From: Marion Guthmuller Date: Wed, 27 Jun 2012 15:27:21 +0000 (+0200) Subject: model-checker : detect valid block or fragment pointer as free function X-Git-Tag: v3_8~437 X-Git-Url: http://info.iut-bm.univ-fcomte.fr/pub/gitweb/simgrid.git/commitdiff_plain/4ce21c89522602e9ba23daa8d5e9f14b25a6afa3 model-checker : detect valid block or fragment pointer as free function --- diff --git a/src/xbt/mmalloc/mm_diff.c b/src/xbt/mmalloc/mm_diff.c index c0701553a2..b374c614c8 100644 --- a/src/xbt/mmalloc/mm_diff.c +++ b/src/xbt/mmalloc/mm_diff.c @@ -145,7 +145,7 @@ int mmalloc_compare_mdesc(struct mdesc *mdp1, struct mdesc *mdp2){ size_t i, j; void *addr_block1, *addr_block2, *addr_frag1, *addr_frag2; - size_t frag_size, frag_size_pointed; + size_t frag_size; i = 1; @@ -156,8 +156,8 @@ int mmalloc_compare_mdesc(struct mdesc *mdp1, struct mdesc *mdp2){ int pointer_align; void *address_pointed1, *address_pointed2; - int block_pointed1, block_pointed2; - void *addr_block_pointed1, *addr_block_pointed2, *addr_frag_pointed1, *addr_frag_pointed2; + int block_pointed1, block_pointed2, frag_pointed1, frag_pointed2; + void *addr_block_pointed1, *addr_block_pointed2; /* Check busy blocks*/ @@ -168,10 +168,11 @@ int mmalloc_compare_mdesc(struct mdesc *mdp1, struct mdesc *mdp2){ errors++; } - addr_block1 = (char*)heapbase1 + ((i-1)*BLOCKSIZE); + /* Get address of block i in each heap */ + addr_block1 = ((void*) (((ADDR2UINT(i)) - 1) * BLOCKSIZE + (char*)heapbase1)); xbt_assert(addr_block1 < breakval1, "Block address out of heap memory used"); - addr_block2 = (char*)heapbase2 + ((i-1)*BLOCKSIZE); + addr_block2 = ((void*) (((ADDR2UINT(i)) - 1) * BLOCKSIZE + (char*)heapbase2)); xbt_assert(addr_block2 < breakval2, "Block address out of heap memory used"); if(mdp1->heapinfo[i].type == 0){ /* busy large block */ @@ -191,84 +192,86 @@ int mmalloc_compare_mdesc(struct mdesc *mdp1, struct mdesc *mdp2){ /* Hamming distance on different blocks */ distance = 0; - //for(k=0;kheapinfo[i].busy_block.size * BLOCKSIZE;k++){ + for(k=0;kheapinfo[i].busy_block.busy_size;k++){ + if(memcmp(((char *)addr_block1) + k, ((char *)addr_block2) + k, 1) != 0){ + fprintf(stderr, "Different byte (offset=%d) (%p - %p) in block %zu\n", k, (char *)addr_block1 + k, (char *)addr_block2 + k, i); fflush(NULL); - pointer_align = (k / sizeof(void*)) * sizeof(void*); + + /* Check if pointer difference */ + pointer_align = (k >> sizeof(void*)) * sizeof(void*); address_pointed1 = *((void **)((char *)addr_block1 + pointer_align)); address_pointed2 = *((void **)((char *)addr_block2 + pointer_align)); - if(((address_pointed1 > (void *)s_heap) && (address_pointed1 < mdp1->breakval)) && ((address_pointed2 > (void *)s_heap) && (address_pointed2 < mdp2->breakval))){ - block_pointed1 = ((char*)address_pointed1 - (char*)((struct mdesc*)s_heap)->heapbase) % BLOCKSIZE; - block_pointed2 = ((char*)address_pointed2 - (char*)((struct mdesc*)s_heap)->heapbase) % BLOCKSIZE; - if((block_pointed1 == 0) && (block_pointed2 == 0)){ - block_pointed1 = ((char*)address_pointed1 - (char*)((struct mdesc*)s_heap)->heapbase) / BLOCKSIZE + 1; - block_pointed2 = ((char*)address_pointed2 - (char*)((struct mdesc*)s_heap)->heapbase) / BLOCKSIZE + 1; - if(mdp1->heapinfo[block_pointed1].type == mdp2->heapinfo[block_pointed2].type){ - if(mdp1->heapinfo[block_pointed1].type == 0){ // Large block - if(mdp1->heapinfo[block_pointed1].busy_block.busy_size == mdp2->heapinfo[block_pointed2].busy_block.busy_size){ - addr_block_pointed1 = (char*)heapbase1 + ((block_pointed1 - 1)*BLOCKSIZE); - addr_block_pointed2 = (char*)heapbase2 + ((block_pointed2 - 1)*BLOCKSIZE); - if(memcmp(addr_block_pointed1, addr_block_pointed2, mdp1->heapinfo[block_pointed1].busy_block.busy_size) != 0){ - distance++; - }else{ - fprintf(stderr, "False difference detected\n"); - } - }else{ - distance++; - } - }else{ // Fragmented block - addr_block_pointed1 = (char*)mdp1 + ((char *)address_pointed1 - (char *)s_heap); - addr_block_pointed2 = (char*)mdp2 + ((char *)address_pointed2 - (char *)s_heap); - if(mdp1->heapinfo[block_pointed1].busy_frag.frag_size[0] == mdp2->heapinfo[block_pointed2].busy_frag.frag_size[0]){ - if(memcmp(addr_block_pointed1, addr_block_pointed2, mdp1->heapinfo[block_pointed1].busy_frag.frag_size[0]) != 0){ - fprintf(stderr, "Pointed fragments are different \n"); - distance++; - }else{ - fprintf(stderr, "False difference detected\n"); - } - }else{ - fprintf(stderr, "Different size of pointed fragments\n"); - distance ++; - } + + fprintf(stderr, "Addresses pointed : %p - %p\n", address_pointed1, address_pointed2); + + block_pointed1 = ((char*)address_pointed1 - (char*)((struct mdesc*)s_heap)->heapbase) / BLOCKSIZE + 1; + block_pointed2 = ((char*)address_pointed2 - (char*)((struct mdesc*)s_heap)->heapbase) / BLOCKSIZE + 1; + + fprintf(stderr, "Blocks pointed : %d - %d\n", block_pointed1, block_pointed2); + + if((char *) address_pointed1 < (char*)((struct mdesc*)s_heap)->heapbase || block_pointed1 > mdp1->heapsize || block_pointed1 < 1 || (char *) address_pointed2 < (char*)((struct mdesc*)s_heap)->heapbase || block_pointed2 > mdp2->heapsize || block_pointed2 < 1) { + fprintf(stderr, "Unknown pointer ! \n"); + fflush(NULL); + distance++; + continue; + } + + addr_block_pointed1 = ((void*) (((ADDR2UINT((size_t)block_pointed1)) - 1) * BLOCKSIZE + (char*)heapbase1)); + addr_block_pointed2 = ((void*) (((ADDR2UINT((size_t)block_pointed2)) - 1) * BLOCKSIZE + (char*)heapbase2)); + + if(mdp1->heapinfo[block_pointed1].type == mdp2->heapinfo[block_pointed2].type){ + + if(mdp1->heapinfo[block_pointed1].type == 0){ // Large block + + if(mdp1->heapinfo[block_pointed1].busy_block.busy_size == mdp2->heapinfo[block_pointed2].busy_block.busy_size){ + + if(memcmp(addr_block_pointed1, addr_block_pointed2, mdp1->heapinfo[block_pointed1].busy_block.busy_size) != 0){ + distance++; + }else{ + fprintf(stderr, "False difference detected\n"); } + }else{ - fprintf(stderr, "Pointers on blocks with different types \n"); distance++; } - }else{ - block_pointed1 = ((char*)address_pointed1 - (char*)((struct mdesc*)s_heap)->heapbase) / BLOCKSIZE + 1; - block_pointed2 = ((char*)address_pointed2 - (char*)((struct mdesc*)s_heap)->heapbase) / BLOCKSIZE + 1; - if((mdp1->heapinfo[block_pointed1].type == mdp2->heapinfo[block_pointed2].type) && (mdp1->heapinfo[block_pointed1].type > 0)){ - addr_block_pointed1 = (char*)((struct mdesc*)s_heap)->heapbase + ((block_pointed1 - 1)*BLOCKSIZE); - addr_block_pointed2 = (char*)((struct mdesc*)s_heap)->heapbase + ((block_pointed2 - 1)*BLOCKSIZE); - frag_size_pointed = pow (2,mdp1->heapinfo[block_pointed1].type); - if((((char*)address_pointed1 - (char*)addr_block_pointed1) % frag_size_pointed == 0) && (((char*)address_pointed2 - (char*)addr_block_pointed2) % frag_size_pointed == 0)){ - addr_frag_pointed1 = (char *)heapbase1 + ((char*)address_pointed1 - (char*)((struct mdesc*)s_heap)->heapbase); - addr_frag_pointed2 = (char *)heapbase2 + ((char*)address_pointed2 - (char*)((struct mdesc*)s_heap)->heapbase); - if(memcmp(addr_frag_pointed1, addr_frag_pointed2, frag_size_pointed) != 0){ - distance++; - }else{ - fprintf(stderr, "False difference detected\n"); - fflush(NULL); - } - }else{ - fprintf(stderr, "Pointed addresses (%p - %p) not valid \n", address_pointed1, address_pointed2); - fflush(NULL); + + }else{ // Fragmented block + + frag_pointed1 = ((char *)address_pointed1 - (char *)((void*) (((ADDR2UINT((size_t)block_pointed1)) - 1) * BLOCKSIZE + (char*)((struct mdesc*)s_heap)->heapbase))) / pow( 2, mdp1->heapinfo[block_pointed1].type); + frag_pointed2 = ((char *)address_pointed2 - (char *)((void*) (((ADDR2UINT((size_t)block_pointed2)) - 1) * BLOCKSIZE + (char*)((struct mdesc*)s_heap)->heapbase))) / pow( 2, mdp1->heapinfo[block_pointed1].type); + + fprintf(stderr, "Fragments pointed : %d - %d\n", frag_pointed1, frag_pointed2); + + if((frag_pointed1 < 0) || (frag_pointed1 > (BLOCKSIZE / pow( 2, mdp1->heapinfo[block_pointed1].type))) || (frag_pointed2 < 0) || (frag_pointed2 > (BLOCKSIZE / pow( 2, mdp1->heapinfo[block_pointed1].type)))){ + fprintf(stderr, "Unknown pointer ! \n"); + fflush(NULL); + distance++; + continue; + } + + fprintf(stderr, "Size used in fragments pointed : %d - %d\n", mdp1->heapinfo[block_pointed1].busy_frag.frag_size[frag_pointed1], mdp2->heapinfo[block_pointed2].busy_frag.frag_size[frag_pointed2]); + + if(mdp1->heapinfo[block_pointed1].busy_frag.frag_size[frag_pointed1] == mdp2->heapinfo[block_pointed2].busy_frag.frag_size[frag_pointed2]){ + + if(memcmp(addr_block_pointed1, addr_block_pointed2, mdp1->heapinfo[block_pointed1].busy_frag.frag_size[frag_pointed1]) != 0){ distance++; + }else{ + fprintf(stderr, "False difference detected\n"); } + }else{ - fprintf(stderr, "Pointed addresses (%p - %p) not valid \n", address_pointed1, address_pointed2); - fflush(NULL); - distance++; + distance ++; } } + }else{ - fprintf(stderr, "Pointed addresses (%p - %p) not in std_heap\n", address_pointed1, address_pointed2); - fflush(NULL); + fprintf(stderr, "Pointers on blocks with different types \n"); distance++; } } + } @@ -323,80 +326,81 @@ int mmalloc_compare_mdesc(struct mdesc *mdp1, struct mdesc *mdp2){ /* Hamming distance on different blocks */ distance = 0; - //for(k=0;kheapinfo[i].busy_frag.frag_size[j];k++){ + if(memcmp(((char *)addr_frag1) + k, ((char *)addr_frag2) + k, 1) != 0){ + fprintf(stderr, "Different byte (offset=%d) (%p - %p) in fragment %zu in block %zu\n", k, (char *)addr_frag1 + k, (char *)addr_frag2 + k, j, i); fflush(NULL); + pointer_align = (k / sizeof(void*)) * sizeof(void*); address_pointed1 = *((void **)((char *)addr_frag1 + pointer_align)); address_pointed2 = *((void **)((char *)addr_frag2 + pointer_align)); - if(((address_pointed1 > (void *)s_heap) && (address_pointed1 < mdp1->breakval)) && ((address_pointed2 > (void *)s_heap) && (address_pointed2 < mdp2->breakval))){ - block_pointed1 = ((char*)address_pointed1 - (char*)((struct mdesc*)s_heap)->heapbase) % BLOCKSIZE; - block_pointed2 = ((char*)address_pointed2 - (char*)((struct mdesc*)s_heap)->heapbase) % BLOCKSIZE; - if((block_pointed1 == 0) && (block_pointed2 == 0)){ - block_pointed1 = ((char*)address_pointed1 - (char*)((struct mdesc*)s_heap)->heapbase) / BLOCKSIZE + 1; - block_pointed2 = ((char*)address_pointed2 - (char*)((struct mdesc*)s_heap)->heapbase) / BLOCKSIZE + 1; - if(mdp1->heapinfo[block_pointed1].type == mdp2->heapinfo[block_pointed2].type){ - if(mdp1->heapinfo[block_pointed1].type == 0){ // Large block - if(mdp1->heapinfo[block_pointed1].busy_block.busy_size == mdp2->heapinfo[block_pointed2].busy_block.busy_size){ - addr_block_pointed1 = (char*)heapbase1 + ((block_pointed1 - 1)*BLOCKSIZE); - addr_block_pointed2 = (char*)heapbase2 + ((block_pointed2 - 1)*BLOCKSIZE); - fprintf(stderr, "Memcmp between blocks %d and %d (size = %zu)\n", block_pointed1, block_pointed2, mdp1->heapinfo[block_pointed1].busy_block.busy_size); - if(memcmp(addr_block_pointed1, addr_block_pointed2, mdp1->heapinfo[block_pointed1].busy_block.busy_size) != 0){ - distance++; - }else{ - fprintf(stderr, "False difference detected\n"); - } - }else{ - distance++; - } - }else{ // Fragmented block - addr_block_pointed1 = (char*)mdp1 + ((char *)address_pointed1 - (char *)s_heap); - addr_block_pointed2 = (char*)mdp2 + ((char *)address_pointed2 - (char *)s_heap); - if(mdp1->heapinfo[block_pointed1].busy_frag.frag_size[0] == mdp2->heapinfo[block_pointed2].busy_frag.frag_size[0]){ - if(memcmp(addr_block_pointed1, addr_block_pointed2, mdp1->heapinfo[block_pointed1].busy_frag.frag_size[0]) != 0){ - distance++; - }else{ - fprintf(stderr, "False difference detected\n"); - } - }else{ - distance ++; - } + + fprintf(stderr, "Addresses pointed : %p - %p\n", address_pointed1, address_pointed2); + + block_pointed1 = ((char*)address_pointed1 - (char*)((struct mdesc*)s_heap)->heapbase) / BLOCKSIZE + 1; + block_pointed2 = ((char*)address_pointed2 - (char*)((struct mdesc*)s_heap)->heapbase) / BLOCKSIZE + 1; + + fprintf(stderr, "Blocks pointed : %d - %d\n", block_pointed1, block_pointed2); + + if((char *) address_pointed1 < (char*)((struct mdesc*)s_heap)->heapbase || block_pointed1 > mdp1->heapsize || block_pointed1 < 1 || (char *) address_pointed2 < (char*)((struct mdesc*)s_heap)->heapbase || block_pointed2 > mdp2->heapsize || block_pointed2 < 1) { + fprintf(stderr, "Unknown pointer ! \n"); + fflush(NULL); + distance++; + continue; + } + + addr_block_pointed1 = ((void*) (((ADDR2UINT((size_t)block_pointed1)) - 1) * BLOCKSIZE + (char*)heapbase1)); + addr_block_pointed2 = ((void*) (((ADDR2UINT((size_t)block_pointed2)) - 1) * BLOCKSIZE + (char*)heapbase2)); + + if(mdp1->heapinfo[block_pointed1].type == mdp2->heapinfo[block_pointed2].type){ + + if(mdp1->heapinfo[block_pointed1].type == 0){ // Large block + + if(mdp1->heapinfo[block_pointed1].busy_block.busy_size == mdp2->heapinfo[block_pointed2].busy_block.busy_size){ + + if(memcmp(addr_block_pointed1, addr_block_pointed2, mdp1->heapinfo[block_pointed1].busy_block.busy_size) != 0){ + distance++; + }else{ + fprintf(stderr, "False difference detected\n"); } + }else{ - fprintf(stderr, "Pointers on blocks with different types \n"); distance++; } - }else{ - block_pointed1 = ((char*)address_pointed1 - (char*)((struct mdesc*)s_heap)->heapbase) / BLOCKSIZE + 1; - block_pointed2 = ((char*)address_pointed2 - (char*)((struct mdesc*)s_heap)->heapbase) / BLOCKSIZE + 1; - if((mdp1->heapinfo[block_pointed1].type == mdp2->heapinfo[block_pointed2].type) && (mdp1->heapinfo[block_pointed1].type > 0)){ - addr_block_pointed1 = (char*)((struct mdesc*)s_heap)->heapbase + ((block_pointed1 - 1)*BLOCKSIZE); - addr_block_pointed2 = (char*)((struct mdesc*)s_heap)->heapbase + ((block_pointed2 - 1)*BLOCKSIZE); - frag_size_pointed = pow (2,mdp1->heapinfo[block_pointed1].type); - if((((char*)address_pointed1 - (char*)addr_block_pointed1) % frag_size_pointed == 0) && (((char*)address_pointed2 - (char*)addr_block_pointed2) % frag_size_pointed == 0)){ - addr_frag_pointed1 = (char *)heapbase1 + ((char*)address_pointed1 - (char*)((struct mdesc*)s_heap)->heapbase); - addr_frag_pointed2 = (char *)heapbase2 + ((char*)address_pointed2 - (char*)((struct mdesc*)s_heap)->heapbase); - if(memcmp(addr_frag_pointed1, addr_frag_pointed2, frag_size_pointed) != 0){ - distance++; - }else{ - fprintf(stderr, "False difference detected\n"); - fflush(NULL); - } - }else{ - fprintf(stderr, "Pointed addresses (%p - %p) not valid \n", address_pointed1, address_pointed2); - fflush(NULL); + + }else{ // Fragmented block + + frag_pointed1 = ((char *)address_pointed1 - (char *)((void*) (((ADDR2UINT((size_t)block_pointed1)) - 1) * BLOCKSIZE + (char*)((struct mdesc*)s_heap)->heapbase))) / pow( 2, mdp1->heapinfo[block_pointed1].type); + frag_pointed2 = ((char *)address_pointed2 - (char *)((void*) (((ADDR2UINT((size_t)block_pointed2)) - 1) * BLOCKSIZE + (char*)((struct mdesc*)s_heap)->heapbase))) / pow( 2, mdp1->heapinfo[block_pointed1].type); + + fprintf(stderr, "Fragments pointed : %d - %d\n", frag_pointed1, frag_pointed2); + + if((frag_pointed1 < 0) || (frag_pointed1 > (BLOCKSIZE / pow( 2, mdp1->heapinfo[block_pointed1].type))) || (frag_pointed2 < 0) || (frag_pointed2 > (BLOCKSIZE / pow( 2, mdp1->heapinfo[block_pointed1].type)))){ + fprintf(stderr, "Unknown pointer ! \n"); + fflush(NULL); + distance++; + continue; + } + + fprintf(stderr, "Size used in fragments pointed : %d - %d\n", mdp1->heapinfo[block_pointed1].busy_frag.frag_size[frag_pointed1], mdp2->heapinfo[block_pointed2].busy_frag.frag_size[frag_pointed2]); + + if(mdp1->heapinfo[block_pointed1].busy_frag.frag_size[frag_pointed1] == mdp2->heapinfo[block_pointed2].busy_frag.frag_size[frag_pointed2]){ + + if(memcmp(addr_block_pointed1, addr_block_pointed2, mdp1->heapinfo[block_pointed1].busy_frag.frag_size[frag_pointed1]) != 0){ distance++; + }else{ + fprintf(stderr, "False difference detected\n"); } + }else{ - fprintf(stderr, "Pointed addresses (%p - %p) not valid \n", address_pointed1, address_pointed2); - fflush(NULL); - distance++; + distance ++; } } + }else{ - fprintf(stderr, "Pointed addresses (%p - %p) not in std_heap\n", address_pointed1, address_pointed2); - fflush(NULL); + fprintf(stderr, "Pointers on blocks with different types \n"); distance++; } }