https://bugs.kde.org/show_bug.cgi?id=484002
Bug ID: 484002 Summary: Add suppression for invalid read in glibc's __wcpncpy_avx2() via wcsxfrm() Classification: Developer tools Product: valgrind Version: 3.22.0 Platform: Other OS: Linux Status: REPORTED Severity: normal Priority: NOR Component: memcheck Assignee: jsew...@acm.org Reporter: sl...@coaxion.net Target Milestone: --- SUMMARY The following C testcase reliably gives an invalid read inside glibc. glibc developers suggest that this is fine and just needs a suppression to be added to valgrind. See https://sourceware.org/bugzilla/show_bug.cgi?id=31509 for discussion. -------- #include <stdio.h> #include <stdlib.h> #include <string.h> #include <wchar.h> int main() { const wchar_t in[] = {L'a', L'b', L'c', 0}; wchar_t out[3+1] = {0, }; printf("%p %p\n", in, out); size_t res = wcsxfrm(out, in, 3); printf("%lu\n", res); wchar_t *in2 = malloc(sizeof(wchar_t) * 4); memcpy(in2, in, sizeof(in)); printf("%p %p\n", in2, out); res = wcsxfrm(out, in2, 3); printf("%lu\n", res); free(in2); wchar_t *in3 = malloc(sizeof(wchar_t) * 4); memcpy(in3, in, sizeof(in)); printf("%p %p\n", in3, out); res = wcsxfrm(out, in3, 3); printf("%lu\n", res); free(in3); } -------- ==139735== Memcheck, a memory error detector ==139735== Copyright (C) 2002-2022, and GNU GPL'd, by Julian Seward et al. ==139735== Using Valgrind-3.22.0 and LibVEX; rerun with -h for copyright info ==139735== Command: ./test ==139735== 0x1fff000330 0x1fff000320 3 0x4a5c480 0x1fff000320 3 0x4a5c4d0 0x1fff000320 ==139735== Invalid read of size 32 ==139735== at 0x49DAA2E: __wcpncpy_avx2 (strncpy-avx2.S:85) ==139735== by 0x493C560: wcsxfrm_l (strxfrm_l.c:679) ==139735== by 0x4012A1: main (in /home/slomo/tmp/test/test) ==139735== Address 0x4a5c4d0 is 0 bytes inside a block of size 16 alloc'd ==139735== at 0x484280F: malloc (vg_replace_malloc.c:442) ==139735== by 0x401258: main (in /home/slomo/tmp/test/test) ==139735== 3 ==139735== ==139735== HEAP SUMMARY: ==139735== in use at exit: 0 bytes in 0 blocks ==139735== total heap usage: 3 allocs, 3 frees, 1,056 bytes allocated ==139735== ==139735== All heap blocks were freed -- no leaks are possible ==139735== ==139735== For lists of detected and suppressed errors, rerun with: -s ==139735== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0) SOFTWARE/OS VERSIONS This is with valgrind 3.22.0 and glibc 2.38 on Fedora 39. x86-64. -- You are receiving this mail because: You are watching all bug changes.