When free_track option is enabled and malloc debug detects error in
VerifyFreedPointer flow, if freed pointer's usable_size is more than
g_debug->config().fill_on_free_bytes(), the error log is not correct.
The max. bytes printed to error message should be the max bytes to
cmp, not usable size.
Bug: 124420174
Test: build pass and test pass
Change-Id: I41f35ab3330e49e0a6ad276d405bf4f6c3f0ea92
This new option causes an abort after malloc debug detects an error.
This allows vendors to get process coredumps to analyze memory for
corruption.
Bug: 123009873
Test: New test cases added for unit tests and config tests.
Change-Id: I6b480af7f747d6a82f61e8bf3df204a5f7ba017f
There is a hang when enabling leak_track since the dumping of the
leak data can wind up doing an allocation.
Add new system unit test to make sure this doesn't happen again.
Bug: 111146059
Test: Test program that leaks does not hang forever.
Test: Unit tests pass.
Change-Id: Icf99be58ba5db98ee124a471b957a086045f5870
Bump the version from v1.1 to v1.2 and add a build fingerprint line.
Update the heap dump documentation to match the new format and reflect
what made it in P and what made it in Q.
Update the unit tests for this change.
Add -O0 to unit test code to make it easier to debug.
Add an external function that can be used by the framework code
so that there is only one way to dump the heap.
Bug: 110095681
Test: Ran unit tests.
Test: Did a dump of a real process and verified fingerprint.
Test: Did a dump of a process without malloc debug enabled.
Change-Id: I769a476cbeaf4c85c5d75bd6d6385f0e3add948c
Merged-In: I769a476cbeaf4c85c5d75bd6d6385f0e3add948c
(cherry picked from commit c84a2a2601)
This adds a new option backtrace_full, when it is set, then it will use
libunwindstack.
Modify the dump to file data to dump the extra information from libunwindstack.
Along with the new dump file format, change the version to v1.1.
Updated document for new format of file data.
Add unit tests for the new functionality.
Bug: 74361929
Test: Ran unit tests.
Change-Id: I40fff795f5346bba7b9d7fde2e04f269ff4eb7f1
Changes
- Refactor the code so that only guards require creating a special header
for every pointer allocated.
- Store only a single copy of every backtrace. This saves memory so that
turning on the backtrace option doesn't result in 10X memory usage.
- Added new option track_allocs that only verifies pointers are valid for
free/malloc_usable_size/realloc.
- Remove suffix from test names.
- Add the TRACK_ALLOCS options to all guard options.
- Add new option verify_pointers that is a lightweight way to verify
pointers that are passed to allocation routines.
- Do auto-formatting of the code.
- Updated documentation for all of these changes.
Bug: 74361929
Test: Ran unit tests.
Test: Ran libmemunreachable unit tests.
Test: Ran an app with backtrace enabled.
Change-Id: I3246c48ae4f9811f64622d90d0a9b4d9d818702c
Strictly not needed in the WNOHANG case, but it's probably best to have
every waitpid wrapped for future copy & pasters.
Bug: https://issuetracker.google.com/69525592
Test: ran tests
Change-Id: I013b0a52d2753e3d32638e9b84c79af7327fb405
While this was never an inline, this function alone has caused most of
the bug reports related to _FILE_OFFSET_BITS=64. Providing an inline
for it should allow a lot more code to build with _FILE_OFFSET_BITS=64
when targeting pre-L.
Test: make checkbuild
Test: built trivial cc_binary for LP32 against API 14 with
_FILE_OFFSET_BITS=64 set
Bug: lots
Change-Id: I8479d34af4da358c11423bee43d45b59e9d4143e
For non-zygote spawned processes, we might want to dump the backtrace
data. Provide a method to send a signal to a process and then dump the
data to a file.
Adds a method to dump the backtrace data on exit.
Update documentation and explain format of heap dump data.
Test: Ran unit tests, enabled new options and used them.
Change-Id: Ie2fa706694160731afe02c1382b037d06df1d069
Add the mallopt function, and only a single option so far.
Bug: 36401135
Test: Built and booted bullhead.
Test: Ran jemalloc unit tests.
Test: Ran bionic unit tests.
Test: Ran a test that allocated and free'd a large piece of memory,
Test: and verified that after changing the parameter, the PSS
Test: sticks around (decay timer set to 1), the PSS is purged (decay
Test: timer set to 0).
Change-Id: I6927929b0c539c1023d34772d9e26bb6a8a45877
This library is used by a number of different libraries in the system.
Make it easy for platform libraries to use this library and create
an actual exported include file.
Change the names of the functions to reflect the new name of the library.
Run clang_format on the async_safe_log.cpp file since the formatting is
all over the place.
Bug: 31919199
Test: Compiled for angler/bullhead, and booted.
Test: Ran bionic unit tests.
Test: Ran the malloc debug tests.
Change-Id: I8071bf690c17b0ea3bc8dc5749cdd5b6ad58478a
This should make it easier to add new options, and to add options that
are complex. For example, I want to modify the behavior of
record_allocs_file so that it also enables record_allocs to a default
state.
Test: All unit tests pass.
Test: Enable the backtrace option and restart.
Change-Id: Idf5cdeed06ade3bc2c8ae39d228734bf65209b4f
When I rewrote malloc debug, I accidentally thought that each
value returned in the info buffer contained the number of backtrace
frames in the backtrace. This was incorrect, it should have been
the total number of allocations with the same backtrace.
This is a temporary fix that sets that value to 1. The better fix is
to de-dupe backtraces and then return all allocations of the same size
with the same backtrace.
I updated the documents to describe this.
Bug: 31854476
Test: Unit tests pass.
Change-Id: Idf9efaa3d363923b5d7543d90dc7c65a0ed553d9
Previously malloc debug can be enabled only using global settings
accessible to the root user only. This CL adds a new option to enable
it using environment variables making it possible to use it with pure
native (shell) applications on production builds (from shell user) and
prepares it for using it from logwrapper on production devices.
Remove the old environment variable and property since they are not
necessary.
Test: Enable malloc debug using environment variable and verify
Test: that it only affects the commands launched from the shell.
Test: Enable malloc debug using the property variable and verify
Test: that it affects all commands.
Test: Run all unit tests in 32 bit and 64 bit.
Change-Id: Iecb75a3471552f619f196ad550c5f41fcd9ce8e5
This option adds the ability to record all of the allocation requests
and dump them to a file when a signal is sent to the process.
Included in this change, redo the option processing to add a new
string option.
Bug: 27747898
Change-Id: Ida043362e38b5eb1d459c99db9c2581015dab366
I changed the output from "pointer" to "allocation" for allocation
mismatches. I forgot to update the tests.
Bug: 28218530
Change-Id: I3278cb1dd17fb50ff7448c00e069c1af68ce5a57
The free track mechanism could fail if, at the same time a free occurs,
another thread is trying to free and verify the same allocation. This
doesn't work if the freed allocation is added to the list and we still
do work on it. The fix is to only add to the free list when we are done
with the allocation.
Also fix a problem where the usable size is computed incorrectly because
two of the arguments where reversed.
In addition, add a check that the allocation being verified has the correct
tag before trying to check the body of the allocation.
Add a test to catch the original failure.
Add a test for the tag being different.
Bug: 27601650
Change-Id: Ie9200677d066255b8e668a48422f23f909f4ddee
If the first option is found, then any unknown options are simply
ignored, but do not produce an error. Fixed this so that each
option found is actually verified to exist.
Bug: 27620263
Change-Id: If58732df3285eeae72188162c505e0e202fada8c
The over flow check for nmemb * bytes in debug_calloc is incorrect,
use the builtin overflow functions to check for multiplication and
addition overflow.
Change-Id: I3f1c13102621bc5380be1f69caa88dba2118f3cb
(cherry picked from commit 239838608d)
Change all of the hard-coded config values to be defined constants.
Also make sure to use these constants in the usage output.
Bug: 26739265
Change-Id: I597a6d71279a2df9cc7e98c42ac70224261bac99
I added the code to force alignments of 8 for 32 bit and 16 for 64 bit,
but I missed a couple of tests that failed due to this change. Fix the
failing tests.
Bug: 26739265
Change-Id: Ice9932d1419e59c07483c4c9fcdb84970844f0a6
In order to enforce this constraint:
The pointer returned if the allocation succeeds shall be suitably
aligned so that it may be assigned to a pointer to any type of object
and then used to access such an object in the space allocated.
Force all allocations on 32 bit systems to have 8 byte alignment,
and all allocations on 64 bit systems to have 16 byte alignment.
Add a test to verify that the allocator returns the correct alignments.
Bug: 26739265
Change-Id: I9af53279617408676b94e4ec6481b3ed7ffafc6a
Included in this change:
- Change the tag when a pointer is freed so it's easy to detect if
an already freed pointer is being used.
- Move the free backtrace out of the header. This backtrace is only
used under only some circumstances, so no need to allocate space
in all headers for it.
- Add new option free_track_backtrace_num_frames to specify how many
frames to record when the free occurs. This removes the dependency
on the backtrace option to get backtraces.
Bug: 26739265
Change-Id: I76f5209507dcf46af67ada162a7cb2bf282116f2
The major components of the rewrite:
- Completely remove the qemu shared library code. Nobody was using it
and it appears to have broken at some point.
- Adds the ability to enable/disable different options independently.
- Adds a new option that can enable the backtrace on alloc/free when
a process gets a specific signal.
- Adds a new way to enable malloc debug. If a special property is
set, and the process has an environment variable set, then debug
malloc will be enabled. This allows something that might be
a derivative of app_process to be started with an environment variable
being enabled.
- get_malloc_leak_info() used to return one element for each pointer that
had the exact same backtrace. The new version returns information for
every one of the pointers with same backtrace. It turns out ddms already
automatically coalesces these, so the old method simply hid the fact
that there where multiple pointers with the same amount of backtrace.
- Moved all of the malloc debug specific code into the library.
Nothing related to the malloc debug data structures remains in libc.
- Removed the calls to the debug malloc cleanup routine. Instead, I
added an atexit call with the debug malloc cleanup routine. This gets
around most problems related to the timing of doing the cleanup.
The new properties and environment variables:
libc.debug.malloc.options
Set by option name (such as "backtrace"). Setting this to a bad value
will cause a usage statement to be printed to the log.
libc.debug.malloc.program
Same as before. If this is set, then only the program named will
be launched with malloc debug enabled. This is not a complete match,
but if any part of the property is in the program name, malloc debug is
enabled.
libc.debug.malloc.env_enabled
If set, then malloc debug is only enabled if the running process has the
environment variable LIBC_DEBUG_MALLOC_ENABLE set.
Bug: 19145921
Change-Id: I7b0e58cc85cc6d4118173fe1f8627a391b64c0d7
