[Bug 852760]

Sun Aug 5 11:41:38 UTC 2012

Hi all,

I think I'm also seeing false positives because of vectorization, that
unfortunately decreases the usefulness of valgrind. Below is a minimal
working example that reproduces problems with std::string. The code is
basically extracted from a library I was using (casacore 1.5) and in my
software it generates a lot of incorrect "invalid read"s, although the
library seems to be valid (although inherriting from string would not be
my preferred solution). I hope this example is of use for evaluating the
problem further.

#include <string>
#include <iostream>
#include <cstring>

#include <malloc.h>

class StringAlt : public std::string
{
public:
  StringAlt(const char *c) : std::string(c) { }
  void operator=(const char *c) { std::string::operator=(c);  }
};

typedef StringAlt StringImp;
//typedef std::string StringImp; //<-- replacing prev with this also solves issue

int main(int argc, char *argv[])
{
  const char *a1 = "blaaa";
  char *a2 = strdup(a1);
  a2[2] = 0;
  StringImp s(a1);
  std::cout << "Assign A2\n";
  s = a2;
  std::cout << s << '\n';

  std::cout << "Assign A1\n";
  s = a1;
  std::cout << s << '\n';

  char *a3 = strdup(s.c_str());
  std::cout << "Assign A3\n";
  s = a3;
  std::cout << s << '\n';

  free(a2);
  free(a3);
}

Compiled with g++ Debian 4.7.1-2, with "-O2" or "-O3" results in the
error below. With "-O0", it works fine. Changing the order of statements
can also cause the error to disappear, which makes it very hard to
debug. Output:

Assign A2                                                                                  
bl                                                               
Assign A1                                              
blaaa                                         
Assign A3             
==20872== Invalid read of size 4 
==20872==    at 0x400C5C: main (in /home/anoko/projects/test/test)                           
==20872==  Address 0x59550f4 is 4 bytes inside a block of size 6 alloc'd     
==20872==    at 0x4C28BED: malloc (vg_replace_malloc.c:263)     
==20872==    by 0x564D911: strdup (strdup.c:43)     
==20872==    by 0x400C46: main (in /home/anoko/projects/test/test)                 
==20872==                                                                                                                                                   
blaaa

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to valgrind in Ubuntu.
https://bugs.launchpad.net/bugs/852760

Title:
  valgrind false positives on gcc-generated string routines

Status in Valgrind:
  New
Status in “valgrind” package in Ubuntu:
  New
Status in “valgrind” package in ALT Linux:
  New
Status in “valgrind” package in Fedora:
  Unknown

Bug description:
  #include <string.h>
  #include <stdio.h>
  #include <stdlib.h>

  main()
  {
      char *a = malloc(1);
      a[0] = '\0';
      printf("%lu\n", (unsigned long)strlen(a));
  }

  Compile with "gcc -O2" and run valgrind.

  ==5977== Invalid read of size 4
  ==5977==    at 0x400494: main (x.c:9)
  ==5977==  Address 0x51ce040 is 0 bytes inside a block of size 1 alloc'd
  ==5977==    at 0x4C28F9F: malloc (vg_replace_malloc.c:236)
  ==5977==    by 0x40048D: main (x.c:7)

To manage notifications about this bug go to:
https://bugs.launchpad.net/valgrind/+bug/852760/+subscriptions