Ikke's Blog

Post details: More valgrind abuse

Dec 3
More valgrind abuse

After my previous article on Valgrind I started using it more and more, and discovered another nice feature of it. Just check this sample:

#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <assert.h>

#define MESSAGE "test"

int main(int argc, char *argv[]) {
        char *t = NULL;

        /* Hey, everyone makes mistakes */
        t = (char *)malloc(strlen("" MESSAGE) * sizeof(char));
        assert(t != NULL);
        strcpy(t, "" MESSAGE);

        printf("%s\n", t);

        free(t);

        return 0;
}

Compiling and running looks ok:

$ gcc -g -Wall -Werror -o test2 test2.c
$ ./test2
test

But luckily there's Valgrind to tell us the code is horribly wrong:

$ valgrind --tool=memcheck ./test2
==13483== Memcheck, a memory error detector for x86-linux.
==13483== Copyright (C) 2002-2004, and GNU GPL'd, by Julian Seward et al.
==13483== Using valgrind-2.2.0, a program supervision framework for x86-linux.
==13483== Copyright (C) 2000-2004, and GNU GPL'd, by Julian Seward et al.
==13483== For more details, rerun with: -v
==13483==
==13483== Invalid write of size 1
==13483==    at 0x1B906485: strcpy (mac_replace_strmem.c:199)
==13483==    by 0x80484B2: main (test2.c:14)
==13483==  Address 0x1BA5C02C is 0 bytes after a block of size 4 alloc'd
==13483==    at 0x1B906B82: malloc (vg_replace_malloc.c:131)
==13483==    by 0x8048472: main (test2.c:12)
==13483==
==13483== Invalid read of size 1
==13483==    at 0x1B968B6B: _IO_vfprintf (in /lib/tls/libc-2.3.5.so)
==13483==    by 0x1B96DF36: _IO_printf (in /lib/tls/libc-2.3.5.so)
==13483==    by 0x1B93DF36: __libc_start_main (in /lib/tls/libc-2.3.5.so)
==13483==  Address 0x1BA5C02C is 0 bytes after a block of size 4 alloc'd
==13483==    at 0x1B906B82: malloc (vg_replace_malloc.c:131)
==13483==    by 0x8048472: main (test2.c:12)
test
==13483==
==13483== ERROR SUMMARY: 2 errors from 2 contexts (suppressed: 13 from 1)
==13483== malloc/free: in use at exit: 0 bytes in 0 blocks.
==13483== malloc/free: 1 allocs, 1 frees, 4 bytes allocated.
==13483== For a detailed leak analysis,  rerun with: --leak-check=yes
==13483== For counts of detected errors, rerun with: -v

This should be fairly self-explaining... I guess most C programmers forgot to allocate strlen(msg)+1 (the end '\0') at least once in their life...

By the way: hello Planet Grep :-)

Comments:

Comment from: stephanie [Visitor] · http://gnurbs.blogsome.com
hahaha! i remember making a homework once that wasn't string-safe. it was supposed to stringify a number...

e.g.

input: 100
output: one hundred

oh and by the way, have you tried running valgrind on dynamic/shared libraries? i compiled a shared library once with -g but valgrind can't see step in it for some reason.

answers evaded me when i did research :((
PermalinkPermalink 12/04/05 @ 04:10
Comment from: stephanie [Visitor] · http://gnurbs.blogsome.com
err.. "can't step through it" rather...
PermalinkPermalink 12/04/05 @ 04:13
Comment from: Ikke [Member] · http://www.eikke.com
I'll take a look...
PermalinkPermalink 12/04/05 @ 14:39
Comment from: Ikke [Member] · http://www.eikke.com
Hmm, looks like you're right...

==13271== 5 bytes in 1 blocks are definitely lost in loss record 1 of 4
==13271== at 0x1B906B82: malloc (vg_replace_malloc.c:131)
==13271== by 0x1B9600CE: g_malloc (in /usr/lib/libglib-2.0.so.0.800.2)
==13271== by 0x1B91165B: ???
==13271== by 0x8048978: main (in /home/ikke/tmp/vgtest/libmain)

Where the "???" function is inside my .so

Would be nice if that behaviour could be changed.
PermalinkPermalink 12/04/05 @ 15:02
Comment from: stephanie [Visitor] · http://gnurbs.blogsome.com
yes. definitely. we'll see how this goes in the future. :D
PermalinkPermalink 12/05/05 @ 23:51

Leave a comment:

Your email address will not be displayed on this site.
Your URL will be displayed.

Allowed XHTML tags: <p, ul, ol, li, dl, dt, dd, address, blockquote, ins, del, span, bdo, br, em, strong, dfn, code, samp, kdb, var, cite, abbr, acronym, q, sub, sup, tt, i, b, big, small>
(Line breaks become <br />)
(Set cookies for name, email and url)
(Allow users to contact you through a message form (your email will NOT be displayed.))

Categories

Who's Online?

  • Guest Users: 471

Misc

XML Feeds

What is RSS?