[Valgrind-users] 答复: [help]There is question about valgrind with clang 5.0

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Hi
                Is there any guy focus on this issue?
BR
Owen

发件人: Wuweijia
发送时间: 2018年2月28日 15:16
收件人: val...@li...
抄送: Fanbohao <fan...@hu...>
主题: [help]There is question about valgrind with clang 5.0

Hi
                I write android  aarch32 demo , and run with valgrind, It show me invalidate write about the stack. Sorry I can not get it.

                The source as below:
#include <stdio.h>
#include <stdlib.h>
#include <string.h>

typedef struct {
                                int d[16];
                                int v[32];
}C1;

int main(int argc, char ** argv) {
                C1 c, d, e;
                memset(&c, 0, sizeof(c));
                d = c;-----------------When compile this line , clang auto-generate the calling aebi_memcpy
                e = d;
                printf("e.d[1]=%d\n", e.d[1]);
                return 0;
}

                The error as below:
==2912== Invalid write of size 4
==2912==    at 0x4ACB8D0: memcpy (vg_replace_strmem.c:1019)
==2912==    by 0x48CD64B: __aeabi_memcpy (__aeabi.c:73)
==2912==    by 0x108719: main (test.cpp:13)
==2912==  Address 0xfe80035c is on thread 1's stack
==2912==  28 bytes below stack pointer--------------This line show me the memcpy over-write the stack memory
==2912==
==2912== Invalid write of size 4
==2912==    at 0x4ACB8D0: memcpy (vg_replace_strmem.c:1019)
==2912==    by 0x48CD64B: __aeabi_memcpy (__aeabi.c:73)
==2912==    by 0x108723: main (test.cpp:14)
==2912==  Address 0xfe80035c is on thread 1's stack
==2912==  28 bytes below stack pointer

                And then, I modify the source about libc,  I write the llt_memcpy function , replace the calling  memcpy of  __aeabi_memcpyX_impl ‘s implemention with calling llt_memcpy. And run it with valgrind , there is no error .

The modified source as below:
static void * llt_memcpy(void *dst, const void * src, size_t n) {
                char  * d = (char *)dst, *s = (char *)src;
                size_t i = 0;
                for( i = 0; i < n; i++) {
                                d[i] = s[i];
                }
                return dst;
}
void __attribute__((weak)) __aeabi_memcpy8_impl(void *dest, const void *src, size_t n) {
   memcpy(dest, src, n); ---->llt_memcpy(dest, src, n);
}

void __attribute__((weak)) __aeabi_memcpy4_impl(void *dest, const void *src, size_t n) {
   memcpy(dest, src, n); ---->llt_memcpy(dest, src, n);
}

void __attribute__((weak)) __aeabi_memcpy_impl(void *dest, const void *src, size_t n) {
    memcpy(dest, src, n); ---->llt_memcpy(dest, src, n);
}

void __attribute__((weak)) __aeabi_memcpy8_impl2(void *dest, const void *src, size_t n) {
    memcpy(dest, src, n); ----> llt_memcpy(dest, src, n);
}

void __attribute__((weak)) __aeabi_memcpy4_impl2(void *dest, const void *src, size_t n) {
   memcpy(dest, src, n); ----> llt_memcpy(dest, src, n);
}

void __attribute__((weak)) __aeabi_memcpy_impl2(void *dest, const void *src, size_t n) {
   memcpy(dest, src, n); ----> llt_memcpy(dest, src, n);
}

And I pack the runtime with(libc_memcpy.so and libc_llt_memcy.so)

Please note I call memcpy directly ( not via aeabi_memcpyX),  that is okay. No error occurs.

Is there some thing relate to place-holder about memcpy when valgrind pre-loading?

Env:
OS: android
CPU : AARCH64
Compile toolchain: NDK15C(clang 5.0)
ABI: armeabi-v7a(32-bit)
valgrind version: 3.12

BR
Owen