|
From: Nandini C. (nandchan) <nan...@ci...> - 2009-02-16 05:37:16
|
1)I've cross compiled Valgrind 3.4 and 3.2.3 for PPC 32 on a Linux x86
machine.
2)I'm using Valgrind on QEMU(Full system PPC emulator and not a user
mode emulator)and PPC 8548.
3)My codebase is based on Linux 2.6.24.The version of glibc is 2.3.4.
Valgrind 3.4 fails to report errors when used with a test program,while
Valgrind 3.2.3 reports errors when run on the same test program.I see
the same issue with Valgrind 3.4.1 as well.
What does this message signify?
"Conditional jump or move depends on uninitialised value(s)"
Any pointers would be appreciated.
Sample program:
---------------------------------------
#include <stdlib.h>
void foo(void)
{
int* x = malloc(10 * sizeof(int));
x[10] = 0; // problem 1: heap block overrun
} // problem 2: memory leak -- x not freed
int main(void)
{
printf("vg: Calling foo...\n");
foo();
printf("vg: Done.\n");
return 0;
}
-------------------------------
When I use Valgrind 3.4 on the above test program,I get the following
output:
$/bin/valgrind --leak-check=full --show-reachable=yes testval
invalid/unsupported opcode: 04 - 02 - 12 (10000484) 380302e0 1
invalid/unsupported opcode: 3f - 16 - 00 (fc00002c) 380303b4 1
==839==
==839== Conditional jump or move depends on uninitialised value(s)
==839== at 0x4002690: (within /lib/ld-2.3.4.so <http://ld-2.3.4.so/>
)
==839== by 0x4010433: (within /lib/ld-2.3.4.so <http://ld-2.3.4.so/>
)
==839==
==839== Conditional jump or move depends on uninitialised value(s)
==839== at 0x40026C0: (within /lib/ld-2.3.4.so <http://ld-2.3.4.so/>
)
==839== by 0x4010433: (within /lib/ld-2.3.4.so <http://ld-2.3.4.so/>
)
==839==
==839== Conditional jump or move depends on uninitialised value(s)
==839== at 0x40022F8: (within /lib/ld-2.3.4.so <http://ld-2.3.4.so/>
)
==839== by 0x4002763: (within /lib/ld-2.3.4.so <http://ld-2.3.4.so/>
)
==839== by 0x4010433: (within /lib/ld-2.3.4.so <http://ld-2.3.4.so/>
)
vg: Calling foo...
vg: Done.
==839==
==839== ERROR SUMMARY: 5 errors from 3 contexts (suppressed: 2 from 1)
<----- Doesn't report memory leaks
==839== malloc/free: in use at exit: 0 bytes in 0 blocks.
==839== malloc/free: 0 allocs, 0 frees, 0 bytes allocated.
==839== For counts of detected errors, rerun with: -v
==839== Use --track-origins=yes to see where uninitialised values come
from
==839== All heap blocks were freed -- no leaks are possible.
--------------------------------------------------------
Valgrind 3.2.3 reports errors
==838== Memcheck, a memory error detector.
==838== Copyright (C) 2002-2007, and GNU GPL'd, by Julian Seward et al.
==838== Using LibVEX rev 1732, a library for dynamic binary translation.
==838== Copyright (C) 2004-2007, and GNU GPL'd, by OpenWorks LLP.
==838== Using valgrind-3.2.3, a dynamic binary instrumentation
framework.
==838== Copyright (C) 2000-2007, and GNU GPL'd, by Julian Seward et al.
==838== For more details, rerun with: -v
==838==
vg: Calling foo...
==838== Invalid write of size 4
<-------Valgrind 3.2.3 reports heap block overrun
==838== at 0x10000580: ???
==838== by 0x100005C0: ???
==838== by 0xFE4BF1C: (below main) (libc-start.c:209)
==838== Address 0x402A054 is 4 bytes after a block of size 40 alloc'd
==838== at 0xFFBABC0: malloc (vg_replace_malloc.c:149)
==838== by 0x10000568: ???
==838== by 0x100005C0: ???
==838== by 0xFE4BF1C: (below main) (libc-start.c:209)
vg: Done.
==838== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 7 from 3)
==838== malloc/free: in use at exit: 40 bytes in 1 blocks.
==838== malloc/free: 1 allocs, 0 frees, 40 bytes allocated.
==838== For counts of detected errors, rerun with: -v
==838== searching for pointers to 1 not-freed blocks.
==838== checked 156,828 bytes.
==838==
==838==
==838== 40 bytes in 1 blocks are definitely lost in loss record 1 of 1
<------memory leak
==838== at 0xFFBABC0: malloc (vg_replace_malloc.c:149)
==838== by 0x10000568: ???
==838== by 0x100005C0: ???
==838== by 0xFE4BF1C: (below main) (libc-start.c:209)
==838==
==838== LEAK SUMMARY:
==838== definitely lost: 40 bytes in 1 blocks.
==838== possibly lost: 0 bytes in 0 blocks.
==838== still reachable: 0 bytes in 0 blocks.
==838== suppressed: 0 bytes in 0 blocks.
-------------------------------------------------
Thanks.
|
|
From: shuLhan <m.s...@gm...> - 2009-02-16 05:53:56
|
On Monday 16 February 2009 12:08:05 Nandini Chandra (nandchan) wrote:
> Sample program:
> ---------------------------------------
> #include <stdlib.h>
>
> void foo(void)
> {
> int* x = malloc(10 * sizeof(int));
>
> x[10] = 0; // problem 1: heap block overrun
> } // problem 2: memory leak -- x not freed
>
This is a very basic C language error. 'x' only have index 0..9, not 10.
--
~ shuLhan ~
|
|
From: Nandini C. (nandchan) <nan...@ci...> - 2009-02-16 07:07:24
|
It sure is and I expect Valgrind 3.4 to report it.But it doesn't report
memory leaks and heap block overrun when run with my test
program.However,Valgrind 3.2.3 reports the same errors when run with the
test program just like one'd expect it to.
-----Original Message-----
From: shuLhan [mailto:m.s...@gm...]
Sent: Monday, February 16, 2009 12:53 AM
To: val...@li...
Cc: Nandini Chandra (nandchan)
Subject: Re: [Valgrind-users] Unitialised value in ld.so, lib.so with
valgrind 3.4
On Monday 16 February 2009 12:08:05 Nandini Chandra (nandchan) wrote:
> Sample program:
> ---------------------------------------
> #include <stdlib.h>
>
> void foo(void)
> {
> int* x = malloc(10 * sizeof(int));
>
> x[10] = 0; // problem 1: heap block overrun
> } // problem 2: memory leak -- x not freed
>
This is a very basic C language error. 'x' only have index 0..9, not 10.
--
~ shuLhan ~
|