This is the mail archive of the glibc-bugs@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

[Bug malloc/14593] New: mtrace gives incorrect caller address

From: "jpdonnelly at eucalyptus dot com" <sourceware-bugzilla at sourceware dot org>
To: glibc-bugs at sources dot redhat dot com
Date: Tue, 18 Sep 2012 02:32:20 +0000
Subject: [Bug malloc/14593] New: mtrace gives incorrect caller address
Auto-submitted: auto-generated

http://sourceware.org/bugzilla/show_bug.cgi?id=14593

             Bug #: 14593
           Summary: mtrace gives incorrect caller address
           Product: glibc
           Version: 2.12
            Status: NEW
          Severity: normal
          Priority: P2
         Component: malloc
        AssignedTo: unassigned@sourceware.org
        ReportedBy: jpdonnelly@eucalyptus.com
    Classification: Unclassified


It appears the mtrace reporting can give incorrect caller address
that is not in the text range or shared libraries:

1. This is just a sample of 250+ invalid caller address:

 Memory not freed:
-----------------
           Address     Size     Caller
0x00007fef72239010 0x64ed2d0  at 0x7fefb2d68210
0x0000000000007fef        0  at 0x7fefb2d522e4
0x00007fefa4024f80     0x38  at 0x7fefbc5e7dec
0x00007fefa4024fc0     0x20  at 0x7fefbc32f0a2
0x00007fefa4025040     0x36  at 0x7fefbb1c45f0
0x00007fefa4025050     0x35  at 0x7fefbb1c45f0
0x00007fefa4025080     0x10  at 0x7fefbb9a938e
0x00007fefa4025090     0x40  at 0x7fefbb9a81d6
0x00007fefa40250a0     0x80  at 0x7fefbb9ae687
0x00007fefa40250e0     0x36  at 0x7fefbb1c45f0
0x00007fefa4025120     0x10  at 0x7fefbb9a938e
0x00007fefa4025130     0x70  at 0x7fefbb98b4c4
0x00007fefa4025140     0x80  at 0x7fefbb9ae687
0x00007fefa40251b0     0x10  at 0x7fefbb1c5af5
0x00007fefa40251d0     0x10  at 0x7fefbb1c9f56

Note the caller address is: 0x7fefb2d522e4 

Process map ( head only, 10 of 200 mmaps )


[root@eucahost-51-75 eucalyptus]# cat /proc/18300/maps | grep lib | cut -c1-140
 |  sort | egrep -i -v eucal | head
7f27d823b000-7f27d8251000 r-xp 00000000 08:01 232951                    
/lib64/libgcc_s-4.4.6-20110824.so.1
7f27d8251000-7f27d8450000 ---p 00016000 08:01 232951                    
/lib64/libgcc_s-4.4.6-20110824.so.1
7f27d8450000-7f27d8451000 rw-p 00015000 08:01 232951                    
/lib64/libgcc_s-4.4.6-20110824.so.1
7f27d981a000-7f27d982b000 r-xp 00000000 08:01 93826                     
/usr/lib64/libfa.so.1.3.4
7f27d982b000-7f27d9a2a000 ---p 00011000 08:01 93826                     
/usr/lib64/libfa.so.1.3.4
7f27d9a2a000-7f27d9a2b000 rw-p 00010000 08:01 93826                     
/usr/lib64/libfa.so.1.3.4
7f27d9a2b000-7f27d9a39000 r-xp 00000000 08:01 73738                     
/lib64/liblber-2.4.so.2.5.6
7f27d9a39000-7f27d9c38000 ---p 0000e000 08:01 73738                     
/lib64/liblber-2.4.so.2.5.6
7f27d9c38000-7f27d9c39000 r--p 0000d000 08:01 73738                     
/lib64/liblber-2.4.so.2.5.6
7f27d9c39000-7f27d9c3a000 rw-p 0000e000 08:01 73738                     
/lib64/liblber-2.4.so.2.5.6


Tail:
root@eucahost-51-75 eucalyptus]# cat /proc/18300/maps | grep lib | cut -c1-140 
|  sort | egrep -i -v eucal | tail
7f27e3da9000-7f27e3dd5000 r-xp 00000000 08:01 73562                     
/lib64/libpcre.so.0.0.1
7f27e3dd5000-7f27e3fd4000 ---p 0002c000 08:01 73562                     
/lib64/libpcre.so.0.0.1
7f27e3fd4000-7f27e3fd5000 rw-p 0002b000 08:01 73562                     
/lib64/libpcre.so.0.0.1
7f27e3fd5000-7f27e4058000 r-xp 00000000 08:01 73464                     
/lib64/libm-2.12.so
7f27e4058000-7f27e4257000 ---p 00083000 08:01 73464                     
/lib64/libm-2.12.so
7f27e4257000-7f27e4258000 r--p 00082000 08:01 73464                     
/lib64/libm-2.12.so
7f27e4258000-7f27e4259000 rw-p 00083000 08:01 73464                     
/lib64/libm-2.12.so
7f27e4259000-7f27e4279000 r-xp 00000000 08:01 232953                    
/lib64/ld-2.12.so
7f27e4478000-7f27e4479000 r--p 0001f000 08:01 232953                    
/lib64/ld-2.12.so
7f27e4479000-7f27e447a000 rw-p 00020000 08:01 232953                    
/lib64/ld-2.12.so


The program text ( main ) from gdb:
.
Dump of assembler code for function main:
   0x00007f68e1d6f6e0 <+0>:     push   %r15
   0x00007f68e1d6f6e2 <+2>:     xor    %edx,%edx
   0x00007f68e1d6f6e4 <+4>:     push   %r14
   0x00007f68e1d6f6e6 <+6>:     push   %r13
   0x00007f68e1d6f6e8 <+8>:     push   %r12
   0x00007f68e1d6f6ea <+10>:    lea    0x2cafc(%rip),%r12   




code text:0x7f68e1d6f6e0

The attached libraries are 

from

(libpcre.so.0.0.1) 0x7f27d823b000
to
( ld-2.12.so)  0x7f27e447a000

The invalid caller address is 570GB above the end of code text:
 0x7fefb2d522e4- main

  0x7fefb2d522e4â0x7f68e1d6f6e0 = 0x86D0FE2C04

gdb does not recognize the caller address either.

-- 
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

Follow-Ups:
- [Bug malloc/14593] mtrace gives incorrect caller address
  - From: jpdonnelly at eucalyptus dot com

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]