memcheck无法检查出memcpy()相关函数中的dst和src指针重叠。且没有提示非法指针。
测试代码:
#include
#include
int main(){
int a, b[1];
char* c = malloc(4);
char* d = malloc(4);
a = ( a == 0 ? b[0] : b[1] );
memcpy(c, c+1, 2); //内存地址重叠
d[4] = 1;
free(d);
return 0;
}
检测结果:
==5023== Conditional jump or move depends on uninitialised value(s)
==5023== at 0x1091C4: main (test1.c:7)
==5023==
==5023== Invalid write of size 1
==5023== at 0x1091EB: main (test1.c:9)
==5023== Address 0x4a50094 is 0 bytes after a block of size 4 alloc'd
==5023== at 0x483B7FB: malloc (vg_replace_malloc.c:307)
==5023== by 0x1091BB: main (test1.c:6)
==5023==
==5023==
==5023== HEAP SUMMARY:
==5023== in use at exit: 4 bytes in 1 blocks
==5023== total heap usage: 2 allocs, 1 frees, 8 bytes allocated
==5023==
==5023== 4 bytes in 1 blocks are definitely lost in loss record 1 of 1
==5023== at 0x483B7FB: malloc (vg_replace_malloc.c:307)
==5023== by 0x1091AD: main (test1.c:5)
==5023==
==5023== LEAK SUMMARY:
==5023== definitely lost: 4 bytes in 1 blocks
==5023== indirectly lost: 0 bytes in 0 blocks
==5023== possibly lost: 0 bytes in 0 blocks
==5023== still reachable: 0 bytes in 0 blocks
==5023== suppressed: 0 bytes in 0 blocks
==5023==
==5023== Use --track-origins=yes to see where uninitialised values come from
==5023== For lists of detected and suppressed errors, rerun with: -s
==5023== ERROR SUMMARY: 3 errors from 3 contexts (suppressed: 0 from 0)
并没有给出类似于
Source and destination overlap in memcpy(0x41fe02c, 0x41fe028, 5)
的提示。
多次测试后也无法解决,这种情况是突然发生的,我记得在第一次安装测试后能够检查这类问题,但是后来测试相同的代码就查不出来了。有没有大神知道啊
