Re: [Valgrind-users] Valgrind not finding issue with writing/reading past array?
This is in fact documented in the FAQ here:
https://valgrind.org/docs/manual/faq.html#faq.overruns
The fact it's an array is not actually important - there is no
overrun detection for any global or stack variables.
The reason is that because valgrind is operating on an existing
binary there is no way to insert guards between variables because
the compiler has already fixed the layout - for the heap valgrind
can replace the allocate with one that adds guards around each
allocated block.
The tool Philippe refers to tried to use debug information where
possible to spot out of bounds writes but it wasn't very successful.
Better is to use address sanitizer, which requires recompilation
but because of that it is able to add guards around variables.
Tom
On 26/09/2022 21:20, Philippe Waroquiers wrote:
Valgrind does not check out of bound write in arrays, unless these arrays are
malloc-ed
(and so valgrind can detect the write out of the limit of the malloc-ed block).
Valgrind used to contain an experimental tool (sgcheck) that did such stack
array checks,
but it had several limitations and problems, and was removed.
Thanks
Philippe
On Mon, 2022-09-26 at 14:13 -0600, Grant Schoep wrote:
So I noticed something in my code that looked wrong to me, but valgrind didn't
report
anything. I made a small example of it, and still no findings. I'm sure this
code is
reading/writing past its array. But valgind doesn't say anything.
I'm I not understanding something or is this a bug.
Using:
valgrind-3.19.0, gcc 4.8.5, CentOS 7
I also tried
valgrind-3.19.0, gcc 7.3.1, Amazon Linux 2
Here is the code.
--
#include
#include
int main()
{
char retStr[32];
// this is bad right? 40 bytes when above was 32?
memset(retStr, 'F', 40);
// These are "writing" past the allocated memory?
retStr[32] = 'A';
retStr[33] = 'B';
// These should be fine
printf("*** retStr is %c\n", retStr[30]);
printf("*** retStr is %c\n", retStr[31]);
// These are reading past allocated memory?
printf("*** retStr is %c\n", retStr[32]);
printf("*** retStr is %c\n", retStr[33]);
return 0;
}
---
Compiled:
"gcc filename.cxx"
Ran via this command
"valgrind ./a.out"
___
Valgrind-users mailing list
Valgrind-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/valgrind-users
___
Valgrind-users mailing list
Valgrind-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/valgrind-users
--
Tom Hughes (t...@compton.nu)
http://compton.nu/
___
Valgrind-users mailing list
Valgrind-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/valgrind-users
Re: [Valgrind-users] Valgrind not finding issue with writing/reading past array?
Valgrind does not check out of bound write in arrays, unless these arrays are
malloc-ed
(and so valgrind can detect the write out of the limit of the malloc-ed block).
Valgrind used to contain an experimental tool (sgcheck) that did such stack
array checks,
but it had several limitations and problems, and was removed.
Thanks
Philippe
On Mon, 2022-09-26 at 14:13 -0600, Grant Schoep wrote:
> So I noticed something in my code that looked wrong to me, but valgrind
> didn't report
> anything. I made a small example of it, and still no findings. I'm sure this
> code is
> reading/writing past its array. But valgind doesn't say anything.
>
> I'm I not understanding something or is this a bug.
>
> Using:
> valgrind-3.19.0, gcc 4.8.5, CentOS 7
>
> I also tried
> valgrind-3.19.0, gcc 7.3.1, Amazon Linux 2
>
> Here is the code.
> --
> #include
> #include
>
> int main()
> {
> char retStr[32];
>
> // this is bad right? 40 bytes when above was 32?
> memset(retStr, 'F', 40);
>
> // These are "writing" past the allocated memory?
> retStr[32] = 'A';
> retStr[33] = 'B';
>
> // These should be fine
> printf("*** retStr is %c\n", retStr[30]);
> printf("*** retStr is %c\n", retStr[31]);
>
> // These are reading past allocated memory?
> printf("*** retStr is %c\n", retStr[32]);
> printf("*** retStr is %c\n", retStr[33]);
>
> return 0;
> }
> ---
>
>
> Compiled:
> "gcc filename.cxx"
>
> Ran via this command
> "valgrind ./a.out"
>
>
>
> ___
> Valgrind-users mailing list
> Valgrind-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/valgrind-users
___
Valgrind-users mailing list
Valgrind-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/valgrind-users
[Valgrind-users] Valgrind not finding issue with writing/reading past array?
So I noticed something in my code that looked wrong to me, but valgrind
didn't report anything. I made a small example of it, and still no
findings. I'm sure this code is reading/writing past its array. But valgind
doesn't say anything.
I'm I not understanding something or is this a bug.
Using:
valgrind-3.19.0, gcc 4.8.5, CentOS 7
I also tried
valgrind-3.19.0, gcc 7.3.1, Amazon Linux 2
Here is the code.
--
#include
#include
int main()
{
char retStr[32];
// this is bad right? 40 bytes when above was 32?
memset(retStr, 'F', 40);
// These are "writing" past the allocated memory?
retStr[32] = 'A';
retStr[33] = 'B';
// These should be fine
printf("*** retStr is %c\n", retStr[30]);
printf("*** retStr is %c\n", retStr[31]);
// These are reading past allocated memory?
printf("*** retStr is %c\n", retStr[32]);
printf("*** retStr is %c\n", retStr[33]);
return 0;
}
---
Compiled:
"gcc filename.cxx"
Ran via this command
"valgrind ./a.out"
___
Valgrind-users mailing list
Valgrind-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/valgrind-users
