Re: Typical malloc-related application bugs

From: Joe Marcus Clarke <marcus_at_FreeBSD.org>
Date: Fri, 20 Jan 2006 02:22:47 -0500
On Thu, 2006-01-19 at 23:10 -0800, Jason Evans wrote:
> Overall, the malloc changeover has been pretty uneventful.  Now that  
> jemalloc has seen a bit wider exposure, I thought it might be useful  
> to summarize the types of application bugs that it has been uncovering.

First let me say that jemalloc has found quite a few bugs in GNOME
applications that were not spotted with phkmalloc+AJ.  I only wish those
bugs had not been there to begin with :-}.

[snip]

> 2) Out-of-bounds writes.  Lots of programs have been found to write  
> past the end of the space they allocate.  At the moment, jemalloc's  
> redzone code is enabled, so these errors are causing messages to  
> stderr that look like:
> 
> 	ifconfig: (malloc) Corrupted redzone 1 byte after 0xa000150 (size  
> 18) (0x0)
> 
> In at least one case (running f2c while building the math/arpack  
> port), these overruns would have caused actual malloc data structure  
> corruption, had redzones not been enabled.

I'm seeing a lot of this when I run gnome-system-monitor.  There appears
to be a bug in libgtop, but I don't know how to make these messages
fatal in order to produce a backtrace I can use to narrow down where the
problem lies.  What can I do to isolate where in the code the redzone
corruption is occurring?

Additionally, do you have any example code that produces this kind of
redzone corruption?  Thanks.

Joe

-- 
Joe Marcus Clarke
FreeBSD GNOME Team      ::      gnome_at_FreeBSD.org
FreeNode / #freebsd-gnome
http://www.FreeBSD.org/gnome

Received on Fri Jan 20 2006 - 06:22:58 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:38:51 UTC