|
From: laurent de V. <l_d...@ho...> - 2006-03-09 21:38:05
|
Hallo,
I use a Suse Linux 9.3, AMD Duron (32 bits), gcc 3.3.5.
The following (reduced) piece of code
#include <stdarg.h>
#include <stdio.h>
void process_error(int num_args, ...)
{
char errors[1][1];
va_list ap;
va_start(ap,num_args);
sprintf( errors[0], "%s", va_arg(ap, char*));
}
int main()
{
process_error( 1, "blablabla");
return 0;
}
leads to a seg fault (because error is not big enough).
Valgrind does not in this case say something usefull
(
==29811== Jump to the invalid address stated on the next line
==29811== at 0x616C6261: ???
).
I tested Valgrind 3.2 and the latest version (revision 1594).
Valgrind output is identical.
Is it a known limit of valgrind or should I set other Valgrind options
to allow the detection of such issues ?
big thanks for the help.
Laurent
Valgrind output/
==29811== Memcheck, a memory error detector.
==29811== Copyright (C) 2002-2005, and GNU GPL'd, by Julian Seward et al.
==29811== Using LibVEX rev 1594, a library for dynamic binary translation.
==29811== Copyright (C) 2004-2005, and GNU GPL'd, by OpenWorks LLP.
==29811== Using valgrind-3.2.0.SVN, a dynamic binary instrumentation
framework.
==29811== Copyright (C) 2000-2005, and GNU GPL'd, by Julian Seward et al.
==29811==
==29811== My PID = 29811, parent PID = 7449. Prog and args are:
==29811== ./linux.open
==29811==
--29811--
--29811-- Command line
--29811-- ./linux.open
--29811-- Startup, with flags:
--29811-- --tool=memcheck
--29811-- -v
--29811-- --log-file=log
--29811-- Contents of /proc/version:
--29811-- Linux version 2.6.11.4-21.11-default (geeko@buildhost) (gcc
version 3.3.5 20050117 (prerelease) (SUSE Linux)) #1 Thu Feb 2 20:54:26 UTC
2006
--29811-- Arch and hwcaps: X86, x86-sse1
--29811-- Valgrind library directory: /usr/lib/valgrind
--29811-- Reading syms from /lib/ld-2.3.4.so (0x4000000)
--29811-- Reading syms from /home/laurent/gmc_bug/linux/linux.open
(0x8048000)
--29811-- Reading syms from /usr/lib/valgrind/x86-linux/memcheck
(0xB0000000)
--29811-- object doesn't have a dynamic symbol table
--29811-- Reading suppressions file: /usr/lib/valgrind/default.supp
--29811-- REDIR: 0x4012B60 (index) redirected to 0xB001FB06
(vgPlain_x86_linux_REDIR_FOR_index)
--29811-- Reading syms from /usr/lib/valgrind/x86-linux/vgpreload_core.so
(0x4018000)
--29811-- Reading syms from
/usr/lib/valgrind/x86-linux/vgpreload_memcheck.so (0x401B000)
==29811== WARNING: new redirection conflicts with existing -- ignoring it
--29811-- new: 0x04012B60 (index ) R-> 0x0401D6F0 index
--29811-- REDIR: 0x4012D00 (strlen) redirected to 0x401D980 (strlen)
--29811-- Reading syms from /lib/tls/libc.so.6 (0x4020000)
--29811-- REDIR: 0x4087C90 (rindex) redirected to 0x401D5D0 (rindex)
--29811-- REDIR: 0x40878D0 (strlen) redirected to 0x401D960 (strlen)
==29811== Jump to the invalid address stated on the next line
==29811== at 0x616C6261: ???
==29811== Address 0x616C6261 is not stack'd, malloc'd or (recently) free'd
==29811==
==29811== Process terminating with default action of signal 11 (SIGSEGV)
==29811== Access not within mapped region at address 0x616C6261
==29811== at 0x616C6261: ???
--29811-- REDIR: 0x40007A0 (_dl_sysinfo_int80) redirected to 0xB001FB03
(???)
--29811-- REDIR: 0x4082640 (free) redirected to 0x401C9A1 (free)
==29811==
==29811== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 11 from 1)
==29811==
==29811== 1 errors in context 1 of 1:
==29811== Jump to the invalid address stated on the next line
==29811== at 0x616C6261: ???
==29811== Address 0x616C6261 is not stack'd, malloc'd or (recently) free'd
--29811--
--29811-- supp: 11 Ubuntu-stripped-ld.so
==29811==
==29811== IN SUMMARY: 1 errors from 1 contexts (suppressed: 11 from 1)
==29811==
==29811== malloc/free: in use at exit: 0 bytes in 0 blocks.
==29811== malloc/free: 0 allocs, 0 frees, 0 bytes allocated.
==29811==
==29811== All heap blocks were freed -- no leaks are possible.
--29811-- memcheck: sanity checks: 0 cheap, 1 expensive
--29811-- memcheck: auxmaps: 0 auxmap entries (0k, 0M) in use
--29811-- memcheck: auxmaps: 0 searches, 0 comparisons
--29811-- memcheck: secondaries: 5 issued (320k, 0M)
--29811-- memcheck: secondaries: 18 accessible and distinguished (1152k,
1M)
--29811-- translate: fast SP updates identified: 1,287 ( 89.4%)
--29811-- translate: generic_known SP updates identified: 77 ( 5.3%)
--29811-- translate: generic_unknown SP updates identified: 74 ( 5.1%)
--29811-- tt/tc: 2,995 tt lookups requiring 3,012 probes
--29811-- tt/tc: 2,994 fast-cache updates, 3 flushes
--29811-- transtab: new 1,398 (30,810 -> 512,870; ratio 166:10) [0
scs]
--29811-- transtab: dumped 0 (0 -> ??)
--29811-- transtab: discarded 9 (207 -> ??)
--29811-- scheduler: 23,574 jumps (bb entries).
--29811-- scheduler: 0/1,667 major/minor sched events.
--29811-- sanity: 1 cheap, 1 expensive checks.
--29811-- exectx: 30,011 lists, 7 contexts (avg 0 per list)
--29811-- exectx: 12 searches, 5 full compares (416 per 1000)
--29811-- exectx: 0 cmp2, 26 cmp4, 0 cmpAll
|
|
From: Olly B. <ol...@su...> - 2006-03-09 21:48:57
|
On 2006-03-09, laurent de Vito <l_d...@ho...> wrote: > Is it a known limit of valgrind or should I set other Valgrind options > to allow the detection of such issues ? Known limitation: http://valgrind.org/docs/manual/faq.html#faq.overruns Cheers, Olly |