https://bugs.kde.org/show_bug.cgi?id=424788

            Bug ID: 424788
           Summary: Memcheck cannot detect that the dst and src pointers
                    in the memcpy() related functions overlap.
           Product: valgrind
           Version: unspecified
          Platform: Ubuntu Packages
                OS: Other
            Status: REPORTED
          Severity: normal
          Priority: NOR
         Component: memcheck
          Assignee: jsew...@acm.org
          Reporter: 906497...@qq.com
  Target Milestone: ---

code:
#include<stdlib.h>
#include<malloc.h>
#include<string.h>
void test()
{
  int *p = malloc(sizeof(int)*10);
  p[10] = 7;  
  memcpy(p+1, p, 5); 
  free(p);
  free(p);   
  int *p1;
  p1 = 1; 
}
int main(void)
{
  test();
  return 0;
}

OBSERVED RESULT

==6356== Memcheck, a memory error detector
==6356== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al.
==6356== Using Valgrind-3.16.1 and LibVEX; rerun with -h for copyright info
==6356== Command: ./test
==6356== 
==6356== Invalid write of size 4
==6356==    at 0x1091AB: test (in /home/alwyn/文档/test)
==6356==    by 0x109201: main (in /home/alwyn/文档/test)
==6356==  Address 0x4a51068 is 0 bytes after a block of size 40 alloc'd
==6356==    at 0x483B7FB: malloc (vg_replace_malloc.c:307)
==6356==    by 0x10919E: test (in /home/alwyn/文档/test)
==6356==    by 0x109201: main (in /home/alwyn/文档/test)
==6356== 
==6356== Invalid free() / delete / delete[] / realloc()
==6356==    at 0x483C9FC: free (vg_replace_malloc.c:538)
==6356==    by 0x1091E4: test (in /home/alwyn/文档/test)
==6356==    by 0x109201: main (in /home/alwyn/文档/test)
==6356==  Address 0x4a51040 is 0 bytes inside a block of size 40 free'd
==6356==    at 0x483C9FC: free (vg_replace_malloc.c:538)
==6356==    by 0x1091D8: test (in /home/alwyn/文档/test)
==6356==    by 0x109201: main (in /home/alwyn/文档/test)
==6356==  Block was alloc'd at
==6356==    at 0x483B7FB: malloc (vg_replace_malloc.c:307)
==6356==    by 0x10919E: test (in /home/alwyn/文档/test)
==6356==    by 0x109201: main (in /home/alwyn/文档/test)
==6356== 
==6356== 
==6356== HEAP SUMMARY:
==6356==     in use at exit: 0 bytes in 0 blocks
==6356==   total heap usage: 1 allocs, 2 frees, 40 bytes allocated
==6356== 
==6356== All heap blocks were freed -- no leaks are possible
==6356== 
==6356== For lists of detected and suppressed errors, rerun with: -s
==6356== ERROR SUMMARY: 2 errors from 2 contexts (suppressed: 0 from 0)


EXPECTED RESULT

==28293== Invalid write of size 4  
==28293==    at 0x8048498: test (in /home/ken/work/test)
==28293==    by 0x80484E6: main (in /home/ken/work/test)
==28293==  Address 0x41fe050 is 0 bytes after a block of size 40 alloc'd
==28293==    at 0x402A298: malloc (vg_replace_malloc.c:299)
==28293==    by 0x804848E: test (in /home/ken/work/test)
==28293==    by 0x80484E6: main (in /home/ken/work/test)
==28293== 
==28293== Source and destination overlap in memcpy(0x41fe02c, 0x41fe028, 5)  
==28293==    at 0x402E943: memcpy (vg_replace_strmem.c:1019)
==28293==    by 0x80484BA: test (in /home/ken/work/test)
==28293==    by 0x80484E6: main (in /home/ken/work/test)
==28293== 
==28293== Invalid free() / delete / delete[] / realloc()
==28293==    at 0x402B305: free (vg_replace_malloc.c:530)
==28293==    by 0x80484D0: test (in /home/ken/work/test)
==28293==    by 0x80484E6: main (in /home/ken/work/test)
==28293==  Address 0x41fe028 is 0 bytes inside a block of size 40 free'd
==28293==    at 0x402B305: free (vg_replace_malloc.c:530)
==28293==    by 0x80484C5: test (in /home/ken/work/test)
==28293==    by 0x80484E6: main (in /home/ken/work/test)
==28293==  Block was alloc'd at
==28293==    at 0x402A298: malloc (vg_replace_malloc.c:299)
==28293==    by 0x804848E: test (in /home/ken/work/test)
==28293==    by 0x80484E6: main (in /home/ken/work/test)
==28293== 
==28293== Use of uninitialised value of size 4  
==28293==    at 0x80484D4: test (in /home/ken/work/test)
==28293==    by 0x80484E6: main (in /home/ken/work/test)
==28293== 
==28293== 
==28293== Process terminating with default action of signal 11 (SIGSEGV)
==28293==  Bad permissions for mapped region at address 0x40804AD
==28293==    at 0x80484D4: test (in /home/ken/work/test)
==28293==    by 0x80484E6: main (in /home/ken/work/test)
==28293== 
==28293== HEAP SUMMARY:
==28293==     in use at exit: 0 bytes in 0 blocks
==28293==   total heap usage: 1 allocs, 2 frees, 40 bytes allocated
==28293== 
==28293== All heap blocks were freed -- no leaks are possible
==28293== 
==28293== For counts of detected and suppressed errors, rerun with: -v
==28293== Use --track-origins=yes to see where uninitialised values come from
==28293== ERROR SUMMARY: 4 errors from 4 contexts (suppressed: 0 from 0)

SOFTWARE/OS VERSIONS
Linux/KDE Plasma: Ubuntu20.04

ADDITIONAL INFORMATION

-- 
You are receiving this mail because:
You are watching all bug changes.

Reply via email to