[Pvfs2-developers] double memory free problem

Sam Lang slang at mcs.anl.gov
Wed Oct 24 12:39:02 EDT 2007 

Forgot to attach the patch.  Trying again...
-sam

-------------- next part --------------
A non-text attachment was scrubbed...
Name: doublefree-fix-take2.patch
Type: application/octet-stream
Size: 835 bytes
Desc: not available
Url : http://www.beowulf-underground.org/pipermail/pvfs2-developers/attachments/20071024/94a8cc0a/doublefree-fix-take2.obj
-------------- next part --------------

On Oct 24, 2007, at 11:34 AM, Sam Lang wrote:

>
> Hagai,
>
> That previous patch had a bug in it as well. :-(
>
> The attached patch should fix your double free problem, as well as  
> avoid the bug I introduced. :-)
>
> It should be applied to the original sources.  Please let me know  
> if it works for you.
>
> Thanks,
> -sam
>
> On Oct 22, 2007, at 4:44 PM, Sam Lang wrote:
>
>>
>> Hagai,
>>
>> This looks like a bug when using the system interfaces directly.   
>> Can you try the attached patch?
>>
>> Thanks,
>>
>> -sam
>>
>> <objattr-double-free.patch>
>>
>>
>> On Oct 22, 2007, at 4:29 AM, Hagai Avrahami wrote:
>>
>>>
>>>
>>> Hi
>>>
>>> Maybe someone can help me with the following problem
>>>
>>> I have met double free problem described in valgrind log
>>>
>>> 1.
>>> ==18442== Invalid free() / delete / delete[]
>>> ==18442== at 0x401CFCF: free (vg_replace_malloc.c:235)
>>> ==18442== by 0x81E983A: PINT_copy_object_attr (pint-util.c:208)
>>> ==18442== by 0x81B26E5: getattr_object_getattr_comp_fn (sys- 
>>> etattr.sm:535)
>>> ==18442== by 0x81E8B56: msgpairarray_completion_fn  
>>> (msgpairarray.sm:554)
>>> ==18442== by 0x81B032B: PINT_state_machine_next (state-machine- 
>>> fns.h:158)
>>> ==18442== by 0x81B1196: PINT_client_state_machine_testsome
>>> (client-state-machine.c:744)
>>> ==18442== by 0x81B154C: PVFS_sys_testsome (client-state-machine.c: 
>>> 934)
>>>
>>> 2.
>>> ==18442==  Address 0x47421C0 is 0 bytes inside a block of size 32  
>>> free'd
>>> ==18442==    at 0x401CFCF: free (vg_replace_malloc.c:235)
>>> ==18442==    by 0x81E9A33: PINT_free_object_attr (pint-util.c:283)
>>> ==18442==    by 0x81B234B: getattr_acache_lookup (sys-getattr.sm: 
>>> 447)
>>> ==18442==    by 0x81B032B: PINT_state_machine_next (state-machine- 
>>> fns.h:158)
>>> ==18442==    by 0x81B0052: PINT_client_state_machine_post
>>> (client-state-machine.c:369)
>>> ==18442==    by 0x81BA519: PVFS_isys_io (sys-io.sm:329)
>>>
>>>
>>> ///////////////////////////////////////////////
>>> I got this double free case after using:
>>>  PVFS_isys_getattr with mask =(PVFS_ATTR_SYS_ALL_NOHINT &
>>> (~PVFS_ATTR_SYS_SIZE))
>>>
>>> And after that, trying to read data using
>>> PVFS_isys_io
>>>
>>> ///////////////////////////////////////////////
>>>
>>> After some debugging I can see that after calling free(X) there  
>>> are places
>>> There is assignment of X to NULL and in some cases not
>>>
>>> After Adding this lines to pvfs2-types.h
>>>
>>> #define free(x) free(x); \
>>>                 x = NULL
>>> The problem solved
>>>
>>> Do you think it's OK to Add this lines?
>>>
>>> Thanx for your help
>>> Hagai
>>>
>>>
>>> _______________________________________________
>>> Pvfs2-developers mailing list
>>> Pvfs2-developers at beowulf-underground.org
>>> http://www.beowulf-underground.org/mailman/listinfo/pvfs2-developers
>>>
>>
>

More information about the Pvfs2-developers mailing list