Invalid free when using valgrind

[GoogleCodeExporter]

What steps will reproduce the problem?
1. write simple code like:
#include <stdio.h>
#include <stdlib.h>

int main()
{
    int *pInt = new int;
    printf("%d\n",*pInt);
    free(pInt); //valgrind will report a mismatched warining
    return 0;
}
save as 2.cc
2. g++ 2.cc -g -O0 -ltcmalloc
3. valgrind --tool=memcheck --leak-check=full --log-file=./log_file.log  
--malloc-fill=0x55 --free-fill=0x11 ./a.out

tcmalloc output a "src/tcmalloc.cc:289] Attempt to free invalid pointer 
0x4034828",and crashed...

both tcmalloc 1.6 and 2.0 are all crashed when mistached free.

debain 6.0.5(x64) and red hat 4.3(x64).

gdb's bt:
#0  0x00000000058671b5 in *__GI_raise (sig=<value optimized out>)
    at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
#1  0x0000000005869fc0 in *__GI_abort () at abort.c:92
#2  0x0000000004e4a785 in tcmalloc::Log (mode=tcmalloc::kCrash, filename=<value 
optimized out>, 
    line=<value optimized out>, a=..., b=..., c=..., d=...) at src/internal_logging.cc:119
#3  0x0000000004e3ebcc in InvalidFree (ptr=0x4034828) at src/tcmalloc.cc:289
#4  0x0000000004e5dd50 in do_free_with_callback (ptr=0x4034828) at 
src/tcmalloc.cc:1121
#5  do_free (ptr=0x4034828) at src/tcmalloc.cc:1153
#6  tc_free (ptr=0x4034828) at src/tcmalloc.cc:1499
#7  0x000000000594633b in free_mem () at dl-libc.c:235
#8  0x0000000005945ed2 in *__GI___libc_freeres () at set-freeres.c:47
#9  0x0000000004a2067c in _vgnU_freeres () at vg_preloaded.c:62
#10 0x000000000586b5be in __run_exit_handlers (status=0, listp=0x51c0, 
run_list_atexit=true)
    at exit.c:93
#11 0x000000000586b665 in *__GI_exit (status=20928) at exit.c:100
#12 0x0000000005853c94 in __libc_start_main (main=<value optimized out>, 
    argc=<value optimized out>, ubp_av=<value optimized out>, init=<value optimized out>, 
    fini=<value optimized out>, rtld_fini=<value optimized out>, stack_end=0x7ff000248)
    at libc-start.c:260
#13 0x00000000004005a9 in _start ()

Original issue reported on code.google.com by egmk...@gmail.com on 30 Jun 2012 at 5:50

[GoogleCodeExporter]

I couldn't reproduce it with r190 plus valgrind-3.8.1 in PPC64 not in a x86_64 
box. Are you seeing this issue yet?

Original comment by zatr...@gmail.com on 10 Mar 2013 at 4:33

[GoogleCodeExporter]

Ran this on my dev machine based off of the current gperftools trunk and I am 
not seeing any issue either (details below). Can you please try by pulling down 
the current trunk and testing against that?

david@hatch:~/gperftools/patch-test$ uname -a
Linux hatch 3.0.0-19-generic #33-Ubuntu SMP Thu Apr 19 19:05:57 UTC 2012 i686 
i686 i386 GNU/Linux
david@hatch:~/gperftools/patch-test$ valgrind --tool=memcheck --leak-check=full 
--log-file=./log_file.log  --malloc-fill=0x55 --free-fill=0x11 ./a.out
0
david@hatch:~/gperftools/patch-test$ cat log_file.log 
==8004== Memcheck, a memory error detector
==8004== Copyright (C) 2002-2010, and GNU GPL'd, by Julian Seward et al.
==8004== Using Valgrind-3.6.1-Debian and LibVEX; rerun with -h for copyright 
info
==8004== Command: ./a.out
==8004== Parent PID: 2811
==8004== 
==8004== 
==8004== HEAP SUMMARY:
==8004==     in use at exit: 0 bytes in 0 blocks
==8004==   total heap usage: 0 allocs, 0 frees, 0 bytes allocated
==8004== 
==8004== All heap blocks were freed -- no leaks are possible
==8004== 
==8004== For counts of detected and suppressed errors, rerun with: -v
==8004== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 21 from 6)
david@hatch:~/gperftools/patch-test$ 

Original comment by chapp...@gmail.com on 10 Mar 2013 at 8:28

• Changed title: Invalid free when using valgrind
• Changed state: Started

[GoogleCodeExporter]

[deleted comment]

[GoogleCodeExporter]

from user egmkang:

Valgrind 3.8+ has fix this bug but in my impression, you must use 
--soname-synonyms

Original comment by chapp...@gmail.com on 11 Mar 2013 at 1:51

• Changed state: NotABug

[GoogleCodeExporter]

valgrind 3.8+ add a new option, --soname-synonyms. when i use this option, it 
worked correctly, reporting me a mismatch free.

valgrind --tool=memcheck --leak-check=full --log-file=./log_file.log 
--soname-synonyms=somalloc=*tcmalloc* ./a.out

Original comment by egmk...@gmail.com on 11 Mar 2013 at 1:53