* libXcursor + -finline-functions: Invalid read of size 4
@ 2014-08-08 11:15 William Brana
2014-08-11 8:43 ` Florian Weimer
0 siblings, 1 reply; 4+ messages in thread
From: William Brana @ 2014-08-08 11:15 UTC (permalink / raw)
To: gcc-help
Hello,
I'm getting warnings like following from valgrind when libXcursor is
compiled with -O2 -finline-functions and gcc 4.8.3 or 4.7.4, but not
with -O2.
Is it miscompiled or false positive?
Invalid read of size 4
at 0x8928F8F: XcursorScanTheme.part.0 (in /usr/lib64/libXcursor.so.1.0.2)
by 0x892977C: XcursorLibraryLoadImages (in /usr/lib64/libXcursor.so.1.0.2)
by 0x89298F0: XcursorLibraryLoadCursor (in /usr/lib64/libXcursor.so.1.0.2)
by 0x50A4EFF: QCursorData::update() (in /usr/lib64/qt4/libQtGui.so.4.8.5)
by 0x50A5676: QCursor::handle() const (in /usr/lib64/qt4/libQtGui.so.4.8.5)
by 0x50B38C0: qt_x11_enforce_cursor(QWidget*) (in
/usr/lib64/qt4/libQtGui.so.4.8.5)
by 0x50B9507: QWidgetPrivate::create_sys(unsigned long, bool, bool)
(in /usr/lib64/qt4/libQtGui.so.4.8.5)
by 0x505D607: QWidget::create(unsigned long, bool, bool) (in
/usr/lib64/qt4/libQtGui.so.4.8.5)
by 0x50A0952: setupOwner() (in /usr/lib64/qt4/libQtGui.so.4.8.5)
by 0x50A0C89: QClipboard::QClipboard(QObject*) (in
/usr/lib64/qt4/libQtGui.so.4.8.5)
by 0x5000373: QApplication::clipboard() (in /usr/lib64/qt4/libQtGui.so.4.8.5)
by 0x52B97B4: QTextControl::canPaste() const (in
/usr/lib64/qt4/libQtGui.so.4.8.5)
Address 0xc6ba8e0 is 16 bytes inside a block of size 19 alloc'd
at 0x4C2984F: malloc (in
/usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
by 0x8928D7A: XcursorScanTheme.part.0 (in /usr/lib64/libXcursor.so.1.0.2)
by 0x892977C: XcursorLibraryLoadImages (in /usr/lib64/libXcursor.so.1.0.2)
by 0x89298F0: XcursorLibraryLoadCursor (in /usr/lib64/libXcursor.so.1.0.2)
by 0x50A4EFF: QCursorData::update() (in /usr/lib64/qt4/libQtGui.so.4.8.5)
by 0x50A5676: QCursor::handle() const (in /usr/lib64/qt4/libQtGui.so.4.8.5)
by 0x50B38C0: qt_x11_enforce_cursor(QWidget*) (in
/usr/lib64/qt4/libQtGui.so.4.8.5)
by 0x50B9507: QWidgetPrivate::create_sys(unsigned long, bool, bool)
(in /usr/lib64/qt4/libQtGui.so.4.8.5)
by 0x505D607: QWidget::create(unsigned long, bool, bool) (in
/usr/lib64/qt4/libQtGui.so.4.8.5)
by 0x50A0952: setupOwner() (in /usr/lib64/qt4/libQtGui.so.4.8.5)
by 0x50A0C89: QClipboard::QClipboard(QObject*) (in
/usr/lib64/qt4/libQtGui.so.4.8.5)
by 0x5000373: QApplication::clipboard() (in /usr/lib64/qt4/libQtGui.so.4.8.5)
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: libXcursor + -finline-functions: Invalid read of size 4
2014-08-08 11:15 libXcursor + -finline-functions: Invalid read of size 4 William Brana
@ 2014-08-11 8:43 ` Florian Weimer
2014-08-12 14:57 ` William Brana
0 siblings, 1 reply; 4+ messages in thread
From: Florian Weimer @ 2014-08-11 8:43 UTC (permalink / raw)
To: William Brana, gcc-help
On 08/08/2014 01:15 PM, William Brana wrote:
> Hello,
> I'm getting warnings like following from valgrind when libXcursor is
> compiled with -O2 -finline-functions and gcc 4.8.3 or 4.7.4, but not
> with -O2.
> Is it miscompiled or false positive?
Can you run valgrind with debugging information? It might us tell us at
least which allocation is too short.
It could be a harmless over-read from the libc string functions
(particularly if valgrind has not been set up correctly on your system).
--
Florian Weimer / Red Hat Product Security
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: libXcursor + -finline-functions: Invalid read of size 4
2014-08-11 8:43 ` Florian Weimer
@ 2014-08-12 14:57 ` William Brana
2014-08-12 15:17 ` Florian Weimer
0 siblings, 1 reply; 4+ messages in thread
From: William Brana @ 2014-08-12 14:57 UTC (permalink / raw)
To: Florian Weimer; +Cc: gcc-help
On 8/11/14, Florian Weimer <fweimer@redhat.com> wrote:
> On 08/08/2014 01:15 PM, William Brana wrote:
>> Hello,
>> I'm getting warnings like following from valgrind when libXcursor is
>> compiled with -O2 -finline-functions and gcc 4.8.3 or 4.7.4, but not
>> with -O2.
>> Is it miscompiled or false positive?
>
> Can you run valgrind with debugging information? It might us tell us at
> least which allocation is too short.
>
> It could be a harmless over-read from the libc string functions
> (particularly if valgrind has not been set up correctly on your system).
>
> --
> Florian Weimer / Red Hat Product Security
>
gcc 4.8, libXcursor 1.1.14
From Qt application:
==43000== Invalid read of size 4
==43000== at 0x89019F3: XcursorScanTheme.part.0 (library.c:137)
==43000== by 0x8901E96: XcursorLibraryLoadImages (library.c:315)
==43000== by 0x8901F41: XcursorLibraryLoadCursor (library.c:322)
==43000== by 0x50A2A3F: QCursorData::update() (in
/usr/lib64/qt4/libQtGui.so.4.8.5)
==43000== by 0x50A31B6: QCursor::handle() const (in
/usr/lib64/qt4/libQtGui.so.4.8.5)
==43000== by 0x50B1300: qt_x11_enforce_cursor(QWidget*) (in
/usr/lib64/qt4/libQtGui.so.4.8.5)
==43000== by 0x50B6EC7: QWidgetPrivate::create_sys(unsigned long,
bool, bool) (in /usr/lib64/qt4/libQtGui.so.4.8.5)
==43000== by 0x505BC97: QWidget::create(unsigned long, bool, bool)
(in /usr/lib64/qt4/libQtGui.so.4.8.5)
==43000== by 0x509E3E2: setupOwner() (in /usr/lib64/qt4/libQtGui.so.4.8.5)
==43000== by 0x509E719: QClipboard::QClipboard(QObject*) (in
/usr/lib64/qt4/libQtGui.so.4.8.5)
==43000== by 0x4FFFA93: QApplication::clipboard() (in
/usr/lib64/qt4/libQtGui.so.4.8.5)
==43000== by 0x52ADF24: QTextControl::canPaste() const (in
/usr/lib64/qt4/libQtGui.so.4.8.5)
==43000== Address 0xd4d6ed0 is 32 bytes inside a block of size 35 alloc'd
==43000== at 0x4C2984F: malloc (in
/usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==43000== by 0x8901492: XcursorScanTheme.part.0 (library.c:117)
==43000== by 0x8901E96: XcursorLibraryLoadImages (library.c:315)
==43000== by 0x8901F41: XcursorLibraryLoadCursor (library.c:322)
==43000== by 0x50A2A3F: QCursorData::update() (in
/usr/lib64/qt4/libQtGui.so.4.8.5)
==43000== by 0x50A31B6: QCursor::handle() const (in
/usr/lib64/qt4/libQtGui.so.4.8.5)
==43000== by 0x50B1300: qt_x11_enforce_cursor(QWidget*) (in
/usr/lib64/qt4/libQtGui.so.4.8.5)
==43000== by 0x50B6EC7: QWidgetPrivate::create_sys(unsigned long,
bool, bool) (in /usr/lib64/qt4/libQtGui.so.4.8.5)
==43000== by 0x505BC97: QWidget::create(unsigned long, bool, bool)
(in /usr/lib64/qt4/libQtGui.so.4.8.5)
==43000== by 0x509E3E2: setupOwner() (in /usr/lib64/qt4/libQtGui.so.4.8.5)
==43000== by 0x509E719: QClipboard::QClipboard(QObject*) (in
/usr/lib64/qt4/libQtGui.so.4.8.5)
==43000== by 0x4FFFA93: QApplication::clipboard() (in
/usr/lib64/qt4/libQtGui.so.4.8.5)
From gtkperf:
==42827== 6 errors in context 1 of 4:
==42827== Invalid read of size 4
==42827== at 0x88D29F3: XcursorScanTheme.part.0 (library.c:137)
==42827== by 0x88D2E96: XcursorLibraryLoadImages (library.c:315)
==42827== by 0x88D328B: XcursorTryShapeCursor (xlib.c:105)
==42827== by 0x6CBD56E: XCreateGlyphCursor (in /usr/lib64/libX11.so.6.3.0)
==42827== by 0x6CBDB2C: XCreateFontCursor (in /usr/lib64/libX11.so.6.3.0)
==42827== by 0x581CD54: gdk_cursor_new_for_display (in
/usr/lib64/libgdk-x11-2.0.so.0.2400.24)
==42827== by 0x4F2866E: gtk_entry_realize (in
/usr/lib64/libgtk-x11-2.0.so.0.2400.24)
==42827== by 0x5075629: gtk_spin_button_realize (in
/usr/lib64/libgtk-x11-2.0.so.0.2400.24)
==42827== by 0x5F2144E: g_closure_invoke (in
/usr/lib64/libgobject-2.0.so.0.4000.0)
==42827== by 0x5F38310: signal_emit_unlocked_R (in
/usr/lib64/libgobject-2.0.so.0.4000.0)
==42827== by 0x5F3E931: g_signal_emit_valist (in
/usr/lib64/libgobject-2.0.so.0.4000.0)
==42827== by 0x5F3EBEA: g_signal_emit (in
/usr/lib64/libgobject-2.0.so.0.4000.0)
==42827== Address 0xb8afca0 is 32 bytes inside a block of size 35 alloc'd
==42827== at 0x4C2984F: malloc (in
/usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==42827== by 0x88D2492: XcursorScanTheme.part.0 (library.c:117)
==42827== by 0x88D2E96: XcursorLibraryLoadImages (library.c:315)
==42827== by 0x88D328B: XcursorTryShapeCursor (xlib.c:105)
==42827== by 0x6CBD56E: XCreateGlyphCursor (in /usr/lib64/libX11.so.6.3.0)
==42827== by 0x6CBDB2C: XCreateFontCursor (in /usr/lib64/libX11.so.6.3.0)
==42827== by 0x581CD54: gdk_cursor_new_for_display (in
/usr/lib64/libgdk-x11-2.0.so.0.2400.24)
==42827== by 0x4F2866E: gtk_entry_realize (in
/usr/lib64/libgtk-x11-2.0.so.0.2400.24)
==42827== by 0x5075629: gtk_spin_button_realize (in
/usr/lib64/libgtk-x11-2.0.so.0.2400.24)
==42827== by 0x5F2144E: g_closure_invoke (in
/usr/lib64/libgobject-2.0.so.0.4000.0)
==42827== by 0x5F38310: signal_emit_unlocked_R (in
/usr/lib64/libgobject-2.0.so.0.4000.0)
==42827== by 0x5F3E931: g_signal_emit_valist (in
/usr/lib64/libgobject-2.0.so.0.4000.0)
==42827==
==42827==
==42827== 6 errors in context 2 of 4:
==42827== Invalid read of size 4
==42827== at 0x88D269F: XcursorScanTheme.part.0 (library.c:137)
==42827== by 0x88D2E96: XcursorLibraryLoadImages (library.c:315)
==42827== by 0x88D328B: XcursorTryShapeCursor (xlib.c:105)
==42827== by 0x6CBD56E: XCreateGlyphCursor (in /usr/lib64/libX11.so.6.3.0)
==42827== by 0x6CBDB2C: XCreateFontCursor (in /usr/lib64/libX11.so.6.3.0)
==42827== by 0x581CD54: gdk_cursor_new_for_display (in
/usr/lib64/libgdk-x11-2.0.so.0.2400.24)
==42827== by 0x4F2866E: gtk_entry_realize (in
/usr/lib64/libgtk-x11-2.0.so.0.2400.24)
==42827== by 0x5075629: gtk_spin_button_realize (in
/usr/lib64/libgtk-x11-2.0.so.0.2400.24)
==42827== by 0x5F2144E: g_closure_invoke (in
/usr/lib64/libgobject-2.0.so.0.4000.0)
==42827== by 0x5F38310: signal_emit_unlocked_R (in
/usr/lib64/libgobject-2.0.so.0.4000.0)
==42827== by 0x5F3E931: g_signal_emit_valist (in
/usr/lib64/libgobject-2.0.so.0.4000.0)
==42827== by 0x5F3EBEA: g_signal_emit (in
/usr/lib64/libgobject-2.0.so.0.4000.0)
==42827== Address 0xb8afca0 is 32 bytes inside a block of size 35 alloc'd
==42827== at 0x4C2984F: malloc (in
/usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==42827== by 0x88D2492: XcursorScanTheme.part.0 (library.c:117)
==42827== by 0x88D2E96: XcursorLibraryLoadImages (library.c:315)
==42827== by 0x88D328B: XcursorTryShapeCursor (xlib.c:105)
==42827== by 0x6CBD56E: XCreateGlyphCursor (in /usr/lib64/libX11.so.6.3.0)
==42827== by 0x6CBDB2C: XCreateFontCursor (in /usr/lib64/libX11.so.6.3.0)
==42827== by 0x581CD54: gdk_cursor_new_for_display (in
/usr/lib64/libgdk-x11-2.0.so.0.2400.24)
==42827== by 0x4F2866E: gtk_entry_realize (in
/usr/lib64/libgtk-x11-2.0.so.0.2400.24)
==42827== by 0x5075629: gtk_spin_button_realize (in
/usr/lib64/libgtk-x11-2.0.so.0.2400.24)
==42827== by 0x5F2144E: g_closure_invoke (in
/usr/lib64/libgobject-2.0.so.0.4000.0)
==42827== by 0x5F38310: signal_emit_unlocked_R (in
/usr/lib64/libgobject-2.0.so.0.4000.0)
==42827== by 0x5F3E931: g_signal_emit_valist (in
/usr/lib64/libgobject-2.0.so.0.4000.0)
==42827==
==42827==
==42827== 6 errors in context 3 of 4:
==42827== Invalid read of size 4
==42827== at 0x88D29DC: XcursorScanTheme.part.0 (library.c:137)
==42827== by 0x88D2E21: XcursorLibraryLoadImages (library.c:229)
==42827== by 0x88D328B: XcursorTryShapeCursor (xlib.c:105)
==42827== by 0x6CBD56E: XCreateGlyphCursor (in /usr/lib64/libX11.so.6.3.0)
==42827== by 0x6CBDB2C: XCreateFontCursor (in /usr/lib64/libX11.so.6.3.0)
==42827== by 0x581CD54: gdk_cursor_new_for_display (in
/usr/lib64/libgdk-x11-2.0.so.0.2400.24)
==42827== by 0x4F2866E: gtk_entry_realize (in
/usr/lib64/libgtk-x11-2.0.so.0.2400.24)
==42827== by 0x5075629: gtk_spin_button_realize (in
/usr/lib64/libgtk-x11-2.0.so.0.2400.24)
==42827== by 0x5F2144E: g_closure_invoke (in
/usr/lib64/libgobject-2.0.so.0.4000.0)
==42827== by 0x5F38310: signal_emit_unlocked_R (in
/usr/lib64/libgobject-2.0.so.0.4000.0)
==42827== by 0x5F3E931: g_signal_emit_valist (in
/usr/lib64/libgobject-2.0.so.0.4000.0)
==42827== by 0x5F3EBEA: g_signal_emit (in
/usr/lib64/libgobject-2.0.so.0.4000.0)
==42827== Address 0xb8aa4f4 is 20 bytes inside a block of size 23 alloc'd
==42827== at 0x4C2984F: malloc (in
/usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==42827== by 0x88D2492: XcursorScanTheme.part.0 (library.c:117)
==42827== by 0x88D2E21: XcursorLibraryLoadImages (library.c:229)
==42827== by 0x88D328B: XcursorTryShapeCursor (xlib.c:105)
==42827== by 0x6CBD56E: XCreateGlyphCursor (in /usr/lib64/libX11.so.6.3.0)
==42827== by 0x6CBDB2C: XCreateFontCursor (in /usr/lib64/libX11.so.6.3.0)
==42827== by 0x581CD54: gdk_cursor_new_for_display (in
/usr/lib64/libgdk-x11-2.0.so.0.2400.24)
==42827== by 0x4F2866E: gtk_entry_realize (in
/usr/lib64/libgtk-x11-2.0.so.0.2400.24)
==42827== by 0x5075629: gtk_spin_button_realize (in
/usr/lib64/libgtk-x11-2.0.so.0.2400.24)
==42827== by 0x5F2144E: g_closure_invoke (in
/usr/lib64/libgobject-2.0.so.0.4000.0)
==42827== by 0x5F38310: signal_emit_unlocked_R (in
/usr/lib64/libgobject-2.0.so.0.4000.0)
==42827== by 0x5F3E931: g_signal_emit_valist (in
/usr/lib64/libgobject-2.0.so.0.4000.0)
==42827==
==42827==
==42827== 6 errors in context 4 of 4:
==42827== Invalid read of size 4
==42827== at 0x88D268A: XcursorScanTheme.part.0 (library.c:137)
==42827== by 0x88D2E21: XcursorLibraryLoadImages (library.c:229)
==42827== by 0x88D328B: XcursorTryShapeCursor (xlib.c:105)
==42827== by 0x6CBD56E: XCreateGlyphCursor (in /usr/lib64/libX11.so.6.3.0)
==42827== by 0x6CBDB2C: XCreateFontCursor (in /usr/lib64/libX11.so.6.3.0)
==42827== by 0x581CD54: gdk_cursor_new_for_display (in
/usr/lib64/libgdk-x11-2.0.so.0.2400.24)
==42827== by 0x4F2866E: gtk_entry_realize (in
/usr/lib64/libgtk-x11-2.0.so.0.2400.24)
==42827== by 0x5075629: gtk_spin_button_realize (in
/usr/lib64/libgtk-x11-2.0.so.0.2400.24)
==42827== by 0x5F2144E: g_closure_invoke (in
/usr/lib64/libgobject-2.0.so.0.4000.0)
==42827== by 0x5F38310: signal_emit_unlocked_R (in
/usr/lib64/libgobject-2.0.so.0.4000.0)
==42827== by 0x5F3E931: g_signal_emit_valist (in
/usr/lib64/libgobject-2.0.so.0.4000.0)
==42827== by 0x5F3EBEA: g_signal_emit (in
/usr/lib64/libgobject-2.0.so.0.4000.0)
==42827== Address 0xb8aa4f4 is 20 bytes inside a block of size 23 alloc'd
==42827== at 0x4C2984F: malloc (in
/usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==42827== by 0x88D2492: XcursorScanTheme.part.0 (library.c:117)
==42827== by 0x88D2E21: XcursorLibraryLoadImages (library.c:229)
==42827== by 0x88D328B: XcursorTryShapeCursor (xlib.c:105)
==42827== by 0x6CBD56E: XCreateGlyphCursor (in /usr/lib64/libX11.so.6.3.0)
==42827== by 0x6CBDB2C: XCreateFontCursor (in /usr/lib64/libX11.so.6.3.0)
==42827== by 0x581CD54: gdk_cursor_new_for_display (in
/usr/lib64/libgdk-x11-2.0.so.0.2400.24)
==42827== by 0x4F2866E: gtk_entry_realize (in
/usr/lib64/libgtk-x11-2.0.so.0.2400.24)
==42827== by 0x5075629: gtk_spin_button_realize (in
/usr/lib64/libgtk-x11-2.0.so.0.2400.24)
==42827== by 0x5F2144E: g_closure_invoke (in
/usr/lib64/libgobject-2.0.so.0.4000.0)
==42827== by 0x5F38310: signal_emit_unlocked_R (in
/usr/lib64/libgobject-2.0.so.0.4000.0)
==42827== by 0x5F3E931: g_signal_emit_valist (in
/usr/lib64/libgobject-2.0.so.0.4000.0)
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: libXcursor + -finline-functions: Invalid read of size 4
2014-08-12 14:57 ` William Brana
@ 2014-08-12 15:17 ` Florian Weimer
0 siblings, 0 replies; 4+ messages in thread
From: Florian Weimer @ 2014-08-12 15:17 UTC (permalink / raw)
To: William Brana; +Cc: gcc-help
On 08/12/2014 04:57 PM, William Brana wrote:
>> Can you run valgrind with debugging information? It might us tell us at
>> least which allocation is too short.
>>
>> It could be a harmless over-read from the libc string functions
>> (particularly if valgrind has not been set up correctly on your system).
> ==43000== at 0x89019F3: XcursorScanTheme.part.0 (library.c:137)
From library.c:
137 full = malloc (strlen (dir) + 1 + strlen (subdir) + 1 +
strlen (file) + 1);
So this looks indeed like a strlen implementation (possibly inlined)
which is not properly instrumented.
--
Florian Weimer / Red Hat Product Security
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2014-08-12 15:17 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2014-08-08 11:15 libXcursor + -finline-functions: Invalid read of size 4 William Brana
2014-08-11 8:43 ` Florian Weimer
2014-08-12 14:57 ` William Brana
2014-08-12 15:17 ` Florian Weimer
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).