Re: libXcursor + -finline-functions: Invalid read of size 4

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 8/11/14, Florian Weimer <fweimer@xxxxxxxxxx> wrote:
> On 08/08/2014 01:15 PM, William Brana wrote:
>> Hello,
>> I'm getting warnings like following from valgrind when libXcursor is
>> compiled with -O2 -finline-functions and gcc 4.8.3 or 4.7.4, but not
>> with -O2.
>> Is it miscompiled or false positive?
>
> Can you run valgrind with debugging information?  It might us tell us at
> least which allocation is too short.
>
> It could be a harmless over-read from the libc string functions
> (particularly if valgrind has not been set up correctly on your system).
>
> --
> Florian Weimer / Red Hat Product Security
>

gcc 4.8, libXcursor 1.1.14
>From Qt application:

==43000== Invalid read of size 4
==43000==    at 0x89019F3: XcursorScanTheme.part.0 (library.c:137)
==43000==    by 0x8901E96: XcursorLibraryLoadImages (library.c:315)
==43000==    by 0x8901F41: XcursorLibraryLoadCursor (library.c:322)
==43000==    by 0x50A2A3F: QCursorData::update() (in
/usr/lib64/qt4/libQtGui.so.4.8.5)
==43000==    by 0x50A31B6: QCursor::handle() const (in
/usr/lib64/qt4/libQtGui.so.4.8.5)
==43000==    by 0x50B1300: qt_x11_enforce_cursor(QWidget*) (in
/usr/lib64/qt4/libQtGui.so.4.8.5)
==43000==    by 0x50B6EC7: QWidgetPrivate::create_sys(unsigned long,
bool, bool) (in /usr/lib64/qt4/libQtGui.so.4.8.5)
==43000==    by 0x505BC97: QWidget::create(unsigned long, bool, bool)
(in /usr/lib64/qt4/libQtGui.so.4.8.5)
==43000==    by 0x509E3E2: setupOwner() (in /usr/lib64/qt4/libQtGui.so.4.8.5)
==43000==    by 0x509E719: QClipboard::QClipboard(QObject*) (in
/usr/lib64/qt4/libQtGui.so.4.8.5)
==43000==    by 0x4FFFA93: QApplication::clipboard() (in
/usr/lib64/qt4/libQtGui.so.4.8.5)
==43000==    by 0x52ADF24: QTextControl::canPaste() const (in
/usr/lib64/qt4/libQtGui.so.4.8.5)
==43000==  Address 0xd4d6ed0 is 32 bytes inside a block of size 35 alloc'd
==43000==    at 0x4C2984F: malloc (in
/usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==43000==    by 0x8901492: XcursorScanTheme.part.0 (library.c:117)
==43000==    by 0x8901E96: XcursorLibraryLoadImages (library.c:315)
==43000==    by 0x8901F41: XcursorLibraryLoadCursor (library.c:322)
==43000==    by 0x50A2A3F: QCursorData::update() (in
/usr/lib64/qt4/libQtGui.so.4.8.5)
==43000==    by 0x50A31B6: QCursor::handle() const (in
/usr/lib64/qt4/libQtGui.so.4.8.5)
==43000==    by 0x50B1300: qt_x11_enforce_cursor(QWidget*) (in
/usr/lib64/qt4/libQtGui.so.4.8.5)
==43000==    by 0x50B6EC7: QWidgetPrivate::create_sys(unsigned long,
bool, bool) (in /usr/lib64/qt4/libQtGui.so.4.8.5)
==43000==    by 0x505BC97: QWidget::create(unsigned long, bool, bool)
(in /usr/lib64/qt4/libQtGui.so.4.8.5)
==43000==    by 0x509E3E2: setupOwner() (in /usr/lib64/qt4/libQtGui.so.4.8.5)
==43000==    by 0x509E719: QClipboard::QClipboard(QObject*) (in
/usr/lib64/qt4/libQtGui.so.4.8.5)
==43000==    by 0x4FFFA93: QApplication::clipboard() (in
/usr/lib64/qt4/libQtGui.so.4.8.5)

>From gtkperf:

==42827== 6 errors in context 1 of 4:
==42827== Invalid read of size 4
==42827==    at 0x88D29F3: XcursorScanTheme.part.0 (library.c:137)
==42827==    by 0x88D2E96: XcursorLibraryLoadImages (library.c:315)
==42827==    by 0x88D328B: XcursorTryShapeCursor (xlib.c:105)
==42827==    by 0x6CBD56E: XCreateGlyphCursor (in /usr/lib64/libX11.so.6.3.0)
==42827==    by 0x6CBDB2C: XCreateFontCursor (in /usr/lib64/libX11.so.6.3.0)
==42827==    by 0x581CD54: gdk_cursor_new_for_display (in
/usr/lib64/libgdk-x11-2.0.so.0.2400.24)
==42827==    by 0x4F2866E: gtk_entry_realize (in
/usr/lib64/libgtk-x11-2.0.so.0.2400.24)
==42827==    by 0x5075629: gtk_spin_button_realize (in
/usr/lib64/libgtk-x11-2.0.so.0.2400.24)
==42827==    by 0x5F2144E: g_closure_invoke (in
/usr/lib64/libgobject-2.0.so.0.4000.0)
==42827==    by 0x5F38310: signal_emit_unlocked_R (in
/usr/lib64/libgobject-2.0.so.0.4000.0)
==42827==    by 0x5F3E931: g_signal_emit_valist (in
/usr/lib64/libgobject-2.0.so.0.4000.0)
==42827==    by 0x5F3EBEA: g_signal_emit (in
/usr/lib64/libgobject-2.0.so.0.4000.0)
==42827==  Address 0xb8afca0 is 32 bytes inside a block of size 35 alloc'd
==42827==    at 0x4C2984F: malloc (in
/usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==42827==    by 0x88D2492: XcursorScanTheme.part.0 (library.c:117)
==42827==    by 0x88D2E96: XcursorLibraryLoadImages (library.c:315)
==42827==    by 0x88D328B: XcursorTryShapeCursor (xlib.c:105)
==42827==    by 0x6CBD56E: XCreateGlyphCursor (in /usr/lib64/libX11.so.6.3.0)
==42827==    by 0x6CBDB2C: XCreateFontCursor (in /usr/lib64/libX11.so.6.3.0)
==42827==    by 0x581CD54: gdk_cursor_new_for_display (in
/usr/lib64/libgdk-x11-2.0.so.0.2400.24)
==42827==    by 0x4F2866E: gtk_entry_realize (in
/usr/lib64/libgtk-x11-2.0.so.0.2400.24)
==42827==    by 0x5075629: gtk_spin_button_realize (in
/usr/lib64/libgtk-x11-2.0.so.0.2400.24)
==42827==    by 0x5F2144E: g_closure_invoke (in
/usr/lib64/libgobject-2.0.so.0.4000.0)
==42827==    by 0x5F38310: signal_emit_unlocked_R (in
/usr/lib64/libgobject-2.0.so.0.4000.0)
==42827==    by 0x5F3E931: g_signal_emit_valist (in
/usr/lib64/libgobject-2.0.so.0.4000.0)
==42827==
==42827==
==42827== 6 errors in context 2 of 4:
==42827== Invalid read of size 4
==42827==    at 0x88D269F: XcursorScanTheme.part.0 (library.c:137)
==42827==    by 0x88D2E96: XcursorLibraryLoadImages (library.c:315)
==42827==    by 0x88D328B: XcursorTryShapeCursor (xlib.c:105)
==42827==    by 0x6CBD56E: XCreateGlyphCursor (in /usr/lib64/libX11.so.6.3.0)
==42827==    by 0x6CBDB2C: XCreateFontCursor (in /usr/lib64/libX11.so.6.3.0)
==42827==    by 0x581CD54: gdk_cursor_new_for_display (in
/usr/lib64/libgdk-x11-2.0.so.0.2400.24)
==42827==    by 0x4F2866E: gtk_entry_realize (in
/usr/lib64/libgtk-x11-2.0.so.0.2400.24)
==42827==    by 0x5075629: gtk_spin_button_realize (in
/usr/lib64/libgtk-x11-2.0.so.0.2400.24)
==42827==    by 0x5F2144E: g_closure_invoke (in
/usr/lib64/libgobject-2.0.so.0.4000.0)
==42827==    by 0x5F38310: signal_emit_unlocked_R (in
/usr/lib64/libgobject-2.0.so.0.4000.0)
==42827==    by 0x5F3E931: g_signal_emit_valist (in
/usr/lib64/libgobject-2.0.so.0.4000.0)
==42827==    by 0x5F3EBEA: g_signal_emit (in
/usr/lib64/libgobject-2.0.so.0.4000.0)
==42827==  Address 0xb8afca0 is 32 bytes inside a block of size 35 alloc'd
==42827==    at 0x4C2984F: malloc (in
/usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==42827==    by 0x88D2492: XcursorScanTheme.part.0 (library.c:117)
==42827==    by 0x88D2E96: XcursorLibraryLoadImages (library.c:315)
==42827==    by 0x88D328B: XcursorTryShapeCursor (xlib.c:105)
==42827==    by 0x6CBD56E: XCreateGlyphCursor (in /usr/lib64/libX11.so.6.3.0)
==42827==    by 0x6CBDB2C: XCreateFontCursor (in /usr/lib64/libX11.so.6.3.0)
==42827==    by 0x581CD54: gdk_cursor_new_for_display (in
/usr/lib64/libgdk-x11-2.0.so.0.2400.24)
==42827==    by 0x4F2866E: gtk_entry_realize (in
/usr/lib64/libgtk-x11-2.0.so.0.2400.24)
==42827==    by 0x5075629: gtk_spin_button_realize (in
/usr/lib64/libgtk-x11-2.0.so.0.2400.24)
==42827==    by 0x5F2144E: g_closure_invoke (in
/usr/lib64/libgobject-2.0.so.0.4000.0)
==42827==    by 0x5F38310: signal_emit_unlocked_R (in
/usr/lib64/libgobject-2.0.so.0.4000.0)
==42827==    by 0x5F3E931: g_signal_emit_valist (in
/usr/lib64/libgobject-2.0.so.0.4000.0)
==42827==
==42827==
==42827== 6 errors in context 3 of 4:
==42827== Invalid read of size 4
==42827==    at 0x88D29DC: XcursorScanTheme.part.0 (library.c:137)
==42827==    by 0x88D2E21: XcursorLibraryLoadImages (library.c:229)
==42827==    by 0x88D328B: XcursorTryShapeCursor (xlib.c:105)
==42827==    by 0x6CBD56E: XCreateGlyphCursor (in /usr/lib64/libX11.so.6.3.0)
==42827==    by 0x6CBDB2C: XCreateFontCursor (in /usr/lib64/libX11.so.6.3.0)
==42827==    by 0x581CD54: gdk_cursor_new_for_display (in
/usr/lib64/libgdk-x11-2.0.so.0.2400.24)
==42827==    by 0x4F2866E: gtk_entry_realize (in
/usr/lib64/libgtk-x11-2.0.so.0.2400.24)
==42827==    by 0x5075629: gtk_spin_button_realize (in
/usr/lib64/libgtk-x11-2.0.so.0.2400.24)
==42827==    by 0x5F2144E: g_closure_invoke (in
/usr/lib64/libgobject-2.0.so.0.4000.0)
==42827==    by 0x5F38310: signal_emit_unlocked_R (in
/usr/lib64/libgobject-2.0.so.0.4000.0)
==42827==    by 0x5F3E931: g_signal_emit_valist (in
/usr/lib64/libgobject-2.0.so.0.4000.0)
==42827==    by 0x5F3EBEA: g_signal_emit (in
/usr/lib64/libgobject-2.0.so.0.4000.0)
==42827==  Address 0xb8aa4f4 is 20 bytes inside a block of size 23 alloc'd
==42827==    at 0x4C2984F: malloc (in
/usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==42827==    by 0x88D2492: XcursorScanTheme.part.0 (library.c:117)
==42827==    by 0x88D2E21: XcursorLibraryLoadImages (library.c:229)
==42827==    by 0x88D328B: XcursorTryShapeCursor (xlib.c:105)
==42827==    by 0x6CBD56E: XCreateGlyphCursor (in /usr/lib64/libX11.so.6.3.0)
==42827==    by 0x6CBDB2C: XCreateFontCursor (in /usr/lib64/libX11.so.6.3.0)
==42827==    by 0x581CD54: gdk_cursor_new_for_display (in
/usr/lib64/libgdk-x11-2.0.so.0.2400.24)
==42827==    by 0x4F2866E: gtk_entry_realize (in
/usr/lib64/libgtk-x11-2.0.so.0.2400.24)
==42827==    by 0x5075629: gtk_spin_button_realize (in
/usr/lib64/libgtk-x11-2.0.so.0.2400.24)
==42827==    by 0x5F2144E: g_closure_invoke (in
/usr/lib64/libgobject-2.0.so.0.4000.0)
==42827==    by 0x5F38310: signal_emit_unlocked_R (in
/usr/lib64/libgobject-2.0.so.0.4000.0)
==42827==    by 0x5F3E931: g_signal_emit_valist (in
/usr/lib64/libgobject-2.0.so.0.4000.0)
==42827==
==42827==
==42827== 6 errors in context 4 of 4:
==42827== Invalid read of size 4
==42827==    at 0x88D268A: XcursorScanTheme.part.0 (library.c:137)
==42827==    by 0x88D2E21: XcursorLibraryLoadImages (library.c:229)
==42827==    by 0x88D328B: XcursorTryShapeCursor (xlib.c:105)
==42827==    by 0x6CBD56E: XCreateGlyphCursor (in /usr/lib64/libX11.so.6.3.0)
==42827==    by 0x6CBDB2C: XCreateFontCursor (in /usr/lib64/libX11.so.6.3.0)
==42827==    by 0x581CD54: gdk_cursor_new_for_display (in
/usr/lib64/libgdk-x11-2.0.so.0.2400.24)
==42827==    by 0x4F2866E: gtk_entry_realize (in
/usr/lib64/libgtk-x11-2.0.so.0.2400.24)
==42827==    by 0x5075629: gtk_spin_button_realize (in
/usr/lib64/libgtk-x11-2.0.so.0.2400.24)
==42827==    by 0x5F2144E: g_closure_invoke (in
/usr/lib64/libgobject-2.0.so.0.4000.0)
==42827==    by 0x5F38310: signal_emit_unlocked_R (in
/usr/lib64/libgobject-2.0.so.0.4000.0)
==42827==    by 0x5F3E931: g_signal_emit_valist (in
/usr/lib64/libgobject-2.0.so.0.4000.0)
==42827==    by 0x5F3EBEA: g_signal_emit (in
/usr/lib64/libgobject-2.0.so.0.4000.0)
==42827==  Address 0xb8aa4f4 is 20 bytes inside a block of size 23 alloc'd
==42827==    at 0x4C2984F: malloc (in
/usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==42827==    by 0x88D2492: XcursorScanTheme.part.0 (library.c:117)
==42827==    by 0x88D2E21: XcursorLibraryLoadImages (library.c:229)
==42827==    by 0x88D328B: XcursorTryShapeCursor (xlib.c:105)
==42827==    by 0x6CBD56E: XCreateGlyphCursor (in /usr/lib64/libX11.so.6.3.0)
==42827==    by 0x6CBDB2C: XCreateFontCursor (in /usr/lib64/libX11.so.6.3.0)
==42827==    by 0x581CD54: gdk_cursor_new_for_display (in
/usr/lib64/libgdk-x11-2.0.so.0.2400.24)
==42827==    by 0x4F2866E: gtk_entry_realize (in
/usr/lib64/libgtk-x11-2.0.so.0.2400.24)
==42827==    by 0x5075629: gtk_spin_button_realize (in
/usr/lib64/libgtk-x11-2.0.so.0.2400.24)
==42827==    by 0x5F2144E: g_closure_invoke (in
/usr/lib64/libgobject-2.0.so.0.4000.0)
==42827==    by 0x5F38310: signal_emit_unlocked_R (in
/usr/lib64/libgobject-2.0.so.0.4000.0)
==42827==    by 0x5F3E931: g_signal_emit_valist (in
/usr/lib64/libgobject-2.0.so.0.4000.0)
[Index of Archives]     [Linux C Programming]     [Linux Kernel]     [eCos]     [Fedora Development]     [Fedora Announce]     [Autoconf]     [The DWARVES Debugging Tools]     [Yosemite Campsites]     [Yosemite News]     [Linux GCC]

  Powered by Linux