473,396 Members | 1,940 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > c / c++ > questions > valgrind errors: valid, or false positives ?

Join Bytes to post your question to a community of 473,396 software developers and data experts.

Valgrind errors: valid, or false positives ?

It's entirely possible that I'm completely in the wrong line of work,
but I don't see what Valgrind is complaining about in this code.

Invalid read/writes?

If I free the within main(), rather than within free_node_list(),
Valgrind reports 0 leaks?

OS: SuSE 9.3 Linux 2.6.11.4-21.11-default i686 i386
GCC: 3.3.5 20050117

CODE:

#include <stdio.h>
#include <stdlib.h>

struct node_tag {
int value ;
struct node_tag * next ;
} ;
typedef struct node_tag node ;

struct node_list_tag {
node * first ;
node * last ;
} ;
typedef struct node_list_tag node_list ;

int populate_node_list( node_list *, int ) ;
int print_node_list( node_list * ) ;
int free_node_list( node_list * ) ;

int
main(void) {
int i ;
node * n = NULL, * next = NULL ;
node_list nl = {0,0} ;
// populate
for ( i = 0 ; i < 100000 ; i++ )
{
populate_node_list( &nl, i ) ;
}
print_node_list( &nl ) ;
free_node_list( &nl ) ;
printf( "free()'ed node list: %p, %p\n", nl.first, nl.last ) ;
return 0 ;
}

int
populate_node_list( node_list * nlp, int val )
{
node * nn = NULL ;
nn = calloc( 1, sizeof(int) ) ;
nn->value = val;
if ( nlp->first == NULL )
nlp->first = nlp->last = nn ;
else
{
nlp->last->next = nn ;
nlp->last = nn ;
}
return 0 ;
}

int
print_node_list( node_list * nlp )
{
int i = 1 ;
node * nn = nlp->first ;

while ( nn )
{
//printf( "node: %.5d\tvalue: %.5d\n", i++, nn->value ) ;
if ( nn->next == NULL )
break ;

nn = nn->next ;
}
nlp->first = nlp->last = NULL ;

return 0 ;
}

int
free_node_list( node_list * nlp )
{
node * cur = nlp->first, * next ;
while ( cur )
{
next = cur->next ;
free( cur ) ;
cur = next ;
}
return 0 ;
}

Valgrind output (trimmed):

me@host:~/miscgcc -O0 -ggdb -o valtest valtest.c
me@host:~/miscvalgrind -v --leak-check=yes ./valtest
==21068== Memcheck, a memory error detector.
==21068== Using valgrind-3.2.1, a dynamic binary instrumentation
framework.
--21068-- Contents of /proc/version:
--21068-- Linux version 2.6.11.4-21.11-default (geeko@buildhost)
(gcc version 3.3.5 20050117 (prerelease) (SUSE Linux)) #1 Thu Feb
2 20:54:26 UTC 2006
--21068-- Arch and hwcaps: X86, x86-sse1-sse2
==21068== WARNING: new redirection conflicts with existing --
ignoring it
--21068-- new: 0x04012B60 (index ) R-0x0401DFC0 index

==21068== Invalid write of size 4
==21068== at 0x8048502: populate_node_list (valtest.c:58)
==21068== by 0x8048474: main (valtest.c:40)
==21068== Address 0x415402C is 0 bytes after a block of size 4
alloc'd
==21068== at 0x401D940: calloc (vg_replace_malloc.c:279)
==21068== by 0x80484D2: populate_node_list (valtest.c:52)
==21068== by 0x8048474: main (valtest.c:40)
node: 00001 value: 00000
==21068==
==21068== Invalid read of size 4
==21068== at 0x8048553: print_node_list (valtest.c:73)
==21068== by 0x804848A: main (valtest.c:42)
==21068== Address 0x415402C is 0 bytes after a block of size 4
alloc'd
==21068== at 0x401D940: calloc (vg_replace_malloc.c:279)
==21068== by 0x80484D2: populate_node_list (valtest.c:52)
==21068== by 0x8048474: main (valtest.c:40)
==21068==
==21068== Invalid read of size 4
==21068== at 0x804855E: print_node_list (valtest.c:76)
==21068== by 0x804848A: main (valtest.c:42)
==21068== Address 0x415402C is 0 bytes after a block of size 4
alloc'd
==21068== at 0x401D940: calloc (vg_replace_malloc.c:279)
==21068== by 0x80484D2: populate_node_list (valtest.c:52)
==21068== by 0x8048474: main (valtest.c:40)

--21068-- REDIR: 0x40A1980 (strnlen) redirected to 0x401E200
(strnlen)
free()'ed node list: (nil), (nil)
--21068-- REDIR: 0x409C640 (free) redirected to 0x401D047 (free)
==21068==
==21068== ERROR SUMMARY: 299998 errors from 3 contexts (suppressed:
11 from 1)
==21068==
==21068== 99999 errors in context 1 of 3:
==21068== Invalid read of size 4
==21068== at 0x804855E: print_node_list (valtest.c:76)
==21068== by 0x804848A: main (valtest.c:42)
==21068== Address 0x415402C is 0 bytes after a block of size 4
alloc'd
==21068== at 0x401D940: calloc (vg_replace_malloc.c:279)
==21068== by 0x80484D2: populate_node_list (valtest.c:52)
==21068== by 0x8048474: main (valtest.c:40)
==21068==
==21068== 99999 errors in context 2 of 3:
==21068== Invalid write of size 4
==21068== at 0x8048502: populate_node_list (valtest.c:58)
==21068== by 0x8048474: main (valtest.c:40)
==21068== Address 0x415402C is 0 bytes after a block of size 4
alloc'd
==21068== at 0x401D940: calloc (vg_replace_malloc.c:279)
==21068== by 0x80484D2: populate_node_list (valtest.c:52)
==21068== by 0x8048474: main (valtest.c:40)
==21068==
==21068== 100000 errors in context 3 of 3:
==21068== Invalid read of size 4
==21068== at 0x8048553: print_node_list (valtest.c:73)
==21068== by 0x804848A: main (valtest.c:42)
==21068== Address 0x415402C is 0 bytes after a block of size 4
alloc'd
==21068== at 0x401D940: calloc (vg_replace_malloc.c:279)
==21068== by 0x80484D2: populate_node_list (valtest.c:52)
==21068== by 0x8048474: main (valtest.c:40)
--21068--
--21068-- supp: 11 Ubuntu-stripped-ld.so
==21068==
==21068== IN SUMMARY: 299998 errors from 3 contexts (suppressed: 11
from 1)
==21068==
==21068== malloc/free: in use at exit: 400,000 bytes in 100,000
blocks.
==21068== malloc/free: 100,000 allocs, 0 frees, 400,000 bytes
allocated.
==21068==
==21068== searching for pointers to 100,000 not-freed blocks.
==21068== checked 56,584 bytes.
==21068==
==21068==
==21068== 400,000 bytes in 100,000 blocks are definitely lost in loss
record 1 of 1
==21068== at 0x401D940: calloc (vg_replace_malloc.c:279)
==21068== by 0x80484D2: populate_node_list (valtest.c:52)
==21068== by 0x8048474: main (valtest.c:40)
==21068==
==21068== LEAK SUMMARY:
==21068== definitely lost: 400,000 bytes in 100,000 blocks.
==21068== possibly lost: 0 bytes in 0 blocks.
==21068== still reachable: 0 bytes in 0 blocks.
==21068== suppressed: 0 bytes in 0 blocks.
Nov 4 '06 #1
4 5054
Simple Simon wrote:
It's entirely possible that I'm completely in the wrong line of work,
but I don't see what Valgrind is complaining about in this code.
[...]
struct node_tag {
int value ;
struct node_tag * next ;
} ;
typedef struct node_tag node ;
[...]
node * nn = NULL ;
nn = calloc( 1, sizeof(int) ) ;
^^^^^^^^^^^

This would not have happened if you had used the Guaranteed
100% Fat-Free All-Singing All-Dancing Preferred Idiom:

nn = calloc(1, sizeof *nn);

--
Eric Sosman
es*****@acm-dot-org.invalid
Nov 4 '06 #2
es*****@acm-dot-org.invalid wrote...
Simple Simon wrote:
It's entirely possible that I'm completely in the wrong line of work,
but I don't see what Valgrind is complaining about in this code.
[...]
struct node_tag {
int value ;
struct node_tag * next ;
} ;
typedef struct node_tag node ;
[...]
node * nn = NULL ;
nn = calloc( 1, sizeof(int) ) ;
^^^^^^^^^^^

This would not have happened if you had used the Guaranteed
100% Fat-Free All-Singing All-Dancing Preferred Idiom:

nn = calloc(1, sizeof *nn);
Oh, fuck.

"Career-Changes-R-Us? Send me a pamphlet right away."

Nov 4 '06 #3
Simple Simon <ss****@domain.invalidwrites:
It's entirely possible that I'm completely in the wrong line of work,
but I don't see what Valgrind is complaining about in this code.
Perhaps this Insure++ report will make it clearer for you?
It contains the exact same info, except line numbers have changed.

VG output from your test case on my machine:

==19256== Invalid write of size 4
==19256== at 0x80484B2: populate_node_list (junk.c:46)
==19256== by 0x8048424: main (junk.c:28)
==19256== Address 0x1B91802C is 0 bytes after a block of size 4 alloc'd
==19256== at 0x1B902BD5: calloc (vg_replace_malloc.c:175)
==19256== by 0x8048482: populate_node_list (junk.c:40)
==19256== by 0x8048424: main (junk.c:28)

Insure output from the same:

[junk.c:46] **WRITE_OVERFLOW**
> nlp->last->next = nn ;
Structure reference out of range: (nlp->last)

bbbbb
| 4 | 4 |
wwwww

Writing (w) : 0x0894c01c thru 0x0894c01f (4 bytes)
To block (b) : 0x0894c018 thru 0x0894c01b (4 bytes)
nn, allocated at junk.c, 40
calloc() (interface)
populate_node_list() junk.c, 40
main() junk.c, 28

Stack trace where the error occurred:
populate_node_list() junk.c, 46
main() junk.c, 28

**Memory corrupted. Program may crash!!**
Invalid read/writes?
Yes, writing beyond allocated memory is invalid.
If I free the within main(), rather than within free_node_list(),
Valgrind reports 0 leaks?
Where you free (or whether you free at all) has nothing to do with
invalid writes.
int
populate_node_list( node_list * nlp, int val )
{
node * nn = NULL ;
This is line 40:
nn = calloc( 1, sizeof(int) ) ;
Should be:

nn = calloc( 1, sizeof(*nn) ) ;
nn->value = val;
if ( nlp->first == NULL )
nlp->first = nlp->last = nn ;
else
{
nlp->last->next = nn ;
nlp->last = nn ;
}
return 0 ;
}
After the fix above, all invalid read/writes are gone, and you are just left with

==19303== LEAK SUMMARY:
==19303== definitely lost: 515528 bytes in 64441 blocks.

Here is what Insure has to tell you about that leak:

[junk.c:66] **LEAK_ASSIGN**
> nlp->first = nlp->last = NULL ;
Memory leaked due to pointer reassignment: nn

Lost block : 0x09632018 thru 0x0963201f (8 bytes)
nn, allocated at junk.c, 40
calloc() (interface)
populate_node_list() junk.c, 40
main() junk.c, 28

Stack trace where the error occurred:
print_node_list() junk.c, 66
main() junk.c, 30

[junk.c:68] **LEAK_SCOPE**
> return 0 ;
Memory leaked leaving scope: nn

Lost block : 0x096321c8 thru 0x096321cf (8 bytes)
nn, allocated at junk.c, 40
calloc() (interface)
populate_node_list() junk.c, 40
main() junk.c, 28

Stack trace where the error occurred:
print_node_list() junk.c, 68
main() junk.c, 30
It is unusual for "print-data-structure" routine to modify that
structure. In your case, line 66 should be deleted entirely.

nlp->first = nlp->last = NULL ; // line 66
Cheers,
--
In order to understand recursion you must first understand recursion.
Remove /-nsp/ for email.
Nov 4 '06 #4
pp*************@charter.net wrote...
Simple Simon <ss****@domain.invalidwrites:
It's entirely possible that I'm completely in the wrong line of work,
but I don't see what Valgrind is complaining about in this code.

Perhaps this Insure++ report will make it clearer for you?
It contains the exact same info, except line numbers have changed.
Insure++, and your post, are stunningly illuminating. Thank you for
the time you took on this.

That bug in print_node_list() was just stoopid programmer stuff --
that assignment was supposed to be in free_node_list() instead.
VG output from your test case on my machine:

==19256== Invalid write of size 4
==19256== at 0x80484B2: populate_node_list (junk.c:46)
==19256== by 0x8048424: main (junk.c:28)
==19256== Address 0x1B91802C is 0 bytes after a block of size 4 alloc'd
==19256== at 0x1B902BD5: calloc (vg_replace_malloc.c:175)
==19256== by 0x8048482: populate_node_list (junk.c:40)
==19256== by 0x8048424: main (junk.c:28)

Insure output from the same:

[junk.c:46] **WRITE_OVERFLOW**
nlp->last->next = nn ;

Structure reference out of range: (nlp->last)

bbbbb
| 4 | 4 |
wwwww

Writing (w) : 0x0894c01c thru 0x0894c01f (4 bytes)
To block (b) : 0x0894c018 thru 0x0894c01b (4 bytes)
nn, allocated at junk.c, 40
calloc() (interface)
populate_node_list() junk.c, 40
main() junk.c, 28

Stack trace where the error occurred:
populate_node_list() junk.c, 46
main() junk.c, 28

**Memory corrupted. Program may crash!!**
Invalid read/writes?

Yes, writing beyond allocated memory is invalid.
If I free the within main(), rather than within free_node_list(),
Valgrind reports 0 leaks?

Where you free (or whether you free at all) has nothing to do with
invalid writes.
int
populate_node_list( node_list * nlp, int val )
{
node * nn = NULL ;

This is line 40:
nn = calloc( 1, sizeof(int) ) ;

Should be:

nn = calloc( 1, sizeof(*nn) ) ;
nn->value = val;
if ( nlp->first == NULL )
nlp->first = nlp->last = nn ;
else
{
nlp->last->next = nn ;
nlp->last = nn ;
}
return 0 ;
}

After the fix above, all invalid read/writes are gone, and you are just left with

==19303== LEAK SUMMARY:
==19303== definitely lost: 515528 bytes in 64441 blocks.

Here is what Insure has to tell you about that leak:

[junk.c:66] **LEAK_ASSIGN**
nlp->first = nlp->last = NULL ;

Memory leaked due to pointer reassignment: nn

Lost block : 0x09632018 thru 0x0963201f (8 bytes)
nn, allocated at junk.c, 40
calloc() (interface)
populate_node_list() junk.c, 40
main() junk.c, 28

Stack trace where the error occurred:
print_node_list() junk.c, 66
main() junk.c, 30

[junk.c:68] **LEAK_SCOPE**
return 0 ;

Memory leaked leaving scope: nn

Lost block : 0x096321c8 thru 0x096321cf (8 bytes)
nn, allocated at junk.c, 40
calloc() (interface)
populate_node_list() junk.c, 40
main() junk.c, 28

Stack trace where the error occurred:
print_node_list() junk.c, 68
main() junk.c, 30
It is unusual for "print-data-structure" routine to modify that
structure. In your case, line 66 should be deleted entirely.

nlp->first = nlp->last = NULL ; // line 66
Cheers,
Nov 4 '06 #5
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

16
Script to determine valid email address by querying server
by: siliconmike | last post by:
Hi, I'm looking for a reliable script that would connect to a host and somehow determine whether an email address is valid. since getmxrr() only gets the mx records.. Links/pointers ? Mike
PHP
1
valgrind python 2.3.4
by: Jerald | last post by:
Running python 2.3.4 on valgrind (a tool like purify which checks the use of uninitialized memory, etc), gives a lot of errors. See below. jfj@cluster:~/> python -V Python 2.3.4...
Python
33
spliting a list by nth items
by: Steven Bethard | last post by:
I feel like this has probably been answered before, but I couldn't find something quite like it in the archives. Feel free to point me somewhere if you know where this has already been answered. ...
Python
12
Why is this valid HTML?
by: Mr. Clean | last post by:
As you may know, spammer use this technique to get by filters. <!H>It<!W> is<!N> <!K>a<!L> w<!Q>el<!Q>l <!X>k<!O>now<!B>n <!F>f<!G>a<!V>c<!O>t <!S>th<!B>at p<!R>eopl<!J>e<!G> <!Z>who...
HTML / CSS
2
Valgrind says "Invalid read of size 4". What's the problem?
by: hvaisane | last post by:
Valgrind says ==11604== Invalid read of size 4 ==11604== at 0x8048ABB: main (foo.cc:36) ==11604== Address 0x1B92415C is 4 bytes inside a block of size 8 free'd ==11604== at 0x1B90514F:...
C / C++
9
Verify an xml file is valid
by: David Thielen | last post by:
Hi; What's the fastest way to verify that an xml file is well-formed (and valid if it has a dtd)? I don't want to pull any data out, I just want to make sure it is a good file. (When the user...
.NET Framework
1
Solving Valgrind Errors
by: dhina.jayavelu | last post by:
Hi, I Executed my project Developed in "C" with Valgrind tool with memory check option it shows these errors i don't know how to solve these errors.After getting these errors i try to put free()...
C / C++
7
Valgrind and STL
by: wwfarch | last post by:
I'm working on creating a K-Nearest Neighbor classifier and having some problems that I can't figure out. I have a header file KNNClassifier.h and its class file KNNClassifier.cc In...
C / C++
9
PHPMailer - False Positives
by: Lucanos | last post by:
Hi All, I am currently using PHPMailer to send out a set of emails on the execution of a PHP Script (obviously). My problem is that the PHPMailer action is returning a "true" result each time...
PHP
0
How to turn on java script in a villaon keypad mobile phone
by: Charles Arthur | last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
Java
0
BarryA
Navigating the Data Structures and Algorithms (DSA)
by: BarryA | last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
Algorithms / Advanced Math
1
Looking to do Android software development, any suggestions? Is flutter better?
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
General
1
Is that possible of reading the .csv file in column wise and the column have different lengths ?
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
C / C++
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware
0
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
Windows Server
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing
0
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
Windows Server

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!