Discussion:
Valgrind: r16369 - in /trunk/memcheck/tests: mempool2.c mempool2.stderr.exp
(too old to reply)
s***@valgrind.org
2017-05-13 10:19:17 UTC
Permalink
Raw Message
Author: philippe
Date: Sat May 13 11:19:16 2017
New Revision: 16369

Log:
Fix mempool2 test
mempool2 test was using a wrong address for the pool arguments
in the client requests VALGRIND_MEMPOOL_FREE.
So, instead of testing what it was supposed to test (e.g. reading
memory from a freed mempool block), this was all causing
an illegal memory pool address.
So, fix the calls, and add a specific test to verify the illegal
mempool address.

(detected while looking at bug 375415)


Modified:
trunk/memcheck/tests/mempool2.c
trunk/memcheck/tests/mempool2.stderr.exp

Modified: trunk/memcheck/tests/mempool2.c
==============================================================================
--- trunk/memcheck/tests/mempool2.c (original)
+++ trunk/memcheck/tests/mempool2.c Sat May 13 11:19:16 2017
@@ -141,22 +141,26 @@
res += x2[20]; // invalid

fprintf(stderr,
+ "\n------ Illegal memory pool address ------\n\n");
+ VALGRIND_MEMPOOL_FREE(p1, x1); // Should be p1->mem
+
+ fprintf(stderr,
"\n------ read free in malloc-backed pool ------\n\n");
- VALGRIND_MEMPOOL_FREE(p1, x1);
+ VALGRIND_MEMPOOL_FREE(p1->mem, x1);
res += x1[5];

fprintf(stderr,
"\n------ read free in mmap-backed pool ------\n\n");
- VALGRIND_MEMPOOL_FREE(p2, x2);
+ VALGRIND_MEMPOOL_FREE(p2->mem, x2);
res += x2[11];

fprintf(stderr,
"\n------ double free in malloc-backed pool ------\n\n");
- VALGRIND_MEMPOOL_FREE(p1, x1);
+ VALGRIND_MEMPOOL_FREE(p1->mem, x1);

fprintf(stderr,
"\n------ double free in mmap-backed pool ------\n\n");
- VALGRIND_MEMPOOL_FREE(p2, x2);
+ VALGRIND_MEMPOOL_FREE(p2->mem, x2);

{
// test that redzone are still protected even if the user forgets

Modified: trunk/memcheck/tests/mempool2.stderr.exp
==============================================================================
--- trunk/memcheck/tests/mempool2.stderr.exp (original)
+++ trunk/memcheck/tests/mempool2.stderr.exp Sat May 13 11:19:16 2017
@@ -3,95 +3,119 @@

Invalid read of size 1
at 0x........: test (mempool2.c:135)
- by 0x........: main (mempool2.c:196)
+ by 0x........: main (mempool2.c:200)
Address 0x........ is 1 bytes before a block of size 10 client-defined
at 0x........: allocate (mempool2.c:108)
by 0x........: test (mempool2.c:130)
- by 0x........: main (mempool2.c:196)
+ by 0x........: main (mempool2.c:200)

Invalid read of size 1
at 0x........: test (mempool2.c:136)
- by 0x........: main (mempool2.c:196)
+ by 0x........: main (mempool2.c:200)
Address 0x........ is 0 bytes after a block of size 10 client-defined
at 0x........: allocate (mempool2.c:108)
by 0x........: test (mempool2.c:130)
- by 0x........: main (mempool2.c:196)
+ by 0x........: main (mempool2.c:200)


------ out of range reads in mmap-backed pool ------

Invalid read of size 1
at 0x........: test (mempool2.c:140)
- by 0x........: main (mempool2.c:196)
+ by 0x........: main (mempool2.c:200)
Address 0x........ is 1 bytes before a block of size 20 client-defined
at 0x........: allocate (mempool2.c:108)
by 0x........: test (mempool2.c:131)
- by 0x........: main (mempool2.c:196)
+ by 0x........: main (mempool2.c:200)

Invalid read of size 1
at 0x........: test (mempool2.c:141)
- by 0x........: main (mempool2.c:196)
+ by 0x........: main (mempool2.c:200)
Address 0x........ is 0 bytes after a block of size 20 client-defined
at 0x........: allocate (mempool2.c:108)
by 0x........: test (mempool2.c:131)
- by 0x........: main (mempool2.c:196)
+ by 0x........: main (mempool2.c:200)


------- read free in malloc-backed pool ------
+------ Illegal memory pool address ------

Illegal memory pool address
at 0x........: test (mempool2.c:145)
- by 0x........: main (mempool2.c:196)
+ by 0x........: main (mempool2.c:200)
Address 0x........ is 0 bytes inside a block of size 32 alloc'd
at 0x........: malloc (vg_replace_malloc.c:...)
by 0x........: make_pool (mempool2.c:46)
by 0x........: test (mempool2.c:122)
- by 0x........: main (mempool2.c:196)
+ by 0x........: main (mempool2.c:200)


------- read free in mmap-backed pool ------
+------ read free in malloc-backed pool ------

-Illegal memory pool address
+Invalid read of size 1
at 0x........: test (mempool2.c:150)
- by 0x........: main (mempool2.c:196)
- Address 0x........ is in a rwx anonymous segment
+ by 0x........: main (mempool2.c:200)
+ Address 0x........ is 13 bytes inside a recently re-allocated block of size 100,000 alloc'd
+ at 0x........: malloc (vg_replace_malloc.c:...)
+ by 0x........: make_pool (mempool2.c:47)
+ by 0x........: test (mempool2.c:122)
+ by 0x........: main (mempool2.c:200)


------- double free in malloc-backed pool ------
+------ read free in mmap-backed pool ------

-Illegal memory pool address
+Invalid read of size 1
at 0x........: test (mempool2.c:155)
- by 0x........: main (mempool2.c:196)
- Address 0x........ is 0 bytes inside a block of size 32 alloc'd
+ by 0x........: main (mempool2.c:200)
+ Address 0x........ is 11 bytes inside a block of size 20 free'd
+ at 0x........: test (mempool2.c:154)
+ by 0x........: main (mempool2.c:200)
+ Block was alloc'd at
+ at 0x........: allocate (mempool2.c:108)
+ by 0x........: test (mempool2.c:131)
+ by 0x........: main (mempool2.c:200)
+
+
+------ double free in malloc-backed pool ------
+
+Invalid free() / delete / delete[] / realloc()
+ at 0x........: test (mempool2.c:159)
+ by 0x........: main (mempool2.c:200)
+ Address 0x........ is 8 bytes inside a recently re-allocated block of size 100,000 alloc'd
at 0x........: malloc (vg_replace_malloc.c:...)
- by 0x........: make_pool (mempool2.c:46)
+ by 0x........: make_pool (mempool2.c:47)
by 0x........: test (mempool2.c:122)
- by 0x........: main (mempool2.c:196)
+ by 0x........: main (mempool2.c:200)


------ double free in mmap-backed pool ------

-Illegal memory pool address
- at 0x........: test (mempool2.c:159)
- by 0x........: main (mempool2.c:196)
- Address 0x........ is in a rwx anonymous segment
+Invalid free() / delete / delete[] / realloc()
+ at 0x........: test (mempool2.c:163)
+ by 0x........: main (mempool2.c:200)
+ Address 0x........ is 0 bytes inside a block of size 20 free'd
+ at 0x........: test (mempool2.c:154)
+ by 0x........: main (mempool2.c:200)
+ Block was alloc'd at
+ at 0x........: allocate (mempool2.c:108)
+ by 0x........: test (mempool2.c:131)
+ by 0x........: main (mempool2.c:200)


------ 2 invalid access in 'no no-access superblock' ---

Invalid read of size 1
- at 0x........: test (mempool2.c:178)
- by 0x........: main (mempool2.c:196)
+ at 0x........: test (mempool2.c:182)
+ by 0x........: main (mempool2.c:200)
Address 0x........ is 1 bytes before a block of size 10 client-defined
- at 0x........: test (mempool2.c:171)
- by 0x........: main (mempool2.c:196)
+ at 0x........: test (mempool2.c:175)
+ by 0x........: main (mempool2.c:200)

Invalid read of size 1
- at 0x........: test (mempool2.c:179)
- by 0x........: main (mempool2.c:196)
+ at 0x........: test (mempool2.c:183)
+ by 0x........: main (mempool2.c:200)
Address 0x........ is 0 bytes after a block of size 10 client-defined
- at 0x........: test (mempool2.c:171)
- by 0x........: main (mempool2.c:196)
+ at 0x........: test (mempool2.c:175)
+ by 0x........: main (mempool2.c:200)


------ done ------

Loading...