Bug 332591 - False positive: invalid read in vfprintf
Summary: False positive: invalid read in vfprintf
Status: RESOLVED UNMAINTAINED
Alias: None
Product: valgrind
Classification: Developer tools
Component: sgcheck (other bugs)
Version First Reported In: 3.9.0
Platform: Debian stable Linux
: NOR normal
Target Milestone: ---
Assignee: Julian Seward
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2014-03-25 15:50 UTC by ewirch
Modified: 2020-10-28 10:59 UTC (History)
1 user (show)

See Also:
Latest Commit:
Version Fixed/Implemented In:
Sentry Crash Report:

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.
Description ewirch 2014-03-25 15:50:23 UTC 
Exact Valgrind version is current trunk r13884. The important lines from the stack trace:

==6232== Invalid read of size 1
==6232==    at 0x57B53B1: vfprintf (vfprintf.c:1630)
==6232==    by 0x57DD441: vsnprintf (vsnprintf.c:120)
...
==6232==  Address 0xe0cb310 expected vs actual:
==6232==  Expected: stack array "caseBuffer1" of size 1,000 in frame 3 back from here
==6232==  Actual:   stack array "caseBuffer2" of size 1,000 in frame 3 back from here
==6232==  Actual:   is 1,008 before Expected

The contents of the buffers are fine, I double checked. vfprintf implementation seems to apply some kind optimization which reads multiple bytes at once (probably 16 bytes). This is the assembly operation in question:

 repnz scas %es:(%rdi),%al



Reproducible: Always
Comment 1 ewirch 2014-03-25 15:52:22 UTC 
gcc in use: gcc (Ubuntu/Linaro 4.7.2-2ubuntu1) 4.7.2
Comment 2 Julian Seward 2014-09-03 06:36:11 UTC 
This is a documented limitation of sgcheck (see the manual).  There's not
much to be done about this, unfortunately.