Two stacktraces printed: what is the relationship between them?

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Two stacktraces printed: what is the relationship between them?

Graham Leggett
Hi all,

I have a very strange case of a piece of code that crashes when run under valgrind, but doesn’t crash when run normally or under gdb. Obviously something is wrong, but I don’t understand the information valgrind is trying to tell me.

I get an error "Invalid read of size 1”, a stacktrace, a message about overlapping memory then a second stacktrace, and that’s it.

Can anyone explain what the relationship is between these two stacktraces, what is this message trying to tell me?

==29256== Invalid read of size 1
==29256==    at 0xA0148F0: pn_selectable_is_terminal (selectable.c:247)
==29256==    by 0x997599B: run_messenger_thread (mod_amqp.c:1900)
==29256==    by 0x5F21DF4: start_thread (in /usr/lib64/libpthread-2.17.so)
==29256==    by 0x64301AC: clone (in /usr/lib64/libc-2.17.so)
==29256==  Address 0x698e343 is 99 bytes inside a block of size 104 free'd
==29256==    at 0x4C2AD17: free (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==29256==    by 0x9FF6BE5: pn_class_decref (object.c:103)
==29256==    by 0xA01067B: pn_messenger_free (messenger.c:822)
==29256==    by 0x9971583: messenger_cleanup (mod_amqp.c:314)
==29256==    by 0x58C3F0D: run_cleanups (apr_pools.c:2352)
==29256==    by 0x58C3F0D: apr_pool_destroy (apr_pools.c:814)
==29256==    by 0x58C3EE4: apr_pool_destroy (apr_pools.c:811)
==29256==    by 0x58C4144: apr_pool_clear (apr_pools.c:769)
==29256==    by 0x13E70A: main (in /usr/sbin/httpd)

Regards,
Graham



------------------------------------------------------------------------------
_______________________________________________
Valgrind-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/valgrind-users
Reply | Threaded
Open this post in threaded view
|

Re: Two stacktraces printed: what is the relationship between them?

Harry Wagstaff
Hi,
The first stack trace is showing where the invalid read is occurring:
at an instruction at address 0xA0148F0, which corresponds to
selectable.c, line 247. The read is invalid because although that
memory was valid at one point, it is in a block which was freed. The
second stack trace is showing where that block was freed.

The message is essentially trying to tell you that you have read from
an address which is invalid because it has been freed. This doesn't
crash when run normally because the memory being accessed might still
be mapped.

Thanks,
Harrry

On 26 September 2015 at 16:33, Graham Leggett <[hidden email]> wrote:

> Hi all,
>
> I have a very strange case of a piece of code that crashes when run under valgrind, but doesn’t crash when run normally or under gdb. Obviously something is wrong, but I don’t understand the information valgrind is trying to tell me.
>
> I get an error "Invalid read of size 1”, a stacktrace, a message about overlapping memory then a second stacktrace, and that’s it.
>
> Can anyone explain what the relationship is between these two stacktraces, what is this message trying to tell me?
>
> ==29256== Invalid read of size 1
> ==29256==    at 0xA0148F0: pn_selectable_is_terminal (selectable.c:247)
> ==29256==    by 0x997599B: run_messenger_thread (mod_amqp.c:1900)
> ==29256==    by 0x5F21DF4: start_thread (in /usr/lib64/libpthread-2.17.so)
> ==29256==    by 0x64301AC: clone (in /usr/lib64/libc-2.17.so)
> ==29256==  Address 0x698e343 is 99 bytes inside a block of size 104 free'd
> ==29256==    at 0x4C2AD17: free (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
> ==29256==    by 0x9FF6BE5: pn_class_decref (object.c:103)
> ==29256==    by 0xA01067B: pn_messenger_free (messenger.c:822)
> ==29256==    by 0x9971583: messenger_cleanup (mod_amqp.c:314)
> ==29256==    by 0x58C3F0D: run_cleanups (apr_pools.c:2352)
> ==29256==    by 0x58C3F0D: apr_pool_destroy (apr_pools.c:814)
> ==29256==    by 0x58C3EE4: apr_pool_destroy (apr_pools.c:811)
> ==29256==    by 0x58C4144: apr_pool_clear (apr_pools.c:769)
> ==29256==    by 0x13E70A: main (in /usr/sbin/httpd)
>
> Regards,
> Graham
> —
>
>
> ------------------------------------------------------------------------------
> _______________________________________________
> Valgrind-users mailing list
> [hidden email]
> https://lists.sourceforge.net/lists/listinfo/valgrind-users

------------------------------------------------------------------------------
_______________________________________________
Valgrind-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/valgrind-users