Re: [Valgrind-users] invalid write, phantom memory errors?

[Jeremy F. <je...@go...>]

On Thu, 2003-10-23 at 12:31, Russ Fink wrote:
> Hello,
> 
> I'm getting some strange message (aren't we all) that I'm having trouble 
> with understanding.  I'm doing a memset(0) on a pointer prior to calling 
> free().  Valgrind complains it's an invalid write of size 4.  However, if I 
> reduce the memset by ONE byte, I don't get any invalid write at all.  Here 
> is the message:
> 
> ==28655== Invalid write of size 4
> ==28655==    at 0x402E426D: memset (../sysdeps/i386/memset.c:65)
> ==28655==    by 0x804C9F9: delete_foo (foo.c:80)
> ==28655==    by 0x804B1ED: process_bar (bar.c:606)
> ==28655==    Address 0x40D6DA00 is 0 bytes after a block of size 96 alloc'd
> ==28655==    at 0x4002B905: malloc (vg_replace_malloc.c:153)
> ==28655==    by 0x804C99F: new_foo (foo.c:66)
> ==28655==
> 
> If I change the memset from memset(foo, 0, sizeof(foo_struct)) to 
> memset(foo, 0, sizeof(foo_struct)-1), I get no error.  I would expect to get 
> "invalid write of size 3" if in fact this memset is the problem.

The "size 4" means that it was a 4-byte (ie 32-bit) store instruction.

> Is this a case of a phantom memory error, where there's a memory error 
> somewhere else but is being reported as an error with the memset?
> 
> If so, what can I do about tracking this down?  Can you suggest any 
> strategies that have worked for you?

This looks like you allocated too little memory for foo.  Maybe you
changed the definition of foo_struct, but you didn't recompile the code
which allocates it, so the allocated block is a bit too small?

Or it could be a bug in memset, (or it being a bit too clever).  I
thought we intercepted memset?

	J