Menu
▾
▴
valgrind-users — General discussion list for Valgrind users
You can subscribe to this list here.
| 2003 |
Jan
|
Feb
|
Mar
(58) |
Apr
(261) |
May
(169) |
Jun
(214) |
Jul
(201) |
Aug
(219) |
Sep
(198) |
Oct
(203) |
Nov
(241) |
Dec
(94) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2004 |
Jan
(137) |
Feb
(149) |
Mar
(150) |
Apr
(193) |
May
(95) |
Jun
(173) |
Jul
(137) |
Aug
(236) |
Sep
(157) |
Oct
(150) |
Nov
(136) |
Dec
(90) |
| 2005 |
Jan
(139) |
Feb
(130) |
Mar
(274) |
Apr
(138) |
May
(184) |
Jun
(152) |
Jul
(261) |
Aug
(409) |
Sep
(239) |
Oct
(241) |
Nov
(260) |
Dec
(137) |
| 2006 |
Jan
(191) |
Feb
(142) |
Mar
(169) |
Apr
(75) |
May
(141) |
Jun
(169) |
Jul
(131) |
Aug
(141) |
Sep
(192) |
Oct
(176) |
Nov
(142) |
Dec
(95) |
| 2007 |
Jan
(98) |
Feb
(120) |
Mar
(93) |
Apr
(96) |
May
(95) |
Jun
(65) |
Jul
(62) |
Aug
(56) |
Sep
(53) |
Oct
(95) |
Nov
(106) |
Dec
(87) |
| 2008 |
Jan
(58) |
Feb
(149) |
Mar
(175) |
Apr
(110) |
May
(106) |
Jun
(72) |
Jul
(55) |
Aug
(89) |
Sep
(26) |
Oct
(96) |
Nov
(83) |
Dec
(93) |
| 2009 |
Jan
(97) |
Feb
(106) |
Mar
(74) |
Apr
(64) |
May
(115) |
Jun
(83) |
Jul
(137) |
Aug
(103) |
Sep
(56) |
Oct
(59) |
Nov
(61) |
Dec
(37) |
| 2010 |
Jan
(94) |
Feb
(71) |
Mar
(53) |
Apr
(105) |
May
(79) |
Jun
(111) |
Jul
(110) |
Aug
(81) |
Sep
(50) |
Oct
(82) |
Nov
(49) |
Dec
(21) |
| 2011 |
Jan
(87) |
Feb
(105) |
Mar
(108) |
Apr
(99) |
May
(91) |
Jun
(94) |
Jul
(114) |
Aug
(77) |
Sep
(58) |
Oct
(58) |
Nov
(131) |
Dec
(62) |
| 2012 |
Jan
(76) |
Feb
(93) |
Mar
(68) |
Apr
(95) |
May
(62) |
Jun
(109) |
Jul
(90) |
Aug
(87) |
Sep
(49) |
Oct
(54) |
Nov
(66) |
Dec
(84) |
| 2013 |
Jan
(67) |
Feb
(52) |
Mar
(93) |
Apr
(65) |
May
(33) |
Jun
(34) |
Jul
(52) |
Aug
(42) |
Sep
(52) |
Oct
(48) |
Nov
(66) |
Dec
(14) |
| 2014 |
Jan
(66) |
Feb
(51) |
Mar
(34) |
Apr
(47) |
May
(58) |
Jun
(27) |
Jul
(52) |
Aug
(41) |
Sep
(78) |
Oct
(30) |
Nov
(28) |
Dec
(26) |
| 2015 |
Jan
(41) |
Feb
(42) |
Mar
(20) |
Apr
(73) |
May
(31) |
Jun
(48) |
Jul
(23) |
Aug
(55) |
Sep
(36) |
Oct
(47) |
Nov
(48) |
Dec
(41) |
| 2016 |
Jan
(32) |
Feb
(34) |
Mar
(33) |
Apr
(22) |
May
(14) |
Jun
(31) |
Jul
(29) |
Aug
(41) |
Sep
(17) |
Oct
(27) |
Nov
(38) |
Dec
(28) |
| 2017 |
Jan
(28) |
Feb
(30) |
Mar
(16) |
Apr
(9) |
May
(27) |
Jun
(57) |
Jul
(28) |
Aug
(43) |
Sep
(31) |
Oct
(20) |
Nov
(24) |
Dec
(18) |
| 2018 |
Jan
(34) |
Feb
(50) |
Mar
(18) |
Apr
(26) |
May
(13) |
Jun
(31) |
Jul
(13) |
Aug
(11) |
Sep
(15) |
Oct
(12) |
Nov
(18) |
Dec
(13) |
| 2019 |
Jan
(12) |
Feb
(29) |
Mar
(51) |
Apr
(22) |
May
(13) |
Jun
(20) |
Jul
(13) |
Aug
(12) |
Sep
(21) |
Oct
(6) |
Nov
(9) |
Dec
(5) |
| 2020 |
Jan
(13) |
Feb
(5) |
Mar
(25) |
Apr
(4) |
May
(40) |
Jun
(27) |
Jul
(5) |
Aug
(17) |
Sep
(21) |
Oct
(1) |
Nov
(5) |
Dec
(15) |
| 2021 |
Jan
(28) |
Feb
(6) |
Mar
(11) |
Apr
(5) |
May
(7) |
Jun
(8) |
Jul
(5) |
Aug
(5) |
Sep
(11) |
Oct
(9) |
Nov
(10) |
Dec
(12) |
| 2022 |
Jan
(7) |
Feb
(13) |
Mar
(8) |
Apr
(7) |
May
(12) |
Jun
(27) |
Jul
(14) |
Aug
(27) |
Sep
(27) |
Oct
(17) |
Nov
(17) |
Dec
|
| 2023 |
Jan
(10) |
Feb
(18) |
Mar
(9) |
Apr
(26) |
May
|
Jun
(13) |
Jul
(18) |
Aug
(5) |
Sep
(12) |
Oct
(16) |
Nov
(1) |
Dec
|
| 2024 |
Jan
(4) |
Feb
(3) |
Mar
(6) |
Apr
(17) |
May
(2) |
Jun
(33) |
Jul
(13) |
Aug
(1) |
Sep
(6) |
Oct
(8) |
Nov
(6) |
Dec
(15) |
| 2025 |
Jan
(5) |
Feb
(11) |
Mar
(8) |
Apr
(20) |
May
(1) |
Jun
|
Jul
|
Aug
(9) |
Sep
(1) |
Oct
|
Nov
|
Dec
|
|
From: Paul F. <pj...@wa...> - 2024-07-05 20:19:17
|
On 04-07-24 14:26, Thomas Wollenzin wrote: > Hi, > > I was wondering whether there are other ways of communication for the > Valgrind community. In particular I'm thinking Slack or Discord? The main problem that I see with these platforms is that the perceived ease of access means that there are a lot of low quality questions without any follow-up from the OP. We use Slack at work. It's OK, but then it's not a public forum. I recently tried using the ARM Discord server. There are many channels and the busy ones are flooded with noise. I don't find it to be a good way to communicate. There is a Discord server for the macOS Valgrind port, which is even quieter than IRC. I also use Mattermost which is fairly good. It's used by WG21 for C++ standardization. It seems like what I'm saying is the better ones have restricted access. That wouldn't be much use for Valgrind. A+ Paul |
|
From: Mark W. <ma...@kl...> - 2024-07-04 15:58:30
|
Hi Thomas, On Thu, 2024-07-04 at 14:26 +0000, Thomas Wollenzin wrote: > I was wondering whether there are other ways of communication for the Valgrind community. We do have mailinglists. And there is an IRC channel for Valgrind developers: #valgrind-dev at irc.libera.chat but users are also more than welcome. See https://valgrind.org/support/mailing_lists.html And of course bugzilla: https://valgrind.org/support/bug_reports.html > In particular I'm thinking Slack or Discord? Slack and Discord are proprietary platforms. Please don't use them for free software projects. Good background, plus alternatives, is here: https://drewdevault.com/2021/12/28/Dont-use-Discord-for-FOSS.html Cheers, Mark |
|
From: Thomas W. <wol...@ms...> - 2024-07-04 14:42:05
|
Hi, I was wondering whether there are other ways of communication for the Valgrind community. In particular I'm thinking Slack or Discord? Cheers, Thomas |
|
From: Thomas W. <wol...@ms...> - 2024-07-03 16:07:14
|
Thanks for the reply, Julian. I indeed might have looked at an incomplete report. After having worked with helgrind a few more days things make more sense now. Cheers, Thomas ________________________________ From: Julian Seward <jse...@gm...> Sent: Friday, June 28, 2024 12:44 PM To: Thomas Wollenzin <wol...@ms...>; val...@li... <val...@li...> Subject: Re: [Valgrind-users] helgrind question regarding 'Possible data race during write of size 8' At least in the text you included, there's nothing that indicates what the the other thread/access is. We have: > Possible data race during write of size 8 at 0x58EEC60 by thread #1 > Locks held: none and these, but they just tell you about the data address involved in the race: > Address 0x58eec60 is 160 bytes inside a block of size 408 alloc'd > at 0x484BF58: operator new(unsigned long) (vg_replace_malloc.c:487) > Block was alloc'd by thread #1 There should be yet another stack which shows where the conflicting access in the "other" thread is. J |
|
From: Julian S. <jse...@gm...> - 2024-06-28 10:44:59
|
At least in the text you included, there's nothing that indicates what the the other thread/access is. We have: > Possible data race during write of size 8 at 0x58EEC60 by thread #1 > Locks held: none and these, but they just tell you about the data address involved in the race: > Address 0x58eec60 is 160 bytes inside a block of size 408 alloc'd > at 0x484BF58: operator new(unsigned long) (vg_replace_malloc.c:487) > Block was alloc'd by thread #1 There should be yet another stack which shows where the conflicting access in the "other" thread is. J |
|
From: Thomas W. <wol...@ms...> - 2024-06-28 10:10:42
|
Hi, I'm running helgrind against our code base and see this report. I once again cannot include all the code due to its proprietary and disclosed nature. Possible data race during write of size 8 at 0x58EEC60 by thread #1 Locks held: none at 0x4A87603: ... by 0xE818EB4: ... by 0xE816B04: ... by 0xE816ABE: ... by 0xDD80701: ... by 0xDD80701: ... by 0xDD1FF8C: ... by 0x42503E: ... by 0x4263B0: ... by 0x4267E6: ... Address 0x58eec60 is 160 bytes inside a block of size 408 alloc'd at 0x484BF58: operator new(unsigned long) (vg_replace_malloc.c:487) by 0xE816395: ... by 0xE8143DC: ... by 0xE8143DC: ... by 0x4A64C49: ... by 0xDD7427A: ... by 0xDD7E472: ... by 0xDD7E58E: ... by 0xDD1FF8C: ... by 0x42503E: ... by 0x4263B0: ... by 0x4267E6: ... Block was alloc'd by thread #1 I'm a bit confused as to how this can be a data race if there's only the main thread involved. Could this be a false positive or how do I read this report correctly? Thanks, Thomas |
|
From: Paul F. <pj...@wa...> - 2024-06-24 05:40:37
|
On 23-06-24 15:43, Mark Wielaard wrote: > Hi all, > > On Thu, Nov 16, 2023 at 08:22:33PM +0100, Mark Wielaard wrote: >> Valgrind is more than 20 years old and we have been collecting >> bugs slightly faster than we have been able to close them. Which means >> we now have around a thousand bugs open. This is a slightly >> intimidating number. > > I am happy to say that we have been closing bugs faster than they are > being filed in the last 6 months. There have been 85 new bugs filed > and 110 bugs closed. There are now "only" 975 bugs open. So we should clear the backlog in about 20 years time. A+ Paul |
|
From: Mark W. <ma...@kl...> - 2024-06-23 15:44:03
|
Hi all, On Thu, Nov 16, 2023 at 08:22:33PM +0100, Mark Wielaard wrote: > Valgrind is more than 20 years old and we have been collecting > bugs slightly faster than we have been able to close them. Which means > we now have around a thousand bugs open. This is a slightly > intimidating number. I am happy to say that we have been closing bugs faster than they are being filed in the last 6 months. There have been 85 new bugs filed and 110 bugs closed. There are now "only" 975 bugs open. Great progress, but still slightly intimidating. So if people could take a look and confirm or close issues that would be appreciated. > But some of the bugs are more than 10 years old (the oldest bugs are > from 2004). So some of them are likely not really relevant anymore. > > If people could do some quick spot checks of some of these bugs that > would be really appreciated. > > The bugs can be found here: > https://bugs.kde.org/buglist.cgi?product=valgrind&resolution=--- > Or per component here: > https://bugs.kde.org/describecomponents.cgi?product=valgrind > > If you filed a bug yourself please look if the issue is still > relevant. Please add a comment saying so if it is, or close it if it > isn't. Same if it has a simple reproducer. If it has a patch attached > please check if it still applies. > > Please don't go out of your way to close bugs, even old bugs can still > be relevant. But it would be good to know if they really still are and > we need to take another look at them. > > Thanks, > > Mark |
|
From: Thomas W. <wol...@ms...> - 2024-06-20 07:07:12
|
That's indeed very interesting Paul. Thanks for making me aware. Thomas ________________________________ From: Paul Floyd via Valgrind-users <val...@li...> Sent: Wednesday, June 19, 2024 10:07 PM To: val...@li... <val...@li...> Subject: Re: [Valgrind-users] Question regarding 'Conditional jump or move depends on uninitialised value(s)' On 19-06-24 08:15, Thomas Wollenzin wrote: > Thanks for the hint, Sean. > While that might work perfectly fine, I'm personally not a big fan of > these types of tools. They're fine for proofing a theory but shouldn't > be used to 'cover up' developer mistakes. Code should be written as > solidly as possible. Read more about the proposal here https://www.open-std.org/JTC1/SC22/WG21/docs/papers/2022/p2723r0.html I'm fairly certain that things like this will be part of C++ in the next 5 years or so. That won't be using this option directly, more likely part of a 'profiles' feature. A+ Paul _______________________________________________ Valgrind-users mailing list Val...@li... https://lists.sourceforge.net/lists/listinfo/valgrind-users |
|
From: John R. <jr...@bi...> - 2024-06-20 00:23:02
|
> It seems optimizatin of the code will make > it indistinquisable from explicit initialization. So what you want is -ftrivial-auto-var-init=$POISON where POISON is something like 0xA5 or 'deaddead' and memcheck is told the value used for POISON. The programmer should specify a value that is highly unlikely to be a legitimate value. |
|
From: Mark W. <ma...@kl...> - 2024-06-19 23:03:22
|
On Wed, Jun 19, 2024 at 08:07:09PM +0000, Paul Floyd via Valgrind-users wrote: > On 19-06-24 08:15, Thomas Wollenzin wrote: > >Thanks for the hint, Sean. > >While that might work perfectly fine, I'm personally not a big fan > >of these types of tools. They're fine for proofing a theory but > >shouldn't be used to 'cover up' developer mistakes. Code should be > >written as solidly as possible. > > Read more about the proposal here > > https://www.open-std.org/JTC1/SC22/WG21/docs/papers/2022/p2723r0.html > > I'm fairly certain that things like this will be part of C++ in the > next 5 years or so. That won't be using this option directly, more > likely part of a 'profiles' feature. Interesting proposal. I notice they mention that valgrind memcheck will no longer be able to detect use of uninitialized variables anymore: Making all automatic variables explicitly zero means that developers will come to rely on it. The current status-quo forces developers to express intent, and new code might decide not to do so and simply use the zero that they know to be there. This would then make it impossible to distinguish "purposeful use of the uninitialized zero" from "accidental use of the uninitialized zero". Tools such as memory sanitizers and valgrind would therefore be unable to diagnose correctness issues (but we would have removed the security issues). It should still be best practice to only assign a value to a variable when this value is meaningful, and only use an "uninitialized" value when meaning has been give to it. I wonder if there would be some implementation so that we can detect the zeroing is part of this automatic variable initialization and then still mark the storage as not defined. But I cannot think of one. It seems optimizatin of the code will make it indistinquisable from explicit initialization. Cheers, Mark |
|
From: Paul F. <pj...@wa...> - 2024-06-19 20:07:23
|
On 19-06-24 08:15, Thomas Wollenzin wrote: > Thanks for the hint, Sean. > While that might work perfectly fine, I'm personally not a big fan of > these types of tools. They're fine for proofing a theory but shouldn't > be used to 'cover up' developer mistakes. Code should be written as > solidly as possible. Read more about the proposal here https://www.open-std.org/JTC1/SC22/WG21/docs/papers/2022/p2723r0.html I'm fairly certain that things like this will be part of C++ in the next 5 years or so. That won't be using this option directly, more likely part of a 'profiles' feature. A+ Paul |
|
From: Thomas W. <wol...@ms...> - 2024-06-19 15:30:48
|
Absolutely, thanks for the reply. Thomas ________________________________ From: Sean McBride <se...@ro...> Sent: Wednesday, June 19, 2024 5:27 PM To: Thomas Wollenzin <wol...@ms...> Cc: David Chapman <dcc...@ac...>; val...@li... <val...@li...> Subject: Re: [Valgrind-users] Question regarding 'Conditional jump or move depends on uninitialised value(s)' On 19 Jun 2024, at 4:15, Thomas Wollenzin wrote: > While that might work perfectly fine, I'm personally not a big fan of these types of tools. They're fine for proofing a theory but shouldn't be used to 'cover up' developer mistakes. Code should be written as solidly as possible. Not to get too OT here, but they aren't mutually exclusive. You can write your code solidly, and use valgrind, ASan, and -ftrivial-auto-var-init=pattern in your debug builds, and fix all issues they find. Simultaneously, you can also use -ftrivial-auto-var-init=zero in your release builds, which BTW Apple and Microsoft reportedly do, as it provides security benefits for a tiny performance hit. (As discussed in that thread I linked.) Sean ________________________________ From: Sean McBride <se...@ro...> Sent: Wednesday, June 19, 2024 5:27 PM To: Thomas Wollenzin <wol...@ms...> Cc: David Chapman <dcc...@ac...>; val...@li... <val...@li...> Subject: Re: [Valgrind-users] Question regarding 'Conditional jump or move depends on uninitialised value(s)' On 19 Jun 2024, at 4:15, Thomas Wollenzin wrote: > While that might work perfectly fine, I'm personally not a big fan of these types of tools. They're fine for proofing a theory but shouldn't be used to 'cover up' developer mistakes. Code should be written as solidly as possible. Not to get too OT here, but they aren't mutually exclusive. You can write your code solidly, and use valgrind, ASan, and -ftrivial-auto-var-init=pattern in your debug builds, and fix all issues they find. Simultaneously, you can also use -ftrivial-auto-var-init=zero in your release builds, which BTW Apple and Microsoft reportedly do, as it provides security benefits for a tiny performance hit. (As discussed in that thread I linked.) Sean |
|
From: Sean M. <se...@ro...> - 2024-06-19 15:27:22
|
On 19 Jun 2024, at 4:15, Thomas Wollenzin wrote: > While that might work perfectly fine, I'm personally not a big fan of these types of tools. They're fine for proofing a theory but shouldn't be used to 'cover up' developer mistakes. Code should be written as solidly as possible. Not to get too OT here, but they aren't mutually exclusive. You can write your code solidly, and use valgrind, ASan, and -ftrivial-auto-var-init=pattern in your debug builds, and fix all issues they find. Simultaneously, you can also use -ftrivial-auto-var-init=zero in your release builds, which BTW Apple and Microsoft reportedly do, as it provides security benefits for a tiny performance hit. (As discussed in that thread I linked.) Sean |
|
From: Thomas W. <wol...@ms...> - 2024-06-19 14:08:38
|
Thanks for the reply, Paul. You're right. It's about replacement functions instead of overloads. The VG run was done in an optimized environment and the functions got indeed inlined. Cheers, Thomas ________________________________ From: Paul Floyd via Valgrind-users <val...@li...> Sent: Monday, June 17, 2024 1:18 PM To: val...@li... <val...@li...> Subject: Re: [Valgrind-users] question regarding mismatching free/delete On 17-06-24 08:45, Thomas Wollenzin wrote: > Hi, > > I have a questing regarding Valgrind report 'Mismatched free() / delete > / delete []'. > > I understand that Valgrind is redirecting calls to new/delete and so on > to its own. On the allocation side I see: > > operator new(unsigned long) (vg_replace_malloc.c:487) > > > on the deallocation side > > free (vg_replace_malloc.c:989) > > Our new/delete operators are overloaded and call effectively malloc/free > at some point. > Could it be that Valgrind can get confused and not resolve the > overloaded operators correctly? By coincidence I updated the FAQ on this subject yesterday. See https://valgrind.org/docs/manual/faq.html#faq.mismatches It doesn't sound like you are using tcmalloc. I assume that you mean "replacement new/delete", not overload. See https://en.cppreference.com/w/cpp/memory/new/operator_new ("replaceable allocation functions"). If you really are adding a new overload to the existing set then I would expect Memcheck to not be able to redirect your overloads. If (more likely) you are replacing one of the existing set of standard overloads then are you ensuring that they don't get inlined? (See the FAQ). A+ Paul _______________________________________________ Valgrind-users mailing list Val...@li... https://lists.sourceforge.net/lists/listinfo/valgrind-users ________________________________ From: Paul Floyd via Valgrind-users <val...@li...> Sent: Monday, June 17, 2024 1:18 PM To: val...@li... <val...@li...> Subject: Re: [Valgrind-users] question regarding mismatching free/delete On 17-06-24 08:45, Thomas Wollenzin wrote: > Hi, > > I have a questing regarding Valgrind report 'Mismatched free() / delete > / delete []'. > > I understand that Valgrind is redirecting calls to new/delete and so on > to its own. On the allocation side I see: > > operator new(unsigned long) (vg_replace_malloc.c:487) > > > on the deallocation side > > free (vg_replace_malloc.c:989) > > Our new/delete operators are overloaded and call effectively malloc/free > at some point. > Could it be that Valgrind can get confused and not resolve the > overloaded operators correctly? By coincidence I updated the FAQ on this subject yesterday. See https://valgrind.org/docs/manual/faq.html#faq.mismatches It doesn't sound like you are using tcmalloc. I assume that you mean "replacement new/delete", not overload. See https://en.cppreference.com/w/cpp/memory/new/operator_new ("replaceable allocation functions"). If you really are adding a new overload to the existing set then I would expect Memcheck to not be able to redirect your overloads. If (more likely) you are replacing one of the existing set of standard overloads then are you ensuring that they don't get inlined? (See the FAQ). A+ Paul _______________________________________________ Valgrind-users mailing list Val...@li... https://lists.sourceforge.net/lists/listinfo/valgrind-users |
|
From: Thomas W. <wol...@ms...> - 2024-06-19 09:47:54
|
Thanks for the hint, Sean. While that might work perfectly fine, I'm personally not a big fan of these types of tools. They're fine for proofing a theory but shouldn't be used to 'cover up' developer mistakes. Code should be written as solidly as possible. Cheers, Thomas ________________________________ From: Sean McBride <se...@ro...> Sent: Monday, June 17, 2024 6:08 PM To: David Chapman <dcc...@ac...> Cc: Thomas Wollenzin <wol...@ms...>; val...@li... <val...@li...> Subject: Re: [Valgrind-users] Question regarding 'Conditional jump or move depends on uninitialised value(s)' On 15 Jun 2024, at 16:41, David Chapman via Valgrind-users wrote: > Then schedule a pass to go over all your code and initialize everything else. You won't regret it. and/or build with -ftrivial-auto-var-init=zero See also: https://discourse.llvm.org/t/making-ftrivial-auto-var-init-zero-a-first-class-option/55143/ Sean |
|
From: Sean M. <se...@ro...> - 2024-06-17 16:27:11
|
On 15 Jun 2024, at 16:41, David Chapman via Valgrind-users wrote: > Then schedule a pass to go over all your code and initialize everything else. You won't regret it. and/or build with -ftrivial-auto-var-init=zero See also: https://discourse.llvm.org/t/making-ftrivial-auto-var-init-zero-a-first-class-option/55143/ Sean |
|
From: Paul F. <pj...@wa...> - 2024-06-17 11:18:49
|
On 17-06-24 08:45, Thomas Wollenzin wrote: > Hi, > > I have a questing regarding Valgrind report 'Mismatched free() / delete > / delete []'. > > I understand that Valgrind is redirecting calls to new/delete and so on > to its own. On the allocation side I see: > > operator new(unsigned long) (vg_replace_malloc.c:487) > > > on the deallocation side > > free (vg_replace_malloc.c:989) > > Our new/delete operators are overloaded and call effectively malloc/free > at some point. > Could it be that Valgrind can get confused and not resolve the > overloaded operators correctly? By coincidence I updated the FAQ on this subject yesterday. See https://valgrind.org/docs/manual/faq.html#faq.mismatches It doesn't sound like you are using tcmalloc. I assume that you mean "replacement new/delete", not overload. See https://en.cppreference.com/w/cpp/memory/new/operator_new ("replaceable allocation functions"). If you really are adding a new overload to the existing set then I would expect Memcheck to not be able to redirect your overloads. If (more likely) you are replacing one of the existing set of standard overloads then are you ensuring that they don't get inlined? (See the FAQ). A+ Paul |
|
From: Thomas W. <wol...@ms...> - 2024-06-17 10:31:55
|
Thanks for the reply Julian. Does that mean that you fully disable Valgrind to report on any potential mismatching frees? Isn't that robbing you of the ability to get at least notified about potential issues to that regard? Cheers, Thomas ________________________________ From: Julian Seward <jse...@gm...> Sent: Monday, June 17, 2024 11:53 AM To: Thomas Wollenzin <wol...@ms...>; val...@li... <val...@li...> Subject: Re: [Valgrind-users] question regarding mismatching free/delete On 17/06/2024 10:45, Thomas Wollenzin wrote: > Could it be that Valgrind can get confused and not resolve the overloaded operators correctly? This can happen as a result of "differential inlining". What I mean is, you have `new` calls `malloc` and `delete` calls `free`, and the definitions of `malloc` and `free` are visible to the compiler (maybe you defined your own wrappers for them). Then, if `malloc` is inlined into `new` but `free` is not inlined into `delete`, or vice versa, then you will get these reports. I have this a lot when running Firefox on Valgrind, so I run with --show-mismatched-frees=no. J |
|
From: Julian S. <jse...@gm...> - 2024-06-17 09:53:38
|
On 17/06/2024 10:45, Thomas Wollenzin wrote: > Could it be that Valgrind can get confused and not resolve the overloaded operators correctly? This can happen as a result of "differential inlining". What I mean is, you have `new` calls `malloc` and `delete` calls `free`, and the definitions of `malloc` and `free` are visible to the compiler (maybe you defined your own wrappers for them). Then, if `malloc` is inlined into `new` but `free` is not inlined into `delete`, or vice versa, then you will get these reports. I have this a lot when running Firefox on Valgrind, so I run with --show-mismatched-frees=no. J |
|
From: Thomas W. <wol...@ms...> - 2024-06-17 09:31:18
|
Thanks for following up and correcting a typo! Cheers, Thomas ________________________________ From: John Reiser <jr...@bi...> Sent: Sunday, June 16, 2024 1:59 AM To: val...@li... <val...@li...> Subject: Re: [Valgrind-users] Question regarding 'Conditional jump or move depends on uninitialised value(s)' > Also note that malloc()+memset() can choose byte values other than 0; . A value such as 0xA5 can increase visual effectiveness of memory dumps. > Also note that there is a feature of glibc malloc() such that the shell > environment variable MALLOC_PERTURN_=NNN (note the trailing underscore) MALLOC_PERTURB_ _______________________________________________ Valgrind-users mailing list Val...@li... https://lists.sourceforge.net/lists/listinfo/valgrind-users |
|
From: Thomas W. <wol...@ms...> - 2024-06-17 08:45:23
|
Hi, I have a questing regarding Valgrind report 'Mismatched free() / delete / delete []'. I understand that Valgrind is redirecting calls to new/delete and so on to its own. On the allocation side I see: operator new(unsigned long) (vg_replace_malloc.c:487) on the deallocation side free (vg_replace_malloc.c:989) Our new/delete operators are overloaded and call effectively malloc/free at some point. Could it be that Valgrind can get confused and not resolve the overloaded operators correctly? Thanks, Thomas |
|
From: Thomas W. <wol...@ms...> - 2024-06-17 07:28:18
|
This indeed seems very useful. Thanks for making me aware of this tool, John. Cheers, Thomas ________________________________ From: John Reiser <jr...@bi...> Sent: Sunday, June 16, 2024 10:03 PM To: val...@li... <val...@li...> Subject: Re: [Valgrind-users] Question regarding 'Conditional jump or move depends on uninitialised value(s)' > What happens is that a rather large class is allocated via operator new > which comes with tons of subsequent data. Unfortunately, a lot of that > data isn't default initialized so it's rather impossible to go by trial > and error. Valgrind does report the place where the condition is but > it's a super busy loop that works on tons of templated data. The "ultimate hammer" or "magic wand" is 'rr', which is "Record and Replay". By using it you can execute *backwards*, that is "back up" from the point of error to as far back as you want, examining memory as you go; or even setting breakpoints or watchpoints to see when (in the past!) state changed. See https://rr-project.org ; also search the 'net for "rr record replay". You'll have to learn this new style of debugging, and you will need a lot of disk space: 100GB is typical. But you *will* find the bug! _______________________________________________ Valgrind-users mailing list Val...@li... https://lists.sourceforge.net/lists/listinfo/valgrind-users |
|
From: Thomas W. <wol...@ms...> - 2024-06-17 07:19:05
|
Thanks for the reply Nick. I do have --track-origins=yes enabled, always. This way I know where the object in question is allocated and where the uninitialized access occurs. It's still insufficient unfortunately as it doesn't reveal the exact involved actors. Thanks, Thomas ________________________________ From: Nicholas Nethercote <n.n...@gm...> Sent: Sunday, June 16, 2024 1:13 AM To: Thomas Wollenzin <wol...@ms...> Cc: val...@li... <val...@li...> Subject: Re: [Valgrind-users] Question regarding 'Conditional jump or move depends on uninitialised value(s)' Hi, Re-run with the --track-origins=yes flag enabled and it will give you more detail about where the uninitialized value comes from. (That option isn't on by default because it makes Valgrind run more slowly.) Nick On Sun, 16 Jun 2024 at 06:13, Thomas Wollenzin <wol...@ms...<mailto:wol...@ms...>> wrote: Hi, I'm not too familiar with valgrind yet so excuse a potentially dumb question. I'm trying to fix an issue in our code base that valgrind reported as 'Conditional jump or move depends on uninitialised value(s)'. In particular I have a hard time understanding what the exact item is that's being seen as uninitialised. I can't share code as it's very complex and non-public. What happens is that a rather large class is allocated via operator new which comes with tons of subsequent data. Unfortunately, a lot of that data isn't default initialized so it's rather impossible to go by trial and error. Valgrind does report the place where the condition is but it's a super busy loop that works on tons of templated data. Is there a way to have Valgrind tell me what type exactly has the uninitialised field or at best break at the time this exact incident occurs? Thanks, Thomas _______________________________________________ Valgrind-users mailing list Val...@li...<mailto:Val...@li...> https://lists.sourceforge.net/lists/listinfo/valgrind-users |
|
From: Thomas W. <wol...@ms...> - 2024-06-17 07:14:11
|
Thanks for the reply, David.
I fully agree and believe me, the systems I'm in charge of in our code base do not have a single issue like that. That's a lesson I learned during my studies more than 20 years ago already.
Unfortunately, default initializing every trivial and non-trivial field isn't doable as that would be of rather large refactoring nature and is outside of my current task and way too risky for the stage, we're in. Again, I do agree otherwise though.
Thanks,
Thomas
________________________________
From: David Chapman <dcc...@ac...>
Sent: Saturday, June 15, 2024 10:41 PM
To: Thomas Wollenzin <wol...@ms...>; val...@li... <val...@li...>
Subject: Re: [Valgrind-users] Question regarding 'Conditional jump or move depends on uninitialised value(s)'
On 6/15/2024 10:38 AM, Thomas Wollenzin wrote:
Hi,
I'm not too familiar with valgrind yet so excuse a potentially dumb question.
I'm trying to fix an issue in our code base that valgrind reported as 'Conditional jump or move depends on uninitialised value(s)'. In particular I have a hard time understanding what the exact item is that's being seen as uninitialised. I can't share code as it's very complex and non-public.
What happens is that a rather large class is allocated via operator new which comes with tons of subsequent data. Unfortunately, a lot of that data isn't default initialized so it's rather impossible to go by trial and error. Valgrind does report the place where the condition is but it's a super busy loop that works on tons of templated data.
Is there a way to have Valgrind tell me what type exactly has the uninitialised field or at best break at the time this exact incident occurs?
Thanks,
Thomas
I have fixed so many bugs by initializing seemingly harmless variables that I now initialize all variables and all data structure fields, even if only to nullptr. Valgrind found one use of an uninitialized variable; you probably have many more that didn't show up in this run.
My advice is to make some guesses and initialize the most likely suspects until the problem goes away. You might call that "trial and error", but initialization fixes bugs; it does not create new ones.
Then schedule a pass to go over all your code and initialize everything else. You won't regret it.
--
David Chapman dcc...@ac...<mailto:dcc...@ac...>
Chapman Consulting -- San Jose, CA
EDA Software Developer, Expert Witness
www.chapman-consulting-sj.com<http://www.chapman-consulting-sj.com>
2018-2019 Chair, IEEE Consultants' Network of Silicon Valley
|
188 messages has been excluded from this view by a project administrator.
