|
From: Brian C. <cr...@fi...> - 2005-10-17 21:03:36
|
"XXX" is uninitialized memory. Ints are assumed to be 4-byte:
a = { '0', '1', '2', '3', '4', '5', 6', '7', '8', '9', 0, XXX, XXX }
((int*)a + 9) = { ............................................RRR, RRR, RRR, RRR }
the last two bytes being read in the int dereference are uninitialized memory.
-- Brian
Yeshurun, Meir wrote:
> The following program generates an invalid read even when explicitly
> specifying --partial-loads-ok=yes. Am I missing something here?
>
> #include <cstring>
> #include <iostream>
>
> using namespace std;
>
> int main()
> {
> char *a = new char[11];
> strcpy(a, "0123456789");
> int b = *(int *)(a + 9);
> }
>
>
> Thanks,
>
> Meir
>
> -----Original Message-----
> From: val...@li...
> [mailto:val...@li...] On Behalf Of Tom
> Hughes
> Sent: Monday, October 17, 2005 9:07 PM
> To: val...@li...
> Subject: RE: [Valgrind-users] User error? - Valgrind 3 failing terribly
> compared to purify
>
> In message
> <942...@ha...>
> "Yeshurun, Meir" <mei...@in...> wrote:
>
>
>>There is one issue though: It looks like Valgrind reports partial
>
> loads
>
>>as errors by default. I think this shouldn't be the default behavior.
>
>
> Actually valgrind doesn't report any loads as errors - it only
> reports an error when you use an undefined value in a way that
> would effect the result of the program. In other words when a
> conditional jump depends on it or you use it as a pointer and
> read or write through that pointer.
>
> It tracks definedness at bit level, so a partial load will mark
> some bits as defined and leaves others alone. If you then later
> use one of the undefined bits it will complain.
>
> There are edge cases where it thinks a bit is used when it isn't
> really but they are rare.
>
> I think you need to explain what you mean more fully.
>
> Tom
>
|