|
From: Charlie S. <csh...@ho...> - 2005-01-10 18:22:04
|
Hi,
When I run the following program with valgrind 2.2.0, I get
the output below it. The invalid read and writes are flagged
for the subscripts that are slightly off(-1, 100), but are
not for the larger errors(1000). I understand that valgrind
allocates some amount of memory on either side of the array,
but is there any way to catch this error of a large offset
if it reaches into validly allocated memory(ptr2)? If I
take out the ptr2 allocation, then I get invalid read and
writes for the 1000 subscript.
Thanks,
Charlie Shelton
#include <stdio.h>
#include <stdlib.h>
#include <malloc.h>
int main ( int argc, char **argv )
{
int i = 0;
int * ptr0 = 0;
int * ptr2 = 0;
int * ptr = 0;
int ara[100];
int n;
ptr0 = (int *) malloc ( sizeof(int) * 10000 );
ptr = (int *) malloc ( sizeof(int) * 100 );
ptr2 = (int *) malloc ( sizeof(int) * 10000 );
for (i=0; i<100; i++)
{
ptr[i] = 0;
ara[i] = 0;
}
n = ptr[-1];
n = ara[-1];
n = ptr[100];
n = ptr[1000];
ptr[100] = 0;
ptr[1000] = 0;
free ( ptr0 );
free ( ptr );
free ( ptr2 );
return (0);
}
==14621== Invalid read of size 4
==14621== at 0x8048422: main (test.c:25)
==14621== Address 0x1BE34C94 is 4 bytes before a block of size 400 alloc'd
==14621== at 0x1B903D74: malloc (vg_replace_malloc.c:131)
==14621== by 0x80483CA: main (test.c:16)
==14621==
==14621== Invalid read of size 4
==14621== at 0x8048432: main (test.c:28)
==14621== Address 0x1BE34E28 is 0 bytes after a block of size 400 alloc'd
==14621== at 0x1B903D74: malloc (vg_replace_malloc.c:131)
==14621== by 0x80483CA: main (test.c:16)
==14621==
==14621== Invalid write of size 4
==14621== at 0x8048452: main (test.c:31)
==14621== Address 0x1BE34E28 is 0 bytes after a block of size 400 alloc'd
==14621== at 0x1B903D74: malloc (vg_replace_malloc.c:131)
==14621== by 0x80483CA: main (test.c:16)
Without the ptr2 allocation, I also get the following:
==14643== Invalid read of size 4
==14643== at 0x804842F: main (test.c:29)
==14643== Address 0x1BE35C38 is not stack'd, malloc'd or (recently) free'd
==14643==
==14643== Invalid write of size 4
==14643== at 0x804844D: main (test.c:32)
==14643== Address 0x1BE35C38 is not stack'd, malloc'd or (recently) free'd
|
|
From: Nicholas N. <nj...@ca...> - 2005-01-10 20:43:42
|
On Mon, 10 Jan 2005, Charlie Shelton wrote: > When I run the following program with valgrind 2.2.0, I get > the output below it. The invalid read and writes are flagged > for the subscripts that are slightly off(-1, 100), but are > not for the larger errors(1000). I understand that valgrind > allocates some amount of memory on either side of the array, > but is there any way to catch this error of a large offset > if it reaches into validly allocated memory(ptr2)? Unfortunately not, it's an inherent shortcoming of Memcheck's technique (and mentioned in the FAQ). I tried writing a Valgrind tool once that would detect such an error, but it never really worked properly. N |