|
From: Angelino, R. <ra2...@nc...> - 2006-11-29 19:51:31
|
I have found a nasty memory leak when programs are linked directly
against /lib/ld-linux.so .
That library is entirely written in assemble. The program slowly eats
main memory and=20
Swap space. I ran valgrind against it in hopes to see where/what in
that library is causing
Memory leaks? Valgrind produces this:
=3D=3D20438=3D=3D Memcheck, a memory error detector.
=3D=3D20438=3D=3D Copyright (C) 2002-2005, and GNU GPL'd, by Julian =
Seward et
al.
=3D=3D20438=3D=3D Using LibVEX rev 1575, a library for dynamic binary
translation.
=3D=3D20438=3D=3D Copyright (C) 2004-2005, and GNU GPL'd, by OpenWorks =
LLP.
=3D=3D20438=3D=3D Using valgrind-3.1.1, a dynamic binary instrumentation
framework.
=3D=3D20438=3D=3D Copyright (C) 2000-2005, and GNU GPL'd, by Julian =
Seward et
al.
=3D=3D20438=3D=3D For more details, rerun with: -v
=3D=3D20438=3D=3D
=3D=3D20438=3D=3D My PID =3D 20438, parent PID =3D 17415. Prog and args =
are:
=3D=3D20438=3D=3D ./maybeleak.notok
=3D=3D20438=3D=3D
=3D=3D20438=3D=3D Invalid write of size 1
=3D=3D20438=3D=3D at 0x4010A32: memset (in /lib64/ld-2.3.3.so)
=3D=3D20438=3D=3D by 0x400F1B2: free (in /lib64/ld-2.3.3.so)
=3D=3D20438=3D=3D by 0x400723: delstuff (maybeleak.c:32)
=3D=3D20438=3D=3D by 0x4007AB: main (maybeleak.c:53)
=3D=3D20438=3D=3D Address 0xFFFFFFFFFFFFFFFF is not stack'd, malloc'd =
or
(recently) fre
e'd
=3D=3D20438=3D=3D
=3D=3D20438=3D=3D Process terminating with default action of signal 11
(SIGSEGV): dumpin
g core
=3D=3D20438=3D=3D Access not within mapped region at address =
0xFFFFFFFFFFFFFFFF
=3D=3D20438=3D=3D at 0x4010A32: memset (in /lib64/ld-2.3.3.so)
=3D=3D20438=3D=3D by 0x400F1B2: free (in /lib64/ld-2.3.3.so)
=3D=3D20438=3D=3D by 0x400723: delstuff (maybeleak.c:32)
=3D=3D20438=3D=3D by 0x4007AB: main (maybeleak.c:53)
=3D=3D20438=3D=3D
=3D=3D20438=3D=3D ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 2 =
from 1)
=3D=3D20438=3D=3D malloc/free: in use at exit: 0 bytes in 0 blocks.
=3D=3D20438=3D=3D malloc/free: 0 allocs, 0 frees, 0 bytes allocated.
=3D=3D20438=3D=3D For counts of detected errors, rerun with: -v
=3D=3D20438=3D=3D All heap blocks were freed -- no leaks are possible.
My question is can valgrind detect memory leaks in assembly? BTW, I've
also tried running
With the following options:
--log-file=3D/tmp/valgrindout --leak-check=3Dfull =
--leak-resolution=3Dhigh
--num-callers=3D40
And that produced this:
=3D=3D22427=3D=3D Memcheck, a memory error detector.
=3D=3D22427=3D=3D Copyright (C) 2002-2005, and GNU GPL'd, by Julian =
Seward et
al.
=3D=3D22427=3D=3D Using LibVEX rev 1575, a library for dynamic binary
translation.
=3D=3D22427=3D=3D Copyright (C) 2004-2005, and GNU GPL'd, by OpenWorks =
LLP.
=3D=3D22427=3D=3D Using valgrind-3.1.1, a dynamic binary instrumentation
framework.
=3D=3D22427=3D=3D Copyright (C) 2000-2005, and GNU GPL'd, by Julian =
Seward et
al.
=3D=3D22427=3D=3D For more details, rerun with: -v
=3D=3D22427=3D=3D
=3D=3D22427=3D=3D My PID =3D 22427, parent PID =3D 17415. Prog and args =
are:
=3D=3D22427=3D=3D ./maybeleak.notok
=3D=3D22427=3D=3D
=3D=3D22427=3D=3D Invalid write of size 1
=3D=3D22427=3D=3D at 0x4A1BF73: memset (mac_replace_strmem.c:464)
=3D=3D22427=3D=3D by 0x400745: allocstuff (maybeleak.c:21)
=3D=3D22427=3D=3D by 0x4007E4: main (maybeleak.c:49)
=3D=3D22427=3D=3D Address 0xFFFFFFFFFFFFFFFF is not stack'd, malloc'd =
or
(recently) fre
e'd
=3D=3D22427=3D=3D
=3D=3D22427=3D=3D Process terminating with default action of signal 11
(SIGSEGV): dumpin
g core
=3D=3D22427=3D=3D Access not within mapped region at address =
0xFFFFFFFFFFFFFFFF
=3D=3D22427=3D=3D at 0x4A1BF73: memset (mac_replace_strmem.c:464)
=3D=3D22427=3D=3D by 0x400745: allocstuff (maybeleak.c:21)
=3D=3D22427=3D=3D by 0x4007E4: main (maybeleak.c:49)
=3D=3D22427=3D=3D
=3D=3D22427=3D=3D ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 2 =
from 1)
=3D=3D22427=3D=3D malloc/free: in use at exit: 0 bytes in 0 blocks.
=3D=3D22427=3D=3D malloc/free: 0 allocs, 0 frees, 0 bytes allocated.
=3D=3D22427=3D=3D For counts of detected errors, rerun with: -v
=3D=3D22427=3D=3D All heap blocks were freed -- no leaks are possible.
Ths is the C program:
#include <stdio.h>
#include <memory.h>
#include <malloc.h>
#include <string.h>
#include <errno.h>
char *
allocstuff (int len) {
char *stuff =3D (char*) 0 ;
// fprintf(stderr,"Constructing with len %d\n",len);
if( len < 1 ) {
(void) fprintf(stderr,"*ERROR*: len %d < 0\n",len);
return (char*) 0;
}
stuff =3D (char *) malloc(len);
if( stuff =3D=3D (char*) 0) {
(void) fprintf(stderr,"malloc(%d) failed: %s\n",
len,strerror(errno));
}
(void) memset(stuff,'\0',len);
return(stuff);
}
void
delstuff(char *stuff)
{
if( stuff =3D=3D (char*) 0 ) {
(void) fprintf(stderr,"delstuff(): stuff is NULL\n");
return;
}
free(stuff);
}
int
main()
{
int sz =3D 1024 * 1024;
int count;
char *thing[11];
int meg;
int loop =3D 0;
while (1) {
// fprintf(stderr,"Loop %u\n",loop++);
for (meg=3D1; meg <=3D 100; meg++) {
for (count=3D0; count< 10; count++) {
// fprintf(stderr,"Creating thing[%d]\n",count);
thing[count] =3D allocstuff(meg * sz + count);
}
for (count=3D9; count >=3D0; count--) {
// fprintf(stderr,"Deleting thing[%d]\n",count);
delstuff(thing[count]);
}
}
}
return(0);
}
Thanks...
---
Robert
|
|
From: Bart V. A. <bar...@gm...> - 2006-12-01 10:42:28
|
There is a call to memset() in your program, on a pointer that can be
null. Does Valgrind's output change if you test the "stuff" pointer
before you call memset() on it ?
On 11/29/06, Angelino, Robert <ra2...@nc...> wrote:
>
>
>
> I have found a nasty memory leak when programs are linked directly agains=
t
> /lib/ld-linux.so .
> That library is entirely written in assemble. The program slowly eats ma=
in
> memory and
> Swap space. I ran valgrind against it in hopes to see where/what in that
> library is causing
> Memory leaks? Valgrind produces this:
>
> =3D=3D20438=3D=3D Memcheck, a memory error detector.
> =3D=3D20438=3D=3D Copyright (C) 2002-2005, and GNU GPL'd, by Julian Sewar=
d et al.
> =3D=3D20438=3D=3D Using LibVEX rev 1575, a library for dynamic binary tra=
nslation.
> =3D=3D20438=3D=3D Copyright (C) 2004-2005, and GNU GPL'd, by OpenWorks LL=
P.
> =3D=3D20438=3D=3D Using valgrind-3.1.1, a dynamic binary instrumentation =
framework.
> =3D=3D20438=3D=3D Copyright (C) 2000-2005, and GNU GPL'd, by Julian Sewar=
d et al.
> =3D=3D20438=3D=3D For more details, rerun with: -v
> =3D=3D20438=3D=3D
> =3D=3D20438=3D=3D My PID =3D 20438, parent PID =3D 17415. Prog and args =
are:
> =3D=3D20438=3D=3D ./maybeleak.notok
> =3D=3D20438=3D=3D
> =3D=3D20438=3D=3D Invalid write of size 1
> =3D=3D20438=3D=3D at 0x4010A32: memset (in /lib64/ld-2.3.3.so)
> =3D=3D20438=3D=3D by 0x400F1B2: free (in /lib64/ld-2.3.3.so)
> =3D=3D20438=3D=3D by 0x400723: delstuff (maybeleak.c:32)
> =3D=3D20438=3D=3D by 0x4007AB: main (maybeleak.c:53)
> =3D=3D20438=3D=3D Address 0xFFFFFFFFFFFFFFFF is not stack'd, malloc'd or=
(recently)
> fre
> e'd
> =3D=3D20438=3D=3D
> =3D=3D20438=3D=3D Process terminating with default action of signal 11 (S=
IGSEGV):
> dumpin
> g core
> =3D=3D20438=3D=3D Access not within mapped region at address 0xFFFFFFFFF=
FFFFFFF
> =3D=3D20438=3D=3D at 0x4010A32: memset (in /lib64/ld-2.3.3.so)
> =3D=3D20438=3D=3D by 0x400F1B2: free (in /lib64/ld-2.3.3.so)
> =3D=3D20438=3D=3D by 0x400723: delstuff (maybeleak.c:32)
> =3D=3D20438=3D=3D by 0x4007AB: main (maybeleak.c:53)
> =3D=3D20438=3D=3D
> =3D=3D20438=3D=3D ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 2 =
from 1)
> =3D=3D20438=3D=3D malloc/free: in use at exit: 0 bytes in 0 blocks.
> =3D=3D20438=3D=3D malloc/free: 0 allocs, 0 frees, 0 bytes allocated.
> =3D=3D20438=3D=3D For counts of detected errors, rerun with: -v
> =3D=3D20438=3D=3D All heap blocks were freed -- no leaks are possible.
>
>
> My question is can valgrind detect memory leaks in assembly? BTW, I've a=
lso
> tried running
> With the following options:
>
> --log-file=3D/tmp/valgrindout --leak-check=3Dfull --leak-resolution=3Dhig=
h
> --num-callers=3D40
>
> And that produced this:
>
> =3D=3D22427=3D=3D Memcheck, a memory error detector.
> =3D=3D22427=3D=3D Copyright (C) 2002-2005, and GNU GPL'd, by Julian Sewar=
d et al.
> =3D=3D22427=3D=3D Using LibVEX rev 1575, a library for dynamic binary tra=
nslation.
> =3D=3D22427=3D=3D Copyright (C) 2004-2005, and GNU GPL'd, by OpenWorks LL=
P.
> =3D=3D22427=3D=3D Using valgrind-3.1.1, a dynamic binary instrumentation =
framework.
> =3D=3D22427=3D=3D Copyright (C) 2000-2005, and GNU GPL'd, by Julian Sewar=
d et al.
> =3D=3D22427=3D=3D For more details, rerun with: -v
> =3D=3D22427=3D=3D
> =3D=3D22427=3D=3D My PID =3D 22427, parent PID =3D 17415. Prog and args =
are:
> =3D=3D22427=3D=3D ./maybeleak.notok
> =3D=3D22427=3D=3D
> =3D=3D22427=3D=3D Invalid write of size 1
> =3D=3D22427=3D=3D at 0x4A1BF73: memset (mac_replace_strmem.c:464)
> =3D=3D22427=3D=3D by 0x400745: allocstuff (maybeleak.c:21)
> =3D=3D22427=3D=3D by 0x4007E4: main (maybeleak.c:49)
> =3D=3D22427=3D=3D Address 0xFFFFFFFFFFFFFFFF is not stack'd, malloc'd or=
(recently)
> fre
> e'd
> =3D=3D22427=3D=3D
> =3D=3D22427=3D=3D Process terminating with default action of signal 11 (S=
IGSEGV):
> dumpin
> g core
> =3D=3D22427=3D=3D Access not within mapped region at address 0xFFFFFFFFF=
FFFFFFF
> =3D=3D22427=3D=3D at 0x4A1BF73: memset (mac_replace_strmem.c:464)
> =3D=3D22427=3D=3D by 0x400745: allocstuff (maybeleak.c:21)
> =3D=3D22427=3D=3D by 0x4007E4: main (maybeleak.c:49)
> =3D=3D22427=3D=3D
> =3D=3D22427=3D=3D ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 2 =
from 1)
> =3D=3D22427=3D=3D malloc/free: in use at exit: 0 bytes in 0 blocks.
> =3D=3D22427=3D=3D malloc/free: 0 allocs, 0 frees, 0 bytes allocated.
> =3D=3D22427=3D=3D For counts of detected errors, rerun with: -v
> =3D=3D22427=3D=3D All heap blocks were freed -- no leaks are possible.
>
> Ths is the C program:
>
> #include <stdio.h>
> #include <memory.h>
> #include <malloc.h>
> #include <string.h>
> #include <errno.h>
>
>
> char *
> allocstuff (int len) {
> char *stuff =3D (char*) 0 ;
> // fprintf(stderr,"Constructing with len %d\n",len);
>
> if( len < 1 ) {
> (void) fprintf(stderr,"*ERROR*: len %d < 0\n",len);
> return (char*) 0;
> }
> stuff =3D (char *) malloc(len);
> if( stuff =3D=3D (char*) 0) {
> (void) fprintf(stderr,"malloc(%d) failed: %s\n",
> len,strerror(errno));
> }
> (void) memset(stuff,'\0',len);
> return(stuff);
> }
>
> void
> delstuff(char *stuff)
> {
> if( stuff =3D=3D (char*) 0 ) {
> (void) fprintf(stderr,"delstuff(): stuff is NULL\n");
> return;
> }
> free(stuff);
> }
>
>
> int
> main()
> {
> int sz =3D 1024 * 1024;
> int count;
> char *thing[11];
> int meg;
> int loop =3D 0;
> while (1) {
> // fprintf(stderr,"Loop %u\n",loop++);
> for (meg=3D1; meg <=3D 100; meg++) {
> for (count=3D0; count< 10; count++) {
> // fprintf(stderr,"Creating thing[%d]\n",count);
> thing[count] =3D allocstuff(meg * sz + count);
> }
> for (count=3D9; count >=3D0; count--) {
> // fprintf(stderr,"Deleting thing[%d]\n",count);
> delstuff(thing[count]);
> }
> }
> }
> return(0);
> }
>
> Thanks=85
>
> ---
> Robert
> -------------------------------------------------------------------------
> Take Surveys. Earn Cash. Influence the Future of IT
> Join SourceForge.net's Techsay panel and you'll get the chance to share y=
our
> opinions on IT & business topics through brief surveys - and earn cash
> http://www.techsay.com/default.php?page=3Djoin.php&p=3Dsourceforge&CID=3D=
DEVDEV
>
> _______________________________________________
> Valgrind-users mailing list
> Val...@li...
> https://lists.sourceforge.net/lists/listinfo/valgrind-users
>
>
>
--=20
Met vriendelijke groeten,
Bart Van Assche.
|