On Wed, Sep 07, 2016 at 11:15:34AM +0200, Florian Weimer wrote: > On 09/06/2016 11:31 PM, Paul Eggert wrote: > >On 09/06/2016 01:40 PM, Joseph Myers wrote: > >>Sounds like a defect in C11 to me - none of the examples of flexible > >>array > >>members anticipate needing to add to the size to allow for tail padding > >>with unknown alignment requirements. > > > >Yes, I would prefer calling it a defect, as most code I've seen dealing > >with flexible array members does not align the tail size. However, GCC + > >valgrind does take advantage of this "defect" and I would not be > >surprised if other picky implementations do too. > > It might be an inherent limitation of the valgrind approach. > Speculative loads which cannot result in data races (in the C11 sense) > due to the way the architecture behaves should be fine. The alignment > ensures that the load is on the same page, which is what typically > prevent this optimization.
It might or might not be an issue for valgrind. If valgrind believes the memory isn't in valid memory then it will complain about an invalid access. But if the memory is accessible but uninitialised then it will just track the undefinedness complain later if such a value is used. > Some implementation techniques for C string functions result in the same > behavior. valgrind intercepts them or suppresses errors there, but > that's not possible for code that GCC emits inline, obviously. valgrind also has --partial-loads-ok (which in newer versions defaults to =yes): Controls how Memcheck handles 32-, 64-, 128- and 256-bit naturally aligned loads from addresses for which some bytes are addressable and others are not. When yes, such loads do not produce an address error. Instead, loaded bytes originating from illegal addresses are marked as uninitialised, and those corresponding to legal addresses are handled in the normal way. > valgrind would still treat the bytes beyond the allocation boundary as > undefined. But I agree that false positives in this area are annoying. Does anybody have an example program of the above issue compiled with gcc that produces false positives with valgrind? Thanks, Mark
