info->exe_end);
+ free(e);
return ENOMEM;
}
}
info->brkbase = mapelf(e, ebase); /* map the executable */
- if (info->brkbase == 0)
+ if (info->brkbase == 0) {
+ free(e);
return ENOMEM;
+ }
if (interp != NULL) {
/* reserve a chunk of address space for interpreter */
Cheerio,
M
Madhu M Kurup /* Nemo Me Impune Lacessit */ mmk at yahoo-inc dt com
|
|
From: Madhu M. K. <mm...@ya...> - 2005-05-24 09:37:14
|
One of the interesting bugs. The model for this function indicated that the
return value was checked in every other case except this one, so it was
flagged out as a possible error.
--- valgrind.orig/coregrind/demangle/cplus-dem.c 2005-05-21
00:31:56.000000000 -0700
+++ valgrind/coregrind/demangle/cplus-dem.c 2005-05-21
00:50:40.000000000 -0700
@@ -3658,8 +3658,10 @@
else if (**mangled == 'X' || **mangled == 'Y')
{
string temp;
- do_type (work, mangled, &temp);
- string_prepends (&decl, &temp);
+ if (do_type (work, mangled, &temp))
+ {
+ string_prepends (&decl, &temp);
+ }
}
else if (**mangled == 't')
{
Cheerio,
M
Madhu M Kurup /* Nemo Me Impune Lacessit */ mmk at yahoo-inc dt com
|
|
From: Madhu M. K. <mm...@ya...> - 2005-05-24 09:32:17
|
Again, use after tracking NULL status.
--- valgrind.orig/coregrind/vg_mylibc.c 2005-05-21 00:31:56.000000000 -0700
+++ valgrind/coregrind/vg_mylibc.c 2005-05-21 00:45:09.000000000 -0700
@@ -1377,8 +1377,10 @@
while (oldenvp && *oldenvp) {
*newenvp++ = *oldenvp++;
}
-
- *newenvp = *oldenvp;
+
+ if (oldenvp != NULL) {
+ *newenvp = *oldenvp;
+ }
return newenv;
}
@@ -1395,7 +1397,10 @@
to++;
}
}
- *to = *from;
+
+ if(from != NULL) {
+ *to = *from;
+ }
}
/* set the environment; returns the old env if a new one was allocated */
Cheerio,
M
Madhu M Kurup /* Nemo Me Impune Lacessit */ mmk at yahoo-inc dt com
|
|
From: Madhu M. K. <mm...@ya...> - 2005-05-24 09:29:13
|
Usages without verification of pointers.
--- valgrind.orig/coregrind/demangle/cp-demangle.c 2005-05-21
00:31:56.000000000 -0700
+++ valgrind/coregrind/demangle/cp-demangle.c 2005-05-21
00:44:17.000000000 -0700
@@ -413,9 +413,9 @@
int length;
{
string_list_t s = (string_list_t) malloc (sizeof (struct
string_list_def));
- s->caret_position = 0;
if (s == NULL)
return NULL;
+ s->caret_position = 0;
if (!dyn_string_init ((dyn_string_t) s, length))
return NULL;
return s;
@@ -3874,7 +3874,8 @@
if (next == cplus_demangled)
return cplus_demangled;
- dyn_string_append_cstr (demangled, next);
+ if (demangled != NULL)
+ dyn_string_append_cstr (demangled, next);
next = end;
}
}
Cheerio,
M
Madhu M Kurup /* Nemo Me Impune Lacessit */ mmk at yahoo-inc dt com
|
|
From: Madhu M. K. <mm...@ya...> - 2005-05-24 09:25:17
|
Code path exists for joinee being tracked as NULL to make it here.
--- valgrind.orig/coregrind/vg_threadmodel.c 2005-05-21
00:31:56.000000000 -0700
+++ valgrind/coregrind/vg_threadmodel.c 2005-05-21 01:02:19.000000000 -0700
@@ -449,7 +449,7 @@
break;
}
- if (joinee->detached)
+ if (joinee && joinee->detached)
thread_report(joineeid, THE_Detached, "joining as joiner");
else {
/* block if the joinee hasn't exited yet */
Cheerio,
M
Madhu M Kurup /* Nemo Me Impune Lacessit */ mmk at yahoo-inc dt com
|