Heap error and leak for same allocation
54 views
Skip to first unread message
Simon Richter
Feb 24, 2020, 6:57:05 AM2/24/20
to Dr. Memory Users
Hi,
I'm running a testsuite under Dr. Memory 2.3.0, and I get results like
Error #18: INVALID HEAP ARGUMENT to free 0x01d900f8
# 0 replace_free [d:\drmemory_package\common\alloc_replace.c:2707]
# 1 boost_unit_test_framework-vc141-!boost::unit_test::runtime_config::save_pattern+0x7d17 (0x6b1d3138 <boost_unit_test_framework-vc141-+0x43138>)
# 2 boost_unit_test_framework-vc141-!boost::unit_test::framework::clear +0xb9 (0x6b1a52fa <boost_unit_test_framework-vc141-+0x152fa>)
# 3 boost_unit_test_framework-vc141-!boost::unit_test::results_collector_t::~results_collector_t+0xaf (0x6b1a3bc0 <boost_unit_test_framework-vc141-+0x13bc0>)
# 4 ucrtbase.dll!execute_onexit_table +0x228 (0x6dc34fb9 <ucrtbase.dll+0x34fb9>)
# 5 ucrtbase.dll!register_onexit_function +0xda (0x6dc2fc0b <ucrtbase.dll+0x2fc0b>)
# 6 ucrtbase.dll!execute_onexit_table +0x7d (0x6dc34e0e <ucrtbase.dll+0x34e0e>)
# 7 boost_unit_test_framework-vc141-!boost::unit_test::runtime_config::save_pattern+0x7ea6 (0x6b1d32c7 <boost_unit_test_framework-vc141-+0x432c7>)
# 8 boost_unit_test_framework-vc141-!boost::unit_test::runtime_config::save_pattern+0x879a (0x6b1d3bbb <boost_unit_test_framework-vc141-+0x43bbb>)
# 9 boost_unit_test_framework-vc141-!boost::unit_test::runtime_config::save_pattern+0x89ea (0x6b1d3e0b <boost_unit_test_framework-vc141-+0x43e0b>)
#10 boost_unit_test_framework-vc141-!boost::unit_test::runtime_config::save_pattern+0x8a88 (0x6b1d3ea9 <boost_unit_test_framework-vc141-+0x43ea9>)
#11 ntdll.dll!RtlQueryEnvironmentVariable +0x240 (0x77a29280 <ntdll.dll+0x39280>)
#12 ntdll.dll!LdrShutdownProcess +0x140 (0x77a48f88 <ntdll.dll+0x58f88>)
#13 ntdll.dll!RtlExitUserProcess +0x73 (0x77a48e2a <ntdll.dll+0x58e2a>)
#14 KERNEL32.dll!ExitProcess +0x14 (0x76547a3d <KERNEL32.dll+0x17a3d>)
#15 ucrtbase.dll!exit +0xb4 (0x6dc29cb5 <ucrtbase.dll+0x29cb5>)
#16 ucrtbase.dll!exit +0x74 (0x6dc29c75 <ucrtbase.dll+0x29c75>)
#17 ucrtbase.dll!exit +0x10 (0x6dc29c11 <ucrtbase.dll+0x29c11>)
#18 __scrt_common_main_seh [d:\agent\_work\3\s\src\vctools\crt\vcstartup\src\startup\exe_common.inl:295]
#19 KERNEL32.dll!BaseThreadInitThunk +0x11 (0x7654343d <KERNEL32.dll+0x1343d>)
Note: @0:00:34.824 in thread 18664
Note: refers to -1 byte(s) before next malloc
Note: next higher malloc: 0x01d900f8-0x01d901b8
Note: refers to -192 byte(s) beyond last valid byte in prior malloc
Note: prev lower malloc: 0x01d900f8-0x01d901b8
...
Error #33: LEAK 192 direct bytes 0x01d900f8-0x01d901b8 + 0 indirect bytes
# 0 replace_operator_new [d:\drmemory_package\common\alloc_replace.c:2900]
# 1 boost::unit_test::make_test_case [c:\jenkins\workspace\windows-kicad-msvc-head\build\release\cpu\x86\label\msvc\prereq\boost\install\include\boost-1_71\boost\test\tree\test_unit.hpp:267]
# 2 ArrayAxis::`dynamic initializer for 'ValidOffsets_registrar5011'' [c:\jenkins\workspace\windows-kicad-msvc-head\build\release\cpu\x86\label\msvc\src\qa\common\test_array_axis.cpp:50]
# 3 ucrtbase.dll!initterm +0x42 (0x6dc3cf33 <ucrtbase.dll+0x3cf33>)
# 4 __scrt_common_main_seh [d:\agent\_work\3\s\src\vctools\crt\vcstartup\src\startup\exe_common.inl:256]
# 5 KERNEL32.dll!BaseThreadInitThunk +0x11 (0x7654343d <KERNEL32.dll+0x1343d>)
My interpretation of this would be that this is either a mismatch -- free()
being used on memory from operator new, or a bug in Dr. Memory, or both.
The address given to free() matches exactly with the address listed as the
next malloc below, not off by (minus) one, so that allocation should have
been found here.
Full result files are usually available below
https://jenkins.simonrichter.eu/job/windows-kicad-msvc-head/build=release,cpu=x86,label=msvc/ws/build/Testing/Temporary/DrMemory/
unless a build is running at the moment.
Simon
I'm running a testsuite under Dr. Memory 2.3.0, and I get results like
Error #18: INVALID HEAP ARGUMENT to free 0x01d900f8
# 0 replace_free [d:\drmemory_package\common\alloc_replace.c:2707]
# 1 boost_unit_test_framework-vc141-!boost::unit_test::runtime_config::save_pattern+0x7d17 (0x6b1d3138 <boost_unit_test_framework-vc141-+0x43138>)
# 2 boost_unit_test_framework-vc141-!boost::unit_test::framework::clear +0xb9 (0x6b1a52fa <boost_unit_test_framework-vc141-+0x152fa>)
# 3 boost_unit_test_framework-vc141-!boost::unit_test::results_collector_t::~results_collector_t+0xaf (0x6b1a3bc0 <boost_unit_test_framework-vc141-+0x13bc0>)
# 4 ucrtbase.dll!execute_onexit_table +0x228 (0x6dc34fb9 <ucrtbase.dll+0x34fb9>)
# 5 ucrtbase.dll!register_onexit_function +0xda (0x6dc2fc0b <ucrtbase.dll+0x2fc0b>)
# 6 ucrtbase.dll!execute_onexit_table +0x7d (0x6dc34e0e <ucrtbase.dll+0x34e0e>)
# 7 boost_unit_test_framework-vc141-!boost::unit_test::runtime_config::save_pattern+0x7ea6 (0x6b1d32c7 <boost_unit_test_framework-vc141-+0x432c7>)
# 8 boost_unit_test_framework-vc141-!boost::unit_test::runtime_config::save_pattern+0x879a (0x6b1d3bbb <boost_unit_test_framework-vc141-+0x43bbb>)
# 9 boost_unit_test_framework-vc141-!boost::unit_test::runtime_config::save_pattern+0x89ea (0x6b1d3e0b <boost_unit_test_framework-vc141-+0x43e0b>)
#10 boost_unit_test_framework-vc141-!boost::unit_test::runtime_config::save_pattern+0x8a88 (0x6b1d3ea9 <boost_unit_test_framework-vc141-+0x43ea9>)
#11 ntdll.dll!RtlQueryEnvironmentVariable +0x240 (0x77a29280 <ntdll.dll+0x39280>)
#12 ntdll.dll!LdrShutdownProcess +0x140 (0x77a48f88 <ntdll.dll+0x58f88>)
#13 ntdll.dll!RtlExitUserProcess +0x73 (0x77a48e2a <ntdll.dll+0x58e2a>)
#14 KERNEL32.dll!ExitProcess +0x14 (0x76547a3d <KERNEL32.dll+0x17a3d>)
#15 ucrtbase.dll!exit +0xb4 (0x6dc29cb5 <ucrtbase.dll+0x29cb5>)
#16 ucrtbase.dll!exit +0x74 (0x6dc29c75 <ucrtbase.dll+0x29c75>)
#17 ucrtbase.dll!exit +0x10 (0x6dc29c11 <ucrtbase.dll+0x29c11>)
#18 __scrt_common_main_seh [d:\agent\_work\3\s\src\vctools\crt\vcstartup\src\startup\exe_common.inl:295]
#19 KERNEL32.dll!BaseThreadInitThunk +0x11 (0x7654343d <KERNEL32.dll+0x1343d>)
Note: @0:00:34.824 in thread 18664
Note: refers to -1 byte(s) before next malloc
Note: next higher malloc: 0x01d900f8-0x01d901b8
Note: refers to -192 byte(s) beyond last valid byte in prior malloc
Note: prev lower malloc: 0x01d900f8-0x01d901b8
...
Error #33: LEAK 192 direct bytes 0x01d900f8-0x01d901b8 + 0 indirect bytes
# 0 replace_operator_new [d:\drmemory_package\common\alloc_replace.c:2900]
# 1 boost::unit_test::make_test_case [c:\jenkins\workspace\windows-kicad-msvc-head\build\release\cpu\x86\label\msvc\prereq\boost\install\include\boost-1_71\boost\test\tree\test_unit.hpp:267]
# 2 ArrayAxis::`dynamic initializer for 'ValidOffsets_registrar5011'' [c:\jenkins\workspace\windows-kicad-msvc-head\build\release\cpu\x86\label\msvc\src\qa\common\test_array_axis.cpp:50]
# 3 ucrtbase.dll!initterm +0x42 (0x6dc3cf33 <ucrtbase.dll+0x3cf33>)
# 4 __scrt_common_main_seh [d:\agent\_work\3\s\src\vctools\crt\vcstartup\src\startup\exe_common.inl:256]
# 5 KERNEL32.dll!BaseThreadInitThunk +0x11 (0x7654343d <KERNEL32.dll+0x1343d>)
My interpretation of this would be that this is either a mismatch -- free()
being used on memory from operator new, or a bug in Dr. Memory, or both.
The address given to free() matches exactly with the address listed as the
next malloc below, not off by (minus) one, so that allocation should have
been found here.
Full result files are usually available below
https://jenkins.simonrichter.eu/job/windows-kicad-msvc-head/build=release,cpu=x86,label=msvc/ws/build/Testing/Temporary/DrMemory/
unless a build is running at the moment.
Simon
Reply all
Reply to author
Forward
0 new messages