Valgrind打破dirname？

Question

==11136== Invalid read of size 8 
==11136== at 0x5AFC696: memrchr (memrchr.S:289) 
==11136== by 0x5B57FAF: dirname (dirname.c:45) 
==11136== by 0x405F43: push::lg_cmd_dirname(push::Env&) (LGExtension.cpp:379) 
==11136== by 0x42533C: push::Instruction::operator()(push::Env&) const (in /home/bots/svn/eco/branches/skynet_BigPUSH/src/push3.0/extension/push_bloodline) 
==11136== by 0x488ECD: push::Env::go(int) (Env.cpp:72) 
==11136== by 0x4A84D5: main (bloodline.cpp:99) 
==11136== Address 0x640daf8 is 8 bytes inside a block of size 10 alloc'd 
==11136== at 0x4C2B6CD: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) 
==11136== by 0x5AEF801: strdup (strdup.c:43) 
==11136== by 0x405EF2: push::lg_cmd_dirname(push::Env&) (LGExtension.cpp:369) 
==11136== by 0x42533C: push::Instruction::operator()(push::Env&) const (in /home/bots/svn/eco/branches/skynet_BigPUSH/src/push3.0/extension/push_bloodline) 
==11136== by 0x488ECD: push::Env::go(int) (Env.cpp:72) 
==11136== by 0x4A84D5: main (bloodline.cpp:99) 
==11136== 

這是一個合法的錯誤？它看起來像讀取發生在一個有效的塊內。在我的程序，調用看起來是這樣的：

 char *path = strdup(full_path.c_str()); 
     cerr << "Path is : " << path << endl; 
     result = dirname(path); 
     if(result < 0){ 
       cerr << "Dirname failed for some reason. Check log." << endl; 
     } 

和輸出在錯誤的時間CERR是：

Path is : /tmp/tmp/ 

這是一個有效的路徑。 Dirname應該不會有任何問題，並且它在分配重複的堆上運行。

編輯：

這裏是一個小例子，將產生這樣的錯誤：

#include <string.h> 
#include <stdio.h> 
#include <iostream> 
#include <libgen.h> 

int main(){ 

     char *path = strdup("/tmp/tmp/"); 
     char* result = dirname(path); 
     std::cerr << result << std::endl; 
} 

編譯克++。

用Valgrind的運行，你會得到：

==32466== Memcheck, a memory error detector                                                 
==32466== Copyright (C) 2002-2011, and GNU GPL'd, by Julian Seward et al.                                          
==32466== Using Valgrind-3.7.0 and LibVEX; rerun with -h for copyright info                                         
==32466== Command: ./a.out                                                     
==32466==                                                          
==32466== Invalid read of size 8                                                    
==32466== at 0x51C7696: memrchr (memrchr.S:289)                                               
==32466== by 0x5222FAF: dirname (dirname.c:45)                                                
==32466== by 0x400865: main (in /home/j3doucet/a.out)                                              
==32466== Address 0x59ff048 is 8 bytes inside a block of size 10 alloc'd                                          
==32466== at 0x4C2B6CD: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)                                     
==32466== by 0x51BA801: strdup (strdup.c:43)                                                
==32466== by 0x400855: main (in /home/j3doucet/a.out)                                              
==32466==                                                          
/tmp 
==32466== 
==32466== HEAP SUMMARY: 
==32466==  in use at exit: 10 bytes in 1 blocks 
==32466== total heap usage: 1 allocs, 0 frees, 10 bytes allocated 
==32466== 
==32466== LEAK SUMMARY: 
==32466== definitely lost: 10 bytes in 1 blocks 
==32466== indirectly lost: 0 bytes in 0 blocks 
==32466==  possibly lost: 0 bytes in 0 blocks 
==32466== still reachable: 0 bytes in 0 blocks 
==32466==   suppressed: 0 bytes in 0 blocks 
==32466== Rerun with --leak-check=full to see details of leaked memory 
==32466== 
==32466== For counts of detected and suppressed errors, rerun with: -v 
==32466== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 2 from 2) 

Answer 1

Valgrind的指示尺寸爲8的讀取從字節NR 8 完成的10個字節的塊。 這個讀取是由memrchr完成的。 這樣的函數通常是基於這樣的假設進行優化的，即您可以讀取比分配的塊多 字節。 爲了避免報告這些問題，Valgrind必須用自己的重新定義功能來取代這些優化的功能。

memrchr只從V3.8版本開始在Valgrind中重新定義。

=>您應該使用最新版本的Valgrind（3.8.1）重試。 可能不會再報告錯誤（假設由於未重新定義memrchr而導致它實際上是誤報 ）。