how to enable tcmalloc to check invalid memory usage #527

alk · 2015-08-23T10:49:57Z

Originally reported on Google Code with ID 524

What steps will reproduce the problem?
1. run the following code

In the code example, I try to access deleted object, but tcmalloc fail to throw when
I access the invalid object, error happen when new memory was allocated. This behavior
may perform well, but lead to difficult debug.

What is the expected output? What do you see instead?
Expectd: throw error when try to access deleted object
Now : error delayed the next allocation.

What version of the product are you using? On what operating system?
gperf 2.0/ RedHat EL5

Please provide any additional information below.

#include <iostream>
#include <string>
#include <pthread.h>
#include <set>
#include <map>
//#include "test2.h"

using namespace std;

class A
{
public:
    A() : x(0), v("dfsf") {
        u["a"] = "v";
        u["b"] = "v";
        u["c"] = "v";
        u["e"] = "v";
        t.insert("xx");
        t.insert("yx");
        t.insert("zx");
    }
    int x;
    string v;
    map<string, string> u;
    set<string> t;
};

void* accessInvalidObj(void*)
{
    A *p = new A();
    delete p;

//// If I link program with PTMalloc, error happen here;
//// If I link program with tcmalloc, it is ok here, and error was thrown at next memory
allocation.
    p->v = "i am deleted";

    cout << p->v << endl;
}

void testAccessDeletedObj()
{
    static const int N = 10;
    pthread_t ts[N];
    pthread_t args[N];
    for (int i = 0; i < N; i++)
    {
        args[i] = i;
        pthread_create(&ts[i], NULL, accessInvalidObj, args + i);
    }
    for (int i = 0; i < N; i++)
    {
        args[i] = i;
        pthread_join(ts[i], NULL);
    }
}

int main(int argc, char** argv)
{
    testAccessDeletedObj();

    return 0;
}

// example stack, error happen when 'new A()' was executed, not when 
// invalid p->v was assigned.
#0  tcmalloc::CentralFreeList::FetchFromSpans (this=0x63b1e0) at src/central_freelist.cc:298
#1  0x000000000040e147 in tcmalloc::CentralFreeList::RemoveRange (this=0x63b1e0, start=0x427f4ec8,
end=0x427f4ec0, N=<value optimized out>)
    at src/central_freelist.cc:269
#2  0x000000000040a612 in tcmalloc::ThreadCache::FetchFromCentralCache (this=0xa4af880,
cl=<value optimized out>, byte_size=32) at src/thread_cache.cc:156
#3  0x00000000004074e6 in cpp_alloc (size=26, nothrow=false) at src/thread_cache.h:342
#4  0x0000000000422fba in tc_new (size=6533600) at src/tcmalloc.cc:1463
#5  0x00000030fa69b801 in std::string::_Rep::_S_create () from /usr/lib64/libstdc++.so.6
#6  0x00000030fa69d0b1 in std::string::_M_mutate () from /usr/lib64/libstdc++.so.6
#7  0x00000030fa69d22c in std::string::_M_replace_safe () from /usr/lib64/libstdc++.so.6
#8  0x0000000000406117 in A (this=<value optimized out>) at /usr/lib/gcc/x86_64-redhat-linux/4.1.2/../../../../include/c++/4.1.2/bits/basic_string.h:915
#9  0x000000000040516b in accessInvalidObj () at test.cpp:62
#10 0x00000030f4e064a7 in start_thread () from /lib64/libpthread.so.0
#11 0x00000030f42d3c2d in clone () from /lib64/libc.so.6

thank you very much.

Reported by shiquany on 2013-04-27 03:05:23

The text was updated successfully, but these errors were encountered:

alk · 2015-08-23T11:26:09Z

Hi,

I believe you made wrong assumptions here: tcmalloc, as ptmalloc2 (glibc), does not

provide a mechanism to trap on invalid memory access as some runtime environments 
provides (java/python for instance). Since it run as native code, it relies on OS to
provide memory protection and since it is also a general purpose memory allocator,
it
does not provide extra runtime checks for such things.

If you having issues with your program related to invalid memory access, you will
need to use memory access analyzers as valgring or asan to correct such issues.

Reported by zatrazz on 2013-05-02 17:10:20

alk · 2015-08-23T11:26:13Z

Thank you for your reply. And I am sorry, I fail to describe question.
I just want the allocator fail if user program try to access invalid memory, such as
access the freeed object.

Yestoday, I have use debugallocation in tcmalloc, which can detect overflow/invalid
memory access , but debugallocation is too slow and consume much memory. I want to
know, is there a method whose behavior is like debugallocation and perform is not bad.

thanks again.

Reported by shiquany on 2013-05-04 13:50:06

alk · 2015-08-23T11:26:18Z

Usually memory analyzer imposes a memory and cpu overhead on observed programs and
debugallocation is not different. You might try to profile the debugallocation to
check if it is possible to came up with a performance optimization on the code or
try to use alternatives, like valgrind or asan.

Reported by zatrazz on 2013-05-09 12:58:05

alk · 2015-08-23T11:26:23Z

thank you, I have bulit a test program with debugallocation with reuse disable, and
it is useful to find memory overflow.

Reported by shiquany on 2013-05-16 13:11:48

alk · 2015-08-23T11:26:27Z

Reported by alkondratenko on 2013-07-06 22:56:24

Status changed: NotABug

alk self-assigned this Aug 23, 2015

alk added Type-Defect Priority-Medium Status-NotABug labels Aug 23, 2015

alk closed this as completed Feb 22, 2016

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

how to enable tcmalloc to check invalid memory usage #527

how to enable tcmalloc to check invalid memory usage #527

alk commented Aug 23, 2015

alk commented Aug 23, 2015

alk commented Aug 23, 2015

alk commented Aug 23, 2015

alk commented Aug 23, 2015

alk commented Aug 23, 2015

how to enable tcmalloc to check invalid memory usage #527

how to enable tcmalloc to check invalid memory usage #527

Comments

alk commented Aug 23, 2015

alk commented Aug 23, 2015

alk commented Aug 23, 2015

alk commented Aug 23, 2015

alk commented Aug 23, 2015

alk commented Aug 23, 2015