how to enable tcmalloc to check invalid memory usage

[GoogleCodeExporter]

What steps will reproduce the problem?
1. run the following code

In the code example, I try to access deleted object, but tcmalloc fail to throw 
when I access the invalid object, error happen when new memory was allocated. 
This behavior may perform well, but lead to difficult debug.

What is the expected output? What do you see instead?
Expectd: throw error when try to access deleted object
Now : error delayed the next allocation.

What version of the product are you using? On what operating system?
gperf 2.0/ RedHat EL5

Please provide any additional information below.

#include <iostream>
#include <string>
#include <pthread.h>
#include <set>
#include <map>
//#include "test2.h"

using namespace std;

class A
{
public:
    A() : x(0), v("dfsf") {
        u["a"] = "v";
        u["b"] = "v";
        u["c"] = "v";
        u["e"] = "v";
        t.insert("xx");
        t.insert("yx");
        t.insert("zx");
    }
    int x;
    string v;
    map<string, string> u;
    set<string> t;
};

void* accessInvalidObj(void*)
{
    A *p = new A();
    delete p;

//// If I link program with PTMalloc, error happen here;
//// If I link program with tcmalloc, it is ok here, and error was thrown at 
next memory allocation.
    p->v = "i am deleted";

    cout << p->v << endl;
}

void testAccessDeletedObj()
{
    static const int N = 10;
    pthread_t ts[N];
    pthread_t args[N];
    for (int i = 0; i < N; i++)
    {
        args[i] = i;
        pthread_create(&ts[i], NULL, accessInvalidObj, args + i);
    }
    for (int i = 0; i < N; i++)
    {
        args[i] = i;
        pthread_join(ts[i], NULL);
    }
}

int main(int argc, char** argv)
{
    testAccessDeletedObj();

    return 0;
}

// example stack, error happen when 'new A()' was executed, not when 
// invalid p->v was assigned.
#0  tcmalloc::CentralFreeList::FetchFromSpans (this=0x63b1e0) at 
src/central_freelist.cc:298
#1  0x000000000040e147 in tcmalloc::CentralFreeList::RemoveRange 
(this=0x63b1e0, start=0x427f4ec8, end=0x427f4ec0, N=<value optimized out>)
    at src/central_freelist.cc:269
#2  0x000000000040a612 in tcmalloc::ThreadCache::FetchFromCentralCache 
(this=0xa4af880, cl=<value optimized out>, byte_size=32) at 
src/thread_cache.cc:156
#3  0x00000000004074e6 in cpp_alloc (size=26, nothrow=false) at 
src/thread_cache.h:342
#4  0x0000000000422fba in tc_new (size=6533600) at src/tcmalloc.cc:1463
#5  0x00000030fa69b801 in std::string::_Rep::_S_create () from 
/usr/lib64/libstdc++.so.6
#6  0x00000030fa69d0b1 in std::string::_M_mutate () from 
/usr/lib64/libstdc++.so.6
#7  0x00000030fa69d22c in std::string::_M_replace_safe () from 
/usr/lib64/libstdc++.so.6
#8  0x0000000000406117 in A (this=<value optimized out>) at 
/usr/lib/gcc/x86_64-redhat-linux/4.1.2/../../../../include/c++/4.1.2/bits/basic_
string.h:915
#9  0x000000000040516b in accessInvalidObj () at test.cpp:62
#10 0x00000030f4e064a7 in start_thread () from /lib64/libpthread.so.0
#11 0x00000030f42d3c2d in clone () from /lib64/libc.so.6

thank you very much.

Original issue reported on code.google.com by shiqu...@gmail.com on 27 Apr 2013 at 3:05

[GoogleCodeExporter]

Hi,

I believe you made wrong assumptions here: tcmalloc, as ptmalloc2 (glibc), does 
not 
provide a mechanism to trap on invalid memory access as some runtime 
environments 
provides (java/python for instance). Since it run as native code, it relies on 
OS to
provide memory protection and since it is also a general purpose memory 
allocator, it
does not provide extra runtime checks for such things.

If you having issues with your program related to invalid memory access, you 
will
need to use memory access analyzers as valgring or asan to correct such issues.

Original comment by zatr...@gmail.com on 2 May 2013 at 5:10

[GoogleCodeExporter]

Thank you for your reply. And I am sorry, I fail to describe question.
I just want the allocator fail if user program try to access invalid memory, 
such as access the freeed object.

Yestoday, I have use debugallocation in tcmalloc, which can detect 
overflow/invalid memory access , but debugallocation is too slow and consume 
much memory. I want to know, is there a method whose behavior is like 
debugallocation and perform is not bad.

thanks again.

Original comment by shiqu...@gmail.com on 4 May 2013 at 1:50

[GoogleCodeExporter]

Usually memory analyzer imposes a memory and cpu overhead on observed programs 
and
debugallocation is not different. You might try to profile the debugallocation 
to
check if it is possible to came up with a performance optimization on the code 
or
try to use alternatives, like valgrind or asan.

Original comment by zatr...@gmail.com on 9 May 2013 at 12:58

[GoogleCodeExporter]

thank you, I have bulit a test program with debugallocation with reuse disable, 
and it is useful to find memory overflow. 

Original comment by shiqu...@gmail.com on 16 May 2013 at 1:11

[GoogleCodeExporter]

Original comment by alkondratenko on 6 Jul 2013 at 10:56

• Changed state: NotABug