Re: Issue 35 in memory-sanitizer: Find a better name for origin coming from free()

memory-s...@googlecode.com

unread,

Dec 9, 2014, 3:33:05 AM12/9/14

to memory-s...@googlegroups.com

Comment #1 on issue 35 by euge...@google.com: Find a better name for origin
coming from free()
https://code.google.com/p/memory-sanitizer/issues/detail?id=35

1. Find space in StackDepot for an "origin type" flag: allocation /
deallocation / a bunch of custom types (like __msan_poison).
2. Change the origin description in the report to "heap deallocation"
3. Maybe change the report header to MemorySanitizer: use-after-free

--
You received this message because this project is configured to send all
issue notifications to this address.
You may adjust your notification preferences at:
https://code.google.com/hosting/settings

memory-s...@googlecode.com

unread,

Jan 21, 2015, 2:13:08 PM1/21/15

to memory-s...@googlegroups.com

Comment #2 on issue 35 by earth...@chromium.org: Find a better name for

origin coming from free()
https://code.google.com/p/memory-sanitizer/issues/detail?id=35

This is coming up over and over again.

I understand we are stuck at #1, is this a problem? Maybe instead we could
check the top PC agains the ranges occupied by __interceptor_free etc?

memory-s...@googlecode.com

unread,

Jan 21, 2015, 8:05:34 PM1/21/15

to memory-s...@googlegroups.com

Comment #3 on issue 35 by konstant...@gmail.com: Find a better name for

origin coming from free()
https://code.google.com/p/memory-sanitizer/issues/detail?id=35

One possible cheap way to solve this: when we record the deallocation stack
trace on free(), delete, realloc, etc record the top frame somewhere.
It will always be one of very few, i.e. we can use a fixed size array.
Then, when reporting a bug, see if the first frame of the origin stack
trace is one
of the deallocation frames.