From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 6196 invoked by alias); 30 Oct 2002 20:26:23 -0000 Mailing-List: contact gdb-help@sources.redhat.com; run by ezmlm Precedence: bulk List-Subscribe: List-Archive: List-Post: List-Help: , Sender: gdb-owner@sources.redhat.com Received: (qmail 6133 invoked from network); 30 Oct 2002 20:26:21 -0000 Received: from unknown (HELO crack.them.org) (65.125.64.184) by sources.redhat.com with SMTP; 30 Oct 2002 20:26:21 -0000 Received: from nevyn.them.org ([66.93.61.169] ident=mail) by crack.them.org with asmtp (Exim 3.12 #1 (Debian)) id 1870LQ-0008OS-00; Wed, 30 Oct 2002 15:25:45 -0600 Received: from drow by nevyn.them.org with local (Exim 3.36 #1 (Debian)) id 186zQU-0000LY-00; Wed, 30 Oct 2002 15:26:54 -0500 Date: Wed, 30 Oct 2002 12:26:00 -0000 From: Daniel Jacobowitz To: Fredrik Tolf Cc: gdb@sources.redhat.com Subject: Re: malloc() debugging Message-ID: <20021030202654.GA1250@nevyn.them.org> Mail-Followup-To: Fredrik Tolf , gdb@sources.redhat.com References: <005b01c28050$03991be0$8400a8c0@dolda2000.com> <20021030201137.GA31064@nevyn.them.org> <006e01c28051$58125d20$8400a8c0@dolda2000.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <006e01c28051$58125d20$8400a8c0@dolda2000.com> User-Agent: Mutt/1.5.1i X-SW-Source: 2002-10/txt/msg00219.txt.bz2 On Wed, Oct 30, 2002 at 09:17:17PM +0100, Fredrik Tolf wrote: > ----- Original Message ----- > From: "Daniel Jacobowitz" > To: "Fredrik Tolf" > Cc: > Sent: Wednesday, October 30, 2002 9:11 PM > Subject: Re: malloc() debugging > > > > On Wed, Oct 30, 2002 at 09:07:46PM +0100, Fredrik Tolf wrote: > > > I'm trying to make a multithreaded program, but I've run into some > > > problems. It appears as I am somehow modifying malloc's data > > > structures (those in front of the allocated chunk, I'm using glibc), > > > and thus the program crashes sometimes when the malloc related are > > > called, most usually in free. The strangest thing, as I see it, is > > > that (at least last time it crashed from this), the first word of > > > that structure (prev_size) wasn't modified, but only the second word > > > (size). The most probable reason I can see for an error of this kind > > > would otherwise be a buffer overflow from the chunk before. Anyhow, > > > the reason that I'm mailing to this list is that I'm wondering if > > > it's possible to configure gdb to break whenever one of these > > > structures is modified by an instruction outside the address range of > > > the malloc related functions. If noone knows how this would be done, > > > could you notify of any other good tool to find these conditions? Can > > > valgrind detect it? > > > > Nope, GDB can't do this. You may want to try either Electric Fence or > > dmalloc; dmalloc does work in multithreaded programs (although it needs > > a little coaxing). > > > Shouldn't gdb be enabled to do this in that case? Speaking of which, > can't gdb create watchpoints to these structuress every time malloc > is called with conditions of $pc outside the malloc functions and > delete them when free is called? I'm not very experienced with gdb, > but shouldn't it be possible, or, if not, be made possible? No. Every real system (non-simulator) with watchpoints at all has a finite number of them. Usually no more than a handful. You can use GDB in combination with dmalloc; dmalloc triggers an exception when you corrupt the data structures and GDB tells you where you are. -- Daniel Jacobowitz MontaVista Software Debian GNU/Linux Developer