Fix leak of range_list (see below an example) in readdwarf3.c.
(found by running regression tests with an outer memcheck).
(validated by running all regression tests "natively" on x86 and amd64,
and re-running regressions tests with outer memcheck).
==7500== 160 bytes in 2 blocks are definitely lost in loss record 75 of 246
==7500== at 0x2803CEF7: vgPlain_arena_malloc (m_mallocfree.c:1599)
==7500== by 0x280AAFA5: vgModuleLocal_dinfo_zalloc (misc.c:48)
==7500== by 0x2804E2A4: vgPlain_newXA (m_xarray.c:68)
==7500== by 0x280B3CD6: unitary_range_list (readdwarf3.c:703)
==7500== by 0x280B66CF: parse_var_DIE (readdwarf3.c:1631)
==7500== by 0x280BA0A6: read_DIE (readdwarf3.c:3248)
==7500== by 0x280BA170: read_DIE (readdwarf3.c:3269)
==7500== by 0x280BABC4: T.364 (readdwarf3.c:3611)
==7500== by 0x280BC634: vgModuleLocal_new_dwarf3_reader (readdwarf3.c:4035)
==7500== by 0x280609F4: vgModuleLocal_read_elf_debug_info (readelf.c:2529)
==7500== by 0x2805BD31: vgPlain_di_notify_mmap (debuginfo.c:610)
==7500== by 0x280362E3: valgrind_main (m_main.c:1944)
* README_DEVELOPERS : complete/enhance the section about outer/inner
* manual-core.xml : fix a typo
* include/pub_tool_inner.h : new file, defining macros for inner annotation
include/Makefile.am : reference this new file.
* syswrap-linux.c : when ENABLE_INNER, register the stacks for the outer.
(otherwise, nothing works properly).
* m_redir.c : avoid inner interpreting the outer vgpreload instructions.
* sema.c : annotate the semaphore with RWLOCK annotations for helgrind
* ticket-lock-linux.c : similar.
After a fork, gdbserver_init can be called again.
Buffers should not be re-allocated in such a case.
(memory leak detected by running memcheck on memcheck)
Julian Seward [Mon, 27 Feb 2012 11:02:20 +0000 (11:02 +0000)]
Android only: make the debuginfo mapping hack more flexible.
Previously it looked for the debuginfo object for "/system/X" in
"/sdcard/symbols/system/X". This commit removes the requirement for
"system" as the first path component, so the mapping is now "/X" (viz,
any absolute path) to "/sdcard/symbols/X".
Revision 12396 (replacing pkglib_DATA by vglib_DATA) missed
once place. This was breaking vg-in-place on platforms
needing gdbserver target description files.
These holes are not initialized,
and writing these uninitialised bytes to the mapped file
causes an error being reported when running Valgrind
inside Valgrind. Having no holes avoid having this error.
Julian Seward [Mon, 20 Feb 2012 15:33:24 +0000 (15:33 +0000)]
ARM/Thumb only: fix a bug in which stack unwinding halts in some
functions that do FP arithmetic. This is due to the Dwarf3 CFI
mentioning Dwarf registers above N_CFI_REGS, in particular FP
registers, which have values of about 80. This fixes the problem by
increasing N_CFI_REGS to a level that covers all known registers.
(n-i-bz)
* compare vgdb-error with n_errs_shown, not with n_errs_found.
Using n_errs_shown allows the user to stop on an error
identified in a previous run by counting errors shown.
* shows also n_errs_shown in monitor command v.info n_errs_found
* slightly clarified the manual, updated to new output of v.info n_errs_found
* fix Bug 290655 - Add support for AESKEYGENASSIST instruction
(Valgrind part : test for AES instructions (AESKEYGENASSIST, AESIMC,
AESENC, AESENCLAST, AESDEC, AESDECLAST).
Julian Seward [Tue, 14 Feb 2012 12:11:47 +0000 (12:11 +0000)]
Change the garbage collection policy for the secondary VBit table
(that holds partially defined bytes), to GC more aggressively.
Details in the comments. This largely avoids a sometimes massive
space leak, that has been observed (eg) running the Firefox test suite
on Memcheck. Without this patch it cannot complete with 4 million
nodes in the table; with the patch it completes comfortably with 50000
ish nodes. This reduces the total memory use needed for the run
from above 7GB down to 6.2GB.
Smaller improvements have been seen with other programs too. Speed
does not appear to be negatively affected.
(Based on a patch, and analysis of the problem, by Philippe Waroquiers.)
Bart Van Assche [Mon, 13 Feb 2012 08:47:51 +0000 (08:47 +0000)]
nightly build: Run nightly build also if only VEX has been modified. Check out matching revisions of Valgrind and VEX instead of using latest VEX when checking out the (today - 1) source code.
mc_main.c statistics has hard-coded logic to compute
the memory used by sec vbit table. This logic depends
on the way sec Vbit entries are maintained.
Due to the introduction of pool alloc, this logic has
to be changed to (more) correctly compute the memory.
Verified on f12/x86 by comparing the memory reported
by the memcheck stats with what is given by --profile-heap=yes.
fix 290974 vgdb must align pages to VKI_SHMLBA (16KB) on ARM
In VG_(am_mmap_file_float_valgrind_flags),
when VKI_MAP_SHARED & flags, ensure the request length is big enough
to allow to roundup the returned advised to VKI_SHMLBA if needed.
Committed after regtest on f12/x86 and some limited validation on android arm
emulator.
Bart Van Assche [Mon, 30 Jan 2012 15:07:20 +0000 (15:07 +0000)]
Make -d (enable debug logging) work on Fedora 16 / x86.
Apparently the 32-bit Fedora 16 compiler chooses register esp to pass "&block"
to the inline assembly code in local_sys_write_stderr(). First pushing data on
the stack and next reading the contents of %0 doesn't yield the desired result
if %0 == %esp.
(fixes bug 289939 wish: complete monitor cmd 'leak_check' with details
about leaked or reachable blocks)
This patch implements two new memcheck gdbserver monitor commands:
block_list <loss_record_nr>
after a leak search, shows the list of blocks of <loss_record_nr>
who_points_at <addr> [<len>]
shows places pointing inside <len> (default 1) bytes at <addr>
(with len 1, only shows "start pointers" pointing exactly to <addr>,
with len > 1, will also show "interior pointers")
Compiled and reg-tested on f12/x86, deb5/amd64, f16/ppc64.
The 'block_list' command is implemented on top of the
lr_array/lc_chunks/lc_extras arrays used during the last leak search.
NB: no impact on the memory for the typical Valgrind usage where a leak
search is only done at the end of the run.
Printing the block_list of a loss record simply consists in scanning the
lc_chunks to find back the chunks corresponding to the loss record for which
block lists is requested.
The 'who_points_at' command is implemented by doing a scan similar to
(but simpler than) the leak search scan.
lc_scan_memory has been enhanced to have a mode to search for a specific
address, rather than to search for all allocated blocks.
VG_(apply_to_GP_regs) has been enhanced to also provide the ThreadId and
register name in the callback function.
The patch touches multiple files (but most changes are easy/trivial or factorise
existing code).
Most significant changes are in memcheck/mc_leakcheck.c :
* changed the LC_Extra struct to remember the clique for indirect leaks
(size of structure not changed).
* made lr_array a static global
* changed lc_scan_memory:
to have a search mode for a specific address (for who_points_at)
(for leak search) to pass a 'current clique' in addition to the clique
leader
so as to have a proper clique hierarchy for indirectly leaked blocks.
* print_results: reset values at the beginning of the print_result of the
next leak search, rather than at the end of print_results of the previous
leak search.
This allows to continue showing the same info for loss records till a new
leak search is done.
* new function print_clique which recursively prints a group of leaked
blocks, starting from the clique leader.
* new function MC_(print_block_list) : calls print_clique for each clique
leader found for the given loss record.
* static void scan_memory_root_set : code extracted from
MC_(detect_memory_leaks) (no relevant change)
* void MC_(who_points_at) : calls scan_memory_root_set, lc_scan_memory
and VG_(apply_to_GP_regs)(search_address_in_GP_reg) to search
pointers to the given address.
Bart Van Assche [Wed, 25 Jan 2012 20:36:27 +0000 (20:36 +0000)]
drd: Remove drd/drd_list.h again because of its GPLv2 license.
For more info about Valgrind source code licensing, see also:
[1] Top level README line 51.
[2] http://valgrind.org/docs/manual/manual-intro.html#manual-intro.overview, last paragraph.
Bart Van Assche [Thu, 19 Jan 2012 19:52:15 +0000 (19:52 +0000)]
drd: Fix a race condition in the pthread_create() intercept.
Avoid that the futex wake call in DRD_(sema_up)() can get invoked after the semaphore has
already been destroyed. This is most likely the real fix for the bug described in the
commit message of r12332.
Bart Van Assche [Wed, 18 Jan 2012 08:12:16 +0000 (08:12 +0000)]
Pool allocator: change the semantics of VG_(releasePA)() according to comment http://bugs.kde.org/show_bug.cgi?id=282230#c50.
This change also makes the semantics of releasePA match the semantics of
other release functions, e.g. those in XPCOM (see also http://developer.mozilla.org/en/XPCOM_Interface_Reference/nsISupports#Release%28%29).
Add a perf test to measure the speed (and memory) of PDB handling.
* modified perf/heap.c so that it optionally creates a partially defined bytes every N bytes
* created perf/heap_pdb4.vgperf calling heap 4 (so one byte on 4 is PDB in what heap allocates).
before/after pool alloc, here are the performances on a ppc64. So, it looks like
pool alloc also significantly improves the speed of PDB handling.
Fixes 282230 group allocator for small fixed size, use it for MC_Chunk/SEc vbit
* new files include/pub_tool_groupalloc.h and coregrind/m_groupalloc.c
implementing a group allocator (based on helgrind group alloc).
* include/Makefile.am coregrind/Makefile.am : added pub_tool_groupalloc.h
and m_groupalloc.c
* helgrind/libhb_core.c : use pub_tool_groupalloc.h/m_groupalloc.c
instead of the local implementation.
* include/pub_tool_oset.h coregrind/m_oset.c : new function
allowing to create an oset that will use a pool allocator.
new function allowing to clone an oset (so as to share the pool alloc)
* memcheck/tests/unit_oset.c drd/tests/unit_bitmap.c : modified
so that it compiles with the new m_oset.c
* memcheck/mc_main.c : use group alloc for MC_Chunk
memcheck/mc_include.h : declare the MC_Chunk group alloc
* memcheck/mc_main.c : use group alloc for the nodes of the secVBitTable OSet
* include/pub_tool_hashtable.h coregrind/m_hashtable.c : pass the free node
function in the VG_(HT_destruct).
(needed as the hashtable user can allocate a node with its own alloc,
the hash table destroy must be able to free the nodes with the user
own free).
* coregrind/m_gdbserver/m_gdbserver.c : pass free function to VG_(HT_destruct)
* memcheck/mc_replace_strmem.c memcheck/mc_machine.c
memcheck/mc_malloc_wrappers.c memcheck/mc_leakcheck.c
memcheck/mc_errors.c memcheck/mc_translate.c : new include needed
due to group alloc.
Florian Krohm [Sun, 15 Jan 2012 21:02:44 +0000 (21:02 +0000)]
Add support for the s390's TROO insn. These are the valgrind bits.
Detect ETF2 enhancement facility using STFLE. Add testcases.
Patch by Divya Vyas (divyvyas@linux.vnet.ibm.com) with
modifications. Partial fix of #273114
Bart Van Assche [Sun, 15 Jan 2012 19:13:35 +0000 (19:13 +0000)]
drd: Set up red zone before the first instruction of a thread is run.
Avoids that DRD sporadically reports mysterious false positive conflicting accesses on
amd64 like e.g. the following:
$ ./vg-in-place --fair-sched=yes --tool=drd --read-var-info=yes --check-stack-var=yes --show-confl-seg=no drd/tests/annotate_smart_pointer 50 50
==18170== drd, a thread error detector
==18170== Copyright (C) 2006-2011, and GNU GPL'd, by Bart Van Assche.
==18170== Using Valgrind-3.8.0.SVN and LibVEX; rerun with -h for copyright info
==18170== Command: ./annotate_smart_pointer 50 50
==18170==
==18170== Conflicting store by thread 1 at 0x7fefff8a0 size 8
==18170== at 0x400FCE: AnnotateCondVarSignal (unified_annotations.h:32)
==18170== Allocation context: unknown.
==18170==
==18170== Conflicting load by thread 1 at 0x7fefff8a0 size 8
==18170== at 0x400FDD: AnnotateCondVarSignal (unified_annotations.h:34)
==18170== by 0x401071: U_AnnotateHappensBefore (unified_annotations.h:46)
==18170== by 0x4018DD: smart_ptr<counter>::set(counter*, AtomicInt32*) (annotate_smart_pointer.cpp:239)
==18170== by 0x401778: smart_ptr<counter>::operator=(counter*) (annotate_smart_pointer.cpp:208)
==18170== by 0x401377: main (annotate_smart_pointer.cpp:326)
==18170== Allocation context: unknown.
Added a new parameter to the memcheck 'leak_check' GDB monitor command
to let the user specify a max nr of loss records to output : on huge
applications, interactive display of a lot of records in gdb can
take a lot of time.
* mc_include.h :
- added UInt max_loss_records_output; to LeakCheckParams structure
- avoid passing LeakCheckParams by struct copy.
* modified test gdbserver_tests/mcleak to test the new parameter
* mc_main.c : parse or set max_loss_records_output in leak_check cmd
handling and calls.
* mc-manual.xml : document new leak_check parameter
* mc_leakcheck.c :
- extract printing rules logic in its own function
- in print_results, if there is a limit in LeakCheckParam,
compute from where the printing of loss records has to start
* Use the arg name forClient to document the calls to VG_(am_get_advisory)
* in function VG_(am_mmap_file_float_valgrind_flags), use False/*forClient*/
instead of True (as VG_(am_mmap_file_float_valgrind_flags) is used
for "valgrind" kind of mmap only).
Regtested on f16/ppc64, deb5/amd64, Ubuntu9.10/x86
Florian Krohm [Fri, 30 Dec 2011 03:09:45 +0000 (03:09 +0000)]
Fix accounting for MC_(realloc). It was inconsistent as compared to
other wrappers in that it took place before the silly-args check.
Testcase and patch by Yann Droneaud (yann@droneaud.fr).
Fixes #281482
Also included is a related fix to MC_(new_block). Incrementing the
alloc counter and updating the allocated memory amount should
occur under the same condition (allocation succeeded).
projects / thirdparty / valgrind.git / log
