I went crazy tracking memory errors in a medium sized project. I minimized one to the bottom code and checked that this triggered Valgrind warnings about invalid reading in comment numbers. I am using g ++ 4.8.2 (Debian 4.8.2-16) for the project, compiling with -std = C ++ 11 -O0. g ++ 4.7.0 also generates errors, like 4.4.6 in a slightly modified version (to remove C ++ 11). clang ++ does not lead to errors and VS2013.
My question is:
Am I unknowingly engaging in undefined behavior?
Is this Valgrind false positive, and if so, how can I assure myself of this / similar situations in the future?
This code is rather fragile - especially if foo accepts coordination by reference, fixes the problem, and also selects larger types for Coord so that the size in memory exceeds 8 bytes.
#include <cassert>
#include <iostream>
#include <vector>
class Coord {
public:
bool row, col, layer;
};
void foo(Coord wtf) { }
std::vector<Coord> baz() {
std::vector<Coord> bees;
for (int i = 0; i < 4; ++i) {
bees.push_back({1, 1, 1});
}
return bees;
}
int main(int argc, char** argv) {
auto vec = baz();
assert(vec.size() > 3);
Coord bbb = vec[3];
foo(bbb);
static int i = 0;
foo(vec.at(3));
Coord& ccc = vec[3];
foo(ccc);
}
Valgrind Output:
==17700== Memcheck, a memory error detector
==17700== Copyright (C) 2002-2013, and GNU GPL'd, by Julian Seward et al.
==17700== Using Valgrind-3.9.0 and LibVEX; rerun with -h for copyright info
==17700== Command: ./a.out
==17700==
==17700== Invalid read of size 8
==17700== at 0x400BC9: main (in /home/alexr/projects/suncatcher/a.out)
==17700== Address 0x59f80e9 is 9 bytes inside a block of size 12 alloc'd
==17700== at 0x4C27A00: operator new(unsigned long) (vg_replace_malloc.c:319)
==17700== by 0x40150A: __gnu_cxx::new_allocator<Coord>::allocate(unsigned long, void const*) (in /home/alexr/projects/suncatcher/a.out)
==17700== by 0x4013A2: std::_Vector_base<Coord, std::allocator<Coord> >::_M_allocate(unsigned long) (in /home/alexr/projects/suncatcher/a.out)
==17700== by 0x401061: void std::vector<Coord, std::allocator<Coord> >::_M_emplace_back_aux<Coord>(Coord&&) (in /home/alexr/projects/suncatcher/a.out)
==17700== by 0x400F02: void std::vector<Coord, std::allocator<Coord> >::emplace_back<Coord>(Coord&&) (in /home/alexr/projects/suncatcher/a.out)
==17700== by 0x400D25: std::vector<Coord, std::allocator<Coord> >::push_back(Coord&&) (in /home/alexr/projects/suncatcher/a.out)
==17700== by 0x400B17: baz() (in /home/alexr/projects/suncatcher/a.out)
==17700== by 0x400B64: main (in /home/alexr/projects/suncatcher/a.out)
==17700==
==17700== Invalid read of size 8
==17700== at 0x400BEA: main (in /home/alexr/projects/suncatcher/a.out)
==17700== Address 0x59f80e9 is 9 bytes inside a block of size 12 alloc'd
==17700== at 0x4C27A00: operator new(unsigned long) (vg_replace_malloc.c:319)
==17700== by 0x40150A: __gnu_cxx::new_allocator<Coord>::allocate(unsigned long, void const*) (in /home/alexr/projects/suncatcher/a.out)
==17700== by 0x4013A2: std::_Vector_base<Coord, std::allocator<Coord> >::_M_allocate(unsigned long) (in /home/alexr/projects/suncatcher/a.out)
==17700== by 0x401061: void std::vector<Coord, std::allocator<Coord> >::_M_emplace_back_aux<Coord>(Coord&&) (in /home/alexr/projects/suncatcher/a.out)
==17700== by 0x400F02: void std::vector<Coord, std::allocator<Coord> >::emplace_back<Coord>(Coord&&) (in /home/alexr/projects/suncatcher/a.out)
==17700== by 0x400D25: std::vector<Coord, std::allocator<Coord> >::push_back(Coord&&) (in /home/alexr/projects/suncatcher/a.out)
==17700== by 0x400B17: baz() (in /home/alexr/projects/suncatcher/a.out)
==17700== by 0x400B64: main (in /home/alexr/projects/suncatcher/a.out)
==17700==
==17700==
==17700== HEAP SUMMARY:
==17700== in use at exit: 0 bytes in 0 blocks
==17700== total heap usage: 3 allocs, 3 frees, 21 bytes allocated
==17700==
==17700== All heap blocks were freed
==17700==
==17700== For counts of detected and suppressed errors, rerun with: -v
==17700== ERROR SUMMARY: 2 errors from 2 contexts (suppressed: 2 from 2)
source
share