From owner-freebsd-current@FreeBSD.ORG Fri Jan 20 07:22:58 2006 Return-Path: X-Original-To: freebsd-current@FreeBSD.org Delivered-To: freebsd-current@FreeBSD.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id EA65816A41F; Fri, 20 Jan 2006 07:22:57 +0000 (GMT) (envelope-from marcus@FreeBSD.org) Received: from creme-brulee.marcuscom.com (creme-brulee.marcuscom.com [24.172.16.118]) by mx1.FreeBSD.org (Postfix) with ESMTP id 574AB43D45; Fri, 20 Jan 2006 07:22:57 +0000 (GMT) (envelope-from marcus@FreeBSD.org) Received: from shumai.marcuscom.com (shumai.marcuscom.com [192.168.1.4]) by creme-brulee.marcuscom.com (8.13.4/8.13.4) with ESMTP id k0K7O4Xf091728; Fri, 20 Jan 2006 02:24:04 -0500 (EST) (envelope-from marcus@FreeBSD.org) From: Joe Marcus Clarke To: Jason Evans In-Reply-To: <6BD97F93-5E85-4A5A-8751-DC0C0382B916@FreeBSD.org> References: <6BD97F93-5E85-4A5A-8751-DC0C0382B916@FreeBSD.org> Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="=-MKTSKHxz9dgBXOUYrHcG" Organization: FreeBSD, Inc. Date: Fri, 20 Jan 2006 02:22:47 -0500 Message-Id: <1137741767.75264.27.camel@shumai.marcuscom.com> Mime-Version: 1.0 X-Mailer: Evolution 2.4.2.1 FreeBSD GNOME Team Port Cc: freebsd-current@FreeBSD.org Subject: Re: Typical malloc-related application bugs X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 20 Jan 2006 07:22:58 -0000 --=-MKTSKHxz9dgBXOUYrHcG Content-Type: text/plain Content-Transfer-Encoding: quoted-printable On Thu, 2006-01-19 at 23:10 -0800, Jason Evans wrote: > Overall, the malloc changeover has been pretty uneventful. Now that =20 > jemalloc has seen a bit wider exposure, I thought it might be useful =20 > to summarize the types of application bugs that it has been uncovering. First let me say that jemalloc has found quite a few bugs in GNOME applications that were not spotted with phkmalloc+AJ. I only wish those bugs had not been there to begin with :-}. [snip] > 2) Out-of-bounds writes. Lots of programs have been found to write =20 > past the end of the space they allocate. At the moment, jemalloc's =20 > redzone code is enabled, so these errors are causing messages to =20 > stderr that look like: >=20 > ifconfig: (malloc) Corrupted redzone 1 byte after 0xa000150 (size =20 > 18) (0x0) >=20 > In at least one case (running f2c while building the math/arpack =20 > port), these overruns would have caused actual malloc data structure =20 > corruption, had redzones not been enabled. I'm seeing a lot of this when I run gnome-system-monitor. There appears to be a bug in libgtop, but I don't know how to make these messages fatal in order to produce a backtrace I can use to narrow down where the problem lies. What can I do to isolate where in the code the redzone corruption is occurring? Additionally, do you have any example code that produces this kind of redzone corruption? Thanks. Joe --=20 Joe Marcus Clarke FreeBSD GNOME Team :: gnome@FreeBSD.org FreeNode / #freebsd-gnome http://www.FreeBSD.org/gnome --=-MKTSKHxz9dgBXOUYrHcG Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (FreeBSD) iD8DBQBD0I/Hb2iPiv4Uz4cRAghxAJ41q91vfuSeJOYTVHARJReb6oG3xQCfY4Zn J3CwsSgI11LNlgokaTB4oXM= =+T57 -----END PGP SIGNATURE----- --=-MKTSKHxz9dgBXOUYrHcG--