Mac OS X 上 pclose() 導致的 Valgrind 錯誤

Question

我在嘗試pclose()之前使用popen()打開的 pipe 時遇到 valgrind 錯誤。 這些錯誤發生在 Mac OS X 上，但不在 Linux 上。 考慮以下示例：

#include <stdlib.h>
#include <stdio.h>

int main() {
  FILE *fp;
  char buf[4096];

  if (!(fp = popen("ls", "r")))
    exit(-1);

  while (fscanf(fp, "%s", buf) == 1)
    printf("%s\n", buf);

  pclose(fp);

  return 0;
}

我在 Mac（OS X 10.6.7，valgrind 版本 3.6.0）上收到以下 valgrind 錯誤，除非我刪除了pclose()調用：

==21455== Conditional jump or move depends on uninitialised value(s)
==21455==    at 0xB1992: pclose (in /usr/lib/libSystem.B.dylib)
==21455==    by 0x1F16: main (in ./a.out)
==21455== 
==21455== Syscall param wait4(pid) contains uninitialised byte(s)
==21455==    at 0x504FA: wait4 (in /usr/lib/libSystem.B.dylib)
==21455==    by 0x1F16: main (in ./a.out)

但是，我在 valgrind 版本 3.5.0 的 Linux 系統上沒有收到任何錯誤。

關於什么可能導致Mac上的錯誤的任何想法？

更新

在 valgrind 中打開--track-origins表明問題的根源可能在popen()調用中。 gcc 4.2.1 和 4.5.3 得到了同樣的結果。

==4425== Conditional jump or move depends on uninitialised value(s)
==4425==    at 0xB1992: pclose (in /usr/lib/libSystem.B.dylib)
==4425==    by 0x1F18: main (in ./a.out)
==4425==  Uninitialised value was created by a stack allocation
==4425==    at 0xB14C5: popen$UNIX2003 (in /usr/lib/libSystem.B.dylib)
==4425== 
==4425== Syscall param wait4(pid) contains uninitialised byte(s)
==4425==    at 0x504FA: wait4 (in /usr/lib/libSystem.B.dylib)
==4425==    by 0x1F18: main (in ./a.out)
==4425==  Uninitialised value was created by a stack allocation
==4425==    at 0xB14C5: popen$UNIX2003 (in /usr/lib/libSystem.B.dylib)

Answer 1

系統庫將未初始化的字節傳遞給系統調用是很常見的。 條件跳轉依賴於未初始化的值不太常見，但確實會發生（我的 Linux 版本中的 glibc-2.X.supp 在 glibc 中包含 8 個抑制）。

由於無論如何您對這些錯誤無能為力，因此您應該壓制它們。 請參閱 Valgrind 文檔中--gen-suppressions 。

Answer 2

報告的問題似乎是系統庫內部的，而不是您的代碼。

使用 MacOS X 10.6.8、Valgrind 3.6.0 以及（Apple 的）GCC 4.2.1 或（我的）GCC 4.6.0 時，我也沒有遇到任何錯誤。 我確實從您的代碼中收到了編譯警告（顯示為 4.6.0） - 實際上，我已經“make”運行命令，並且 makefile 包含所有這些-Wxxx arguments：

$ gcc -g -std=c99 -Wall -Wextra -Wmissing-prototypes -Wstrict-prototypes -Wold-style-definition     vg.c -o vg
vg.c:4:5: warning: function declaration isn’t a prototype [-Wstrict-prototypes]
vg.c: In function ‘main’:
vg.c:4:5: warning: old-style function definition [-Wold-style-definition]
$ valgrind vg
==40593== Memcheck, a memory error detector
==40593== Copyright (C) 2002-2010, and GNU GPL'd, by Julian Seward et al.
==40593== Using Valgrind-3.6.0 and LibVEX; rerun with -h for copyright info
==40593== Command: vg
==40593== 
vg
vg.c
vg.dSYM
==40593== 
==40593== HEAP SUMMARY:
==40593==     in use at exit: 4,184 bytes in 2 blocks
==40593==   total heap usage: 6 allocs, 4 frees, 26,848 bytes allocated
==40593== 
==40593== LEAK SUMMARY:
==40593==    definitely lost: 0 bytes in 0 blocks
==40593==    indirectly lost: 0 bytes in 0 blocks
==40593==      possibly lost: 0 bytes in 0 blocks
==40593==    still reachable: 4,184 bytes in 2 blocks
==40593==         suppressed: 0 bytes in 0 blocks
==40593== Rerun with --leak-check=full to see details of leaked memory
==40593== 
==40593== For counts of detected and suppressed errors, rerun with: -v
==40593== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 0 from 0)
$ cc --version
i686-apple-darwin10-llvm-gcc-4.2 (GCC) 4.2.1 (Based on Apple Inc. build 5658) (LLVM build 2335.9)
Copyright (C) 2007 Free Software Foundation, Inc.
This is free software; see the source for copying conditions.  There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

$ gcc --version
gcc (GCC) 4.6.0
Copyright (C) 2011 Free Software Foundation, Inc.
This is free software; see the source for copying conditions.  There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

$ valgrind --version
valgrind-3.6.0
Localhost JL: uname -a
Darwin localhost 10.8.0 Darwin Kernel Version 10.8.0: Tue Jun  7 16:33:36 PDT 2011; root:xnu-1504.15.3~1/RELEASE_I386 i386
$ otool -L /usr/lib/libSystem.B.dylib
/usr/lib/libSystem.B.dylib:
    /usr/lib/libSystem.B.dylib (compatibility version 1.0.0, current version 125.2.11)
    /usr/lib/system/libmathCommon.A.dylib (compatibility version 1.0.0, current version 315.0.0)

使用-v --gen-suppressions=yes運行時， valgrind會報告更多信息，但仍然沒有抑制錯誤。

Answer 3

此錯誤似乎已在最新的 Valgrind SVN 源中得到解決。 Valgrind 中的一些內部錯誤已得到解決，以及已知的 Apple 系統庫錯誤已被抑制。

請注意，這是在 OS X 10.10.4 上運行的

$ ./vg-in-place ../../test
==55558== Memcheck, a memory error detector
==55558== Copyright (C) 2002-2013, and GNU GPL'd, by Julian Seward et al.
==55558== Using Valgrind-3.11.0.SVN and LibVEX; rerun with -h for copyright info
==55558== Command: ../../test
==55558== 
--55558-- ../../test:
--55558-- dSYM directory is missing; consider using --dsymutil=yes
AUTHORS
COPYING
COPYING.DOCS
Makefile
...
vg-in-place
xfree-3.supp
xfree-4.supp
==55558== 
==55558== HEAP SUMMARY:
==55558==     in use at exit: 39,331 bytes in 419 blocks
==55558==   total heap usage: 523 allocs, 104 frees, 68,971 bytes allocated
==55558== 
==55558== LEAK SUMMARY:
==55558==    definitely lost: 0 bytes in 0 blocks
==55558==    indirectly lost: 0 bytes in 0 blocks
==55558==      possibly lost: 0 bytes in 0 blocks
==55558==    still reachable: 0 bytes in 0 blocks
==55558==         suppressed: 39,331 bytes in 419 blocks
==55558== 
==55558== For counts of detected and suppressed errors, rerun with: -v
==55558== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 0 from 0)
$ ./vg-in-place --version
valgrind-3.11.0.SVN