Bug 332591

Summary: False positive: invalid read in vfprintf
Product: [Developer tools] valgrind Reporter: ewirch <wirch.eduard>
Component: sgcheckAssignee: Julian Seward <jseward>
Status: RESOLVED UNMAINTAINED    
Severity: normal CC: pjfloyd
Priority: NOR    
Version First Reported In: 3.9.0   
Target Milestone: ---   
Platform: Debian stable   
OS: Linux   
Latest Commit: Version Fixed/Implemented In:
Sentry Crash Report:

Description ewirch 2014-03-25 15:50:23 UTC 
Exact Valgrind version is current trunk r13884. The important lines from the stack trace:

==6232== Invalid read of size 1
==6232==    at 0x57B53B1: vfprintf (vfprintf.c:1630)
==6232==    by 0x57DD441: vsnprintf (vsnprintf.c:120)
...
==6232==  Address 0xe0cb310 expected vs actual:
==6232==  Expected: stack array "caseBuffer1" of size 1,000 in frame 3 back from here
==6232==  Actual:   stack array "caseBuffer2" of size 1,000 in frame 3 back from here
==6232==  Actual:   is 1,008 before Expected

The contents of the buffers are fine, I double checked. vfprintf implementation seems to apply some kind optimization which reads multiple bytes at once (probably 16 bytes). This is the assembly operation in question:

 repnz scas %es:(%rdi),%al



Reproducible: Always
Comment 1 ewirch 2014-03-25 15:52:22 UTC 
gcc in use: gcc (Ubuntu/Linaro 4.7.2-2ubuntu1) 4.7.2
Comment 2 Julian Seward 2014-09-03 06:36:11 UTC 
This is a documented limitation of sgcheck (see the manual).  There's not
much to be done about this, unfortunately.