You can subscribe to this list here.
| 2002 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
(1) |
Oct
(122) |
Nov
(152) |
Dec
(69) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2003 |
Jan
(6) |
Feb
(25) |
Mar
(73) |
Apr
(82) |
May
(24) |
Jun
(25) |
Jul
(10) |
Aug
(11) |
Sep
(10) |
Oct
(54) |
Nov
(203) |
Dec
(182) |
| 2004 |
Jan
(307) |
Feb
(305) |
Mar
(430) |
Apr
(312) |
May
(187) |
Jun
(342) |
Jul
(487) |
Aug
(637) |
Sep
(336) |
Oct
(373) |
Nov
(441) |
Dec
(210) |
| 2005 |
Jan
(385) |
Feb
(480) |
Mar
(636) |
Apr
(544) |
May
(679) |
Jun
(625) |
Jul
(810) |
Aug
(838) |
Sep
(634) |
Oct
(521) |
Nov
(965) |
Dec
(543) |
| 2006 |
Jan
(494) |
Feb
(431) |
Mar
(546) |
Apr
(411) |
May
(406) |
Jun
(322) |
Jul
(256) |
Aug
(401) |
Sep
(345) |
Oct
(542) |
Nov
(308) |
Dec
(481) |
| 2007 |
Jan
(427) |
Feb
(326) |
Mar
(367) |
Apr
(255) |
May
(244) |
Jun
(204) |
Jul
(223) |
Aug
(231) |
Sep
(354) |
Oct
(374) |
Nov
(497) |
Dec
(362) |
| 2008 |
Jan
(322) |
Feb
(482) |
Mar
(658) |
Apr
(422) |
May
(476) |
Jun
(396) |
Jul
(455) |
Aug
(267) |
Sep
(280) |
Oct
(253) |
Nov
(232) |
Dec
(304) |
| 2009 |
Jan
(486) |
Feb
(470) |
Mar
(458) |
Apr
(423) |
May
(696) |
Jun
(461) |
Jul
(551) |
Aug
(575) |
Sep
(134) |
Oct
(110) |
Nov
(157) |
Dec
(102) |
| 2010 |
Jan
(226) |
Feb
(86) |
Mar
(147) |
Apr
(117) |
May
(107) |
Jun
(203) |
Jul
(193) |
Aug
(238) |
Sep
(300) |
Oct
(246) |
Nov
(23) |
Dec
(75) |
| 2011 |
Jan
(133) |
Feb
(195) |
Mar
(315) |
Apr
(200) |
May
(267) |
Jun
(293) |
Jul
(353) |
Aug
(237) |
Sep
(278) |
Oct
(611) |
Nov
(274) |
Dec
(260) |
| 2012 |
Jan
(303) |
Feb
(391) |
Mar
(417) |
Apr
(441) |
May
(488) |
Jun
(655) |
Jul
(590) |
Aug
(610) |
Sep
(526) |
Oct
(478) |
Nov
(359) |
Dec
(372) |
| 2013 |
Jan
(467) |
Feb
(226) |
Mar
(391) |
Apr
(281) |
May
(299) |
Jun
(252) |
Jul
(311) |
Aug
(352) |
Sep
(481) |
Oct
(571) |
Nov
(222) |
Dec
(231) |
| 2014 |
Jan
(185) |
Feb
(329) |
Mar
(245) |
Apr
(238) |
May
(281) |
Jun
(399) |
Jul
(382) |
Aug
(500) |
Sep
(579) |
Oct
(435) |
Nov
(487) |
Dec
(256) |
| 2015 |
Jan
(338) |
Feb
(357) |
Mar
(330) |
Apr
(294) |
May
(191) |
Jun
(108) |
Jul
(142) |
Aug
(261) |
Sep
(190) |
Oct
(54) |
Nov
(83) |
Dec
(22) |
| 2016 |
Jan
(49) |
Feb
(89) |
Mar
(33) |
Apr
(50) |
May
(27) |
Jun
(34) |
Jul
(53) |
Aug
(53) |
Sep
(98) |
Oct
(206) |
Nov
(93) |
Dec
(53) |
| 2017 |
Jan
(65) |
Feb
(82) |
Mar
(102) |
Apr
(86) |
May
(187) |
Jun
(67) |
Jul
(23) |
Aug
(93) |
Sep
(65) |
Oct
(45) |
Nov
(35) |
Dec
(17) |
| 2018 |
Jan
(26) |
Feb
(35) |
Mar
(38) |
Apr
(32) |
May
(8) |
Jun
(43) |
Jul
(27) |
Aug
(30) |
Sep
(43) |
Oct
(42) |
Nov
(38) |
Dec
(67) |
| 2019 |
Jan
(32) |
Feb
(37) |
Mar
(53) |
Apr
(64) |
May
(49) |
Jun
(18) |
Jul
(14) |
Aug
(53) |
Sep
(25) |
Oct
(30) |
Nov
(49) |
Dec
(31) |
| 2020 |
Jan
(87) |
Feb
(45) |
Mar
(37) |
Apr
(51) |
May
(99) |
Jun
(36) |
Jul
(11) |
Aug
(14) |
Sep
(20) |
Oct
(24) |
Nov
(40) |
Dec
(23) |
| 2021 |
Jan
(14) |
Feb
(53) |
Mar
(85) |
Apr
(15) |
May
(19) |
Jun
(3) |
Jul
(14) |
Aug
(1) |
Sep
(57) |
Oct
(73) |
Nov
(56) |
Dec
(22) |
| 2022 |
Jan
(3) |
Feb
(22) |
Mar
(6) |
Apr
(55) |
May
(46) |
Jun
(39) |
Jul
(15) |
Aug
(9) |
Sep
(11) |
Oct
(34) |
Nov
(20) |
Dec
(36) |
| 2023 |
Jan
(79) |
Feb
(41) |
Mar
(99) |
Apr
(169) |
May
(48) |
Jun
(16) |
Jul
(16) |
Aug
(57) |
Sep
(19) |
Oct
|
Nov
|
Dec
|
| S | M | T | W | T | F | S |
|---|---|---|---|---|---|---|
|
|
|
|
|
|
|
1
(1) |
|
2
|
3
(6) |
4
(5) |
5
|
6
(2) |
7
(1) |
8
|
|
9
|
10
(4) |
11
(2) |
12
(2) |
13
(3) |
14
(1) |
15
|
|
16
(4) |
17
|
18
(3) |
19
(3) |
20
(3) |
21
|
22
|
|
23
(1) |
24
(10) |
25
(13) |
26
(6) |
27
(2) |
28
(3) |
29
(5) |
|
30
(6) |
|
|
|
|
|
|
|
From: Matthias S. <zz...@ge...> - 2017-04-26 19:40:43
|
Am 24.04.2017 um 22:35 schrieb Ivo Raisr: > 2017-04-24 22:03 GMT+02:00 Matthias Schwarzott <zz...@ge...>: >> Am 24.04.2017 um 17:00 schrieb Ivo Raisr: >>> Any comments or objections to patch v2 for bug 379039? >>> https://bugs.kde.org/show_bug.cgi?id=379039 >>> >>> I. >>> >> Hi! >> >> The code seems to work, but the len variable does not mean length of the >> string, so it could be misleading. >> >> Additionally I am not sure if the function POST(sys_prctl) must also be >> modified. > > Hi Matthias, Hi Ivo > > Thank you for your comments. > You are right, I had to modify POST(sys_prctl) so it takes into account > that ARG2 might not need to be nul-terminated. > Good. But not exactly matching what the kernel does. This is from kernel/sys.c: kernel/sys.c: case PR_SET_NAME: kernel/sys.c- comm[sizeof(me->comm) - 1] = 0; kernel/sys.c- if (strncpy_from_user(comm, (char __user *)arg2, kernel/sys.c- sizeof(me->comm) - 1) < 0) kernel/sys.c- return -EFAULT; kernel/sys.c- set_task_comm(me, comm); kernel/sys.c- proc_comm_connector(me); kernel/sys.c- break; The kernel copies up to 15 characters from userspace. To mimic that behaviour, I had to modify POST(sys_prctl) like this. --- coregrind/m_syswrap/syswrap-linux.c +++ coregrind/m_syswrap/syswrap-linux.c @@ -1535,7 +1535,7 @@ POST(sys_prctl) const HChar* new_name = (const HChar*) ARG2; if (new_name) { // Paranoia ThreadState* tst = VG_(get_ThreadState)(tid); - SizeT new_len = VG_(strnlen)(new_name, VKI_TASK_COMM_LEN); + SizeT new_len = VG_(strnlen)(new_name, VKI_TASK_COMM_LEN - 1); /* Don't bother reusing the memory. This is a rare event. */ tst->thread_name = > >> The test memcheck/tests/threadname.c maybe needs more cases: >> >> * Set threadname to a long string and check that only the first 15 >> characters are printed as threadname for the next error. > > Why? We do not want to do functional testing of libpthread or prctl syscall. The only reason is to see if valgrind can show the correct threadname in error messages and I found the small behaviour difference above. > >> * If possible a test that proves, that POST(sys_prctl) does not access >> memory after byte 16 (but I do not know how to test this). > > That would be appropriate for prctl(get-name) case. Different story. > No, I really meant if POST(sys_prctl) might crash when putting a carefully crafted pointer to the syscall. Maybe 16 bytes before the end of a memory page and having the next page not mapped. Regards Matthias |
Author: iraisr
Date: Wed Apr 26 20:27:14 2017
New Revision: 16314
Log:
Syscall wrapper for prctl(PR_SET_NAME) must not check more than 16 bytes.
Fixes BZ#379039.
Modified:
trunk/NEWS
trunk/coregrind/m_libcbase.c
trunk/coregrind/m_syswrap/syswrap-linux.c
trunk/include/pub_tool_libcbase.h
trunk/memcheck/tests/x86-linux/scalar.c
trunk/memcheck/tests/x86-linux/scalar.stderr.exp
Modified: trunk/NEWS
==============================================================================
--- trunk/NEWS (original)
+++ trunk/NEWS Wed Apr 26 20:27:14 2017
@@ -156,6 +156,7 @@
377930 fcntl syscall wrapper is missing flock structure check
378535 Valgrind reports INTERNAL ERROR in execve syscall wrapper
378673 Update libiberty demangler
+379039 syscall wrapper for prctl(PR_SET_NAME) must not check more than 16 bytes
379094 Valgrind reports INTERNAL ERROR in rt_sigsuspend syscall wrapper
Release 3.12.0 (20 October 2016)
Modified: trunk/coregrind/m_libcbase.c
==============================================================================
--- trunk/coregrind/m_libcbase.c (original)
+++ trunk/coregrind/m_libcbase.c Wed Apr 26 20:27:14 2017
@@ -266,6 +266,14 @@
return i;
}
+SizeT VG_(strnlen)(const HChar* str, SizeT n)
+{
+ SizeT i = 0;
+ while (i < n && str[i] != 0)
+ i++;
+ return i;
+}
+
HChar* VG_(strcat) ( HChar* dest, const HChar* src )
{
HChar* dest_orig = dest;
@@ -319,6 +327,29 @@
}
}
+/* Copies up to n-1 bytes from src to dst. Then nul-terminate dst if n > 0.
+ Returns strlen(src). Does not zero-fill the remainder of dst. */
+SizeT VG_(strlcpy)(HChar *dst, const HChar *src, SizeT n)
+{
+ const HChar *src_orig = src;
+ SizeT m = 0;
+
+ while (m < n - 1 && *src != '\0') {
+ m++;
+ *dst++ = *src++;
+ }
+
+ /* Nul-terminate dst. */ \
+ if (n > 0)
+ *dst = 0;
+
+ /* Finish counting strlen(src). */ \
+ while (*src != '\0')
+ src++;
+
+ return src - src_orig;
+}
+
Int VG_(strcmp) ( const HChar* s1, const HChar* s2 )
{
while (True) {
Modified: trunk/coregrind/m_syswrap/syswrap-linux.c
==============================================================================
--- trunk/coregrind/m_syswrap/syswrap-linux.c (original)
+++ trunk/coregrind/m_syswrap/syswrap-linux.c Wed Apr 26 20:27:14 2017
@@ -1452,7 +1452,26 @@
break;
case VKI_PR_SET_NAME:
PRE_REG_READ2(int, "prctl", int, option, char *, name);
- PRE_MEM_RASCIIZ("prctl(set-name)", ARG2);
+ /* The name can be up to TASK_COMM_LEN(16) bytes long, including
+ the terminating null byte. So do not check more than 16 bytes. */
+ if (ML_(safe_to_deref)((const HChar *) ARG2, VKI_TASK_COMM_LEN)) {
+ SizeT len = VG_(strnlen)((const HChar *) ARG2, VKI_TASK_COMM_LEN);
+ if (len < VKI_TASK_COMM_LEN) {
+ PRE_MEM_RASCIIZ("prctl(set-name)", ARG2);
+ } else {
+ PRE_MEM_READ("prctl(set-name)", ARG2, VKI_TASK_COMM_LEN);
+ }
+ } else {
+ /* Do it the slow way, one byte at a time, while checking for
+ terminating '\0'. */
+ const HChar *name = (const HChar *) ARG2;
+ for (UInt i = 0; i < VKI_TASK_COMM_LEN; i++) {
+ PRE_MEM_READ("prctl(set-name)", (Addr) &name[i], 1);
+ if (!ML_(safe_to_deref)(&name[i], 1) || name[i] == '\0') {
+ break;
+ }
+ }
+ }
break;
case VKI_PR_GET_NAME:
PRE_REG_READ2(int, "prctl", int, option, char *, name);
@@ -1516,12 +1535,12 @@
const HChar* new_name = (const HChar*) ARG2;
if (new_name) { // Paranoia
ThreadState* tst = VG_(get_ThreadState)(tid);
- SizeT new_len = VG_(strlen)(new_name);
+ SizeT new_len = VG_(strnlen)(new_name, VKI_TASK_COMM_LEN);
/* Don't bother reusing the memory. This is a rare event. */
tst->thread_name =
VG_(realloc)("syswrap.prctl", tst->thread_name, new_len + 1);
- VG_(strcpy)(tst->thread_name, new_name);
+ VG_(strlcpy)(tst->thread_name, new_name, new_len + 1);
}
}
break;
Modified: trunk/include/pub_tool_libcbase.h
==============================================================================
--- trunk/include/pub_tool_libcbase.h (original)
+++ trunk/include/pub_tool_libcbase.h Wed Apr 26 20:27:14 2017
@@ -80,11 +80,13 @@
&& VG_(strncmp)((s1),(s2),(n))==0) ? True : False )
extern SizeT VG_(strlen) ( const HChar* str );
+extern SizeT VG_(strnlen) ( const HChar* str, SizeT n );
extern HChar* VG_(strcat) ( HChar* dest, const HChar* src );
extern HChar* VG_(strncat) ( HChar* dest, const HChar* src, SizeT n );
extern HChar* VG_(strpbrk) ( const HChar* s, const HChar* accpt );
extern HChar* VG_(strcpy) ( HChar* dest, const HChar* src );
extern HChar* VG_(strncpy) ( HChar* dest, const HChar* src, SizeT ndest );
+extern SizeT VG_(strlcpy) ( HChar* dest, const HChar* src, SizeT n );
extern Int VG_(strcmp) ( const HChar* s1, const HChar* s2 );
extern Int VG_(strcasecmp) ( const HChar* s1, const HChar* s2 );
extern Int VG_(strncmp) ( const HChar* s1, const HChar* s2, SizeT nmax );
Modified: trunk/memcheck/tests/x86-linux/scalar.c
==============================================================================
--- trunk/memcheck/tests/x86-linux/scalar.c (original)
+++ trunk/memcheck/tests/x86-linux/scalar.c Wed Apr 26 20:27:14 2017
@@ -6,6 +6,7 @@
#include <sched.h>
#include <signal.h>
#include <linux/mman.h> // MREMAP_FIXED
+#include <sys/prctl.h>
// Here we are trying to trigger every syscall error (scalar errors and
// memory errors) for every syscall. We do this by passing a lot of bogus
@@ -775,6 +776,16 @@
GO(__NR_prctl, "5s 0m");
SY(__NR_prctl, x0, x0, x0, x0, x0); FAIL;
+ char buf16[16] = "123456789012345.";
+ buf16[15] = x0; // this will cause 'using unitialised value'
+ GO(__NR_prctl, "2s 0m");
+ SY(__NR_prctl, x0 + PR_SET_NAME, buf16); SUCC;
+
+ char buf17[17] = "1234567890123456.";
+ buf17[16] = x0; // this must not cause 'using unitialised value'
+ GO(__NR_prctl, "1s 0m");
+ SY(__NR_prctl, x0 + PR_SET_NAME, buf17); SUCC;
+
// __NR_rt_sigreturn 173
GO(__NR_rt_sigreturn, "n/a");
//SY(__NR_rt_sigreturn); // (Not yet handled by Valgrind) FAIL;
Modified: trunk/memcheck/tests/x86-linux/scalar.stderr.exp
==============================================================================
--- trunk/memcheck/tests/x86-linux/scalar.stderr.exp (original)
+++ trunk/memcheck/tests/x86-linux/scalar.stderr.exp Wed Apr 26 20:27:14 2017
@@ -12,23 +12,23 @@
-----------------------------------------------------
Syscall param (syscallno) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:51)
+ by 0x........: main (scalar.c:52)
Syscall param read(fd) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:51)
+ by 0x........: main (scalar.c:52)
Syscall param read(buf) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:51)
+ by 0x........: main (scalar.c:52)
Syscall param read(count) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:51)
+ by 0x........: main (scalar.c:52)
Syscall param read(buf) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:51)
+ by 0x........: main (scalar.c:52)
Address 0x........ is not stack'd, malloc'd or (recently) free'd
-----------------------------------------------------
@@ -36,19 +36,19 @@
-----------------------------------------------------
Syscall param write(fd) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:55)
+ by 0x........: main (scalar.c:56)
Syscall param write(buf) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:55)
+ by 0x........: main (scalar.c:56)
Syscall param write(count) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:55)
+ by 0x........: main (scalar.c:56)
Syscall param write(buf) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:55)
+ by 0x........: main (scalar.c:56)
Address 0x........ is not stack'd, malloc'd or (recently) free'd
-----------------------------------------------------
@@ -56,15 +56,15 @@
-----------------------------------------------------
Syscall param open(filename) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:59)
+ by 0x........: main (scalar.c:60)
Syscall param open(flags) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:59)
+ by 0x........: main (scalar.c:60)
Syscall param open(filename) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:59)
+ by 0x........: main (scalar.c:60)
Address 0x........ is not stack'd, malloc'd or (recently) free'd
-----------------------------------------------------
@@ -72,33 +72,33 @@
-----------------------------------------------------
Syscall param open(mode) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:65)
+ by 0x........: main (scalar.c:66)
-----------------------------------------------------
6: __NR_close 1s 0m
-----------------------------------------------------
Syscall param close(fd) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:69)
+ by 0x........: main (scalar.c:70)
-----------------------------------------------------
7: __NR_waitpid 3s 1m
-----------------------------------------------------
Syscall param waitpid(pid) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:73)
+ by 0x........: main (scalar.c:74)
Syscall param waitpid(status) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:73)
+ by 0x........: main (scalar.c:74)
Syscall param waitpid(options) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:73)
+ by 0x........: main (scalar.c:74)
Syscall param waitpid(status) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:73)
+ by 0x........: main (scalar.c:74)
Address 0x........ is not stack'd, malloc'd or (recently) free'd
-----------------------------------------------------
@@ -106,15 +106,15 @@
-----------------------------------------------------
Syscall param creat(pathname) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:77)
+ by 0x........: main (scalar.c:78)
Syscall param creat(mode) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:77)
+ by 0x........: main (scalar.c:78)
Syscall param creat(pathname) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:77)
+ by 0x........: main (scalar.c:78)
Address 0x........ is not stack'd, malloc'd or (recently) free'd
-----------------------------------------------------
@@ -122,20 +122,20 @@
-----------------------------------------------------
Syscall param link(oldpath) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:81)
+ by 0x........: main (scalar.c:82)
Syscall param link(newpath) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:81)
+ by 0x........: main (scalar.c:82)
Syscall param link(oldpath) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:81)
+ by 0x........: main (scalar.c:82)
Address 0x........ is not stack'd, malloc'd or (recently) free'd
Syscall param link(newpath) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:81)
+ by 0x........: main (scalar.c:82)
Address 0x........ is not stack'd, malloc'd or (recently) free'd
-----------------------------------------------------
@@ -143,11 +143,11 @@
-----------------------------------------------------
Syscall param unlink(pathname) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:85)
+ by 0x........: main (scalar.c:86)
Syscall param unlink(pathname) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:85)
+ by 0x........: main (scalar.c:86)
Address 0x........ is not stack'd, malloc'd or (recently) free'd
-----------------------------------------------------
@@ -155,19 +155,19 @@
-----------------------------------------------------
Syscall param execve(filename) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:89)
+ by 0x........: main (scalar.c:90)
Syscall param execve(argv) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:89)
+ by 0x........: main (scalar.c:90)
Syscall param execve(envp) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:89)
+ by 0x........: main (scalar.c:90)
Syscall param execve(filename) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:89)
+ by 0x........: main (scalar.c:90)
Address 0x........ is not stack'd, malloc'd or (recently) free'd
-----------------------------------------------------
@@ -175,19 +175,19 @@
-----------------------------------------------------
Syscall param execve(filename) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:92)
+ by 0x........: main (scalar.c:93)
Syscall param execve(argv) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:92)
+ by 0x........: main (scalar.c:93)
Syscall param execve(envp) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:92)
+ by 0x........: main (scalar.c:93)
Syscall param execve(filename) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:92)
+ by 0x........: main (scalar.c:93)
Address 0x........ is not stack'd, malloc'd or (recently) free'd
-----------------------------------------------------
@@ -195,30 +195,30 @@
-----------------------------------------------------
Syscall param execve(filename) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:96)
+ by 0x........: main (scalar.c:97)
Syscall param execve(argv) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:96)
+ by 0x........: main (scalar.c:97)
Syscall param execve(envp) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:96)
+ by 0x........: main (scalar.c:97)
Syscall param execve(filename) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:96)
+ by 0x........: main (scalar.c:97)
Address 0x........ is not stack'd, malloc'd or (recently) free'd
Syscall param execve(argv) points to uninitialised byte(s)
...
- by 0x........: main (scalar.c:96)
+ by 0x........: main (scalar.c:97)
Address 0x........ is on thread 1's stack
- in frame #1, created by main (scalar.c:28)
+ in frame #1, created by main (scalar.c:29)
Syscall param execve(argv[i]) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:96)
+ by 0x........: main (scalar.c:97)
Address 0x........ is not stack'd, malloc'd or (recently) free'd
-----------------------------------------------------
@@ -226,30 +226,30 @@
-----------------------------------------------------
Syscall param execve(filename) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:99)
+ by 0x........: main (scalar.c:100)
Syscall param execve(argv) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:99)
+ by 0x........: main (scalar.c:100)
Syscall param execve(envp) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:99)
+ by 0x........: main (scalar.c:100)
Syscall param execve(filename) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:99)
+ by 0x........: main (scalar.c:100)
Address 0x........ is not stack'd, malloc'd or (recently) free'd
Syscall param execve(envp) points to uninitialised byte(s)
...
- by 0x........: main (scalar.c:99)
+ by 0x........: main (scalar.c:100)
Address 0x........ is on thread 1's stack
- in frame #1, created by main (scalar.c:28)
+ in frame #1, created by main (scalar.c:29)
Syscall param execve(envp[i]) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:99)
+ by 0x........: main (scalar.c:100)
Address 0x........ is not stack'd, malloc'd or (recently) free'd
-----------------------------------------------------
@@ -257,11 +257,11 @@
-----------------------------------------------------
Syscall param chdir(path) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:103)
+ by 0x........: main (scalar.c:104)
Syscall param chdir(path) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:103)
+ by 0x........: main (scalar.c:104)
Address 0x........ is not stack'd, malloc'd or (recently) free'd
-----------------------------------------------------
@@ -269,11 +269,11 @@
-----------------------------------------------------
Syscall param time(t) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:107)
+ by 0x........: main (scalar.c:108)
Syscall param time(t) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:107)
+ by 0x........: main (scalar.c:108)
Address 0x........ is not stack'd, malloc'd or (recently) free'd
-----------------------------------------------------
@@ -281,19 +281,19 @@
-----------------------------------------------------
Syscall param mknod(pathname) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:111)
+ by 0x........: main (scalar.c:112)
Syscall param mknod(mode) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:111)
+ by 0x........: main (scalar.c:112)
Syscall param mknod(dev) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:111)
+ by 0x........: main (scalar.c:112)
Syscall param mknod(pathname) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:111)
+ by 0x........: main (scalar.c:112)
Address 0x........ is not stack'd, malloc'd or (recently) free'd
-----------------------------------------------------
@@ -301,15 +301,15 @@
-----------------------------------------------------
Syscall param chmod(path) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:115)
+ by 0x........: main (scalar.c:116)
Syscall param chmod(mode) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:115)
+ by 0x........: main (scalar.c:116)
Syscall param chmod(path) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:115)
+ by 0x........: main (scalar.c:116)
Address 0x........ is not stack'd, malloc'd or (recently) free'd
-----------------------------------------------------
@@ -326,15 +326,15 @@
-----------------------------------------------------
Syscall param lseek(fd) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:131)
+ by 0x........: main (scalar.c:132)
Syscall param lseek(offset) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:131)
+ by 0x........: main (scalar.c:132)
Syscall param lseek(whence) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:131)
+ by 0x........: main (scalar.c:132)
-----------------------------------------------------
20: __NR_getpid 0s 0m
@@ -344,32 +344,32 @@
-----------------------------------------------------
Syscall param mount(source) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:139)
+ by 0x........: main (scalar.c:140)
Syscall param mount(target) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:139)
+ by 0x........: main (scalar.c:140)
Syscall param mount(type) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:139)
+ by 0x........: main (scalar.c:140)
Syscall param mount(flags) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:139)
+ by 0x........: main (scalar.c:140)
Syscall param mount(data) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:139)
+ by 0x........: main (scalar.c:140)
Syscall param mount(target) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:139)
+ by 0x........: main (scalar.c:140)
Address 0x........ is not stack'd, malloc'd or (recently) free'd
Syscall param mount(type) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:139)
+ by 0x........: main (scalar.c:140)
Address 0x........ is not stack'd, malloc'd or (recently) free'd
-----------------------------------------------------
@@ -377,11 +377,11 @@
-----------------------------------------------------
Syscall param umount(path) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:143)
+ by 0x........: main (scalar.c:144)
Syscall param umount(path) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:143)
+ by 0x........: main (scalar.c:144)
Address 0x........ is not stack'd, malloc'd or (recently) free'd
-----------------------------------------------------
@@ -389,7 +389,7 @@
-----------------------------------------------------
Syscall param setuid16(uid) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:147)
+ by 0x........: main (scalar.c:148)
-----------------------------------------------------
24: __NR_getuid 0s 0m
@@ -402,23 +402,23 @@
-----------------------------------------------------
Syscall param ptrace(request) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:160)
+ by 0x........: main (scalar.c:161)
Syscall param ptrace(pid) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:160)
+ by 0x........: main (scalar.c:161)
Syscall param ptrace(addr) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:160)
+ by 0x........: main (scalar.c:161)
Syscall param ptrace(data) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:160)
+ by 0x........: main (scalar.c:161)
Syscall param ptrace(getregs) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:160)
+ by 0x........: main (scalar.c:161)
Address 0x........ is not stack'd, malloc'd or (recently) free'd
-----------------------------------------------------
@@ -426,7 +426,7 @@
-----------------------------------------------------
Syscall param alarm(seconds) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:164)
+ by 0x........: main (scalar.c:165)
-----------------------------------------------------
28: __NR_oldfstat n/a
@@ -439,20 +439,20 @@
-----------------------------------------------------
Syscall param utime(filename) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:176)
+ by 0x........: main (scalar.c:177)
Syscall param utime(buf) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:176)
+ by 0x........: main (scalar.c:177)
Syscall param utime(filename) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:176)
+ by 0x........: main (scalar.c:177)
Address 0x........ is not stack'd, malloc'd or (recently) free'd
Syscall param utime(buf) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:176)
+ by 0x........: main (scalar.c:177)
Address 0x........ is not stack'd, malloc'd or (recently) free'd
-----------------------------------------------------
@@ -466,15 +466,15 @@
-----------------------------------------------------
Syscall param access(pathname) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:188)
+ by 0x........: main (scalar.c:189)
Syscall param access(mode) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:188)
+ by 0x........: main (scalar.c:189)
Syscall param access(pathname) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:188)
+ by 0x........: main (scalar.c:189)
Address 0x........ is not stack'd, malloc'd or (recently) free'd
-----------------------------------------------------
@@ -482,7 +482,7 @@
-----------------------------------------------------
Syscall param nice(inc) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:192)
+ by 0x........: main (scalar.c:193)
-----------------------------------------------------
35: __NR_ftime ni
@@ -495,31 +495,31 @@
-----------------------------------------------------
Syscall param kill(pid) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:204)
+ by 0x........: main (scalar.c:205)
Syscall param kill(signal) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:204)
+ by 0x........: main (scalar.c:205)
-----------------------------------------------------
38: __NR_rename 2s 2m
-----------------------------------------------------
Syscall param rename(oldpath) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:208)
+ by 0x........: main (scalar.c:209)
Syscall param rename(newpath) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:208)
+ by 0x........: main (scalar.c:209)
Syscall param rename(oldpath) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:208)
+ by 0x........: main (scalar.c:209)
Address 0x........ is not stack'd, malloc'd or (recently) free'd
Syscall param rename(newpath) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:208)
+ by 0x........: main (scalar.c:209)
Address 0x........ is not stack'd, malloc'd or (recently) free'd
-----------------------------------------------------
@@ -527,15 +527,15 @@
-----------------------------------------------------
Syscall param mkdir(pathname) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:212)
+ by 0x........: main (scalar.c:213)
Syscall param mkdir(mode) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:212)
+ by 0x........: main (scalar.c:213)
Syscall param mkdir(pathname) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:212)
+ by 0x........: main (scalar.c:213)
Address 0x........ is not stack'd, malloc'd or (recently) free'd
-----------------------------------------------------
@@ -543,11 +543,11 @@
-----------------------------------------------------
Syscall param rmdir(pathname) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:216)
+ by 0x........: main (scalar.c:217)
Syscall param rmdir(pathname) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:216)
+ by 0x........: main (scalar.c:217)
Address 0x........ is not stack'd, malloc'd or (recently) free'd
-----------------------------------------------------
@@ -555,18 +555,18 @@
-----------------------------------------------------
Syscall param dup(oldfd) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:220)
+ by 0x........: main (scalar.c:221)
-----------------------------------------------------
42: __NR_pipe 1s 1m
-----------------------------------------------------
Syscall param pipe(filedes) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:224)
+ by 0x........: main (scalar.c:225)
Syscall param pipe(filedes) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:224)
+ by 0x........: main (scalar.c:225)
Address 0x........ is not stack'd, malloc'd or (recently) free'd
-----------------------------------------------------
@@ -574,14 +574,14 @@
-----------------------------------------------------
Syscall param times(buf) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:228)
+ by 0x........: main (scalar.c:229)
More than 100 errors detected. Subsequent errors
will still be recorded, but in less detail than before.
Syscall param times(buf) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:228)
+ by 0x........: main (scalar.c:229)
Address 0x........ is not stack'd, malloc'd or (recently) free'd
-----------------------------------------------------
@@ -592,14 +592,14 @@
-----------------------------------------------------
Syscall param brk(end_data_segment) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:236)
+ by 0x........: main (scalar.c:237)
-----------------------------------------------------
46: __NR_setgid 1s 0m
-----------------------------------------------------
Syscall param setgid16(gid) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:240)
+ by 0x........: main (scalar.c:241)
-----------------------------------------------------
47: __NR_getgid 0s 0m
@@ -618,11 +618,11 @@
-----------------------------------------------------
Syscall param acct(filename) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:260)
+ by 0x........: main (scalar.c:261)
Syscall param acct(filename) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:260)
+ by 0x........: main (scalar.c:261)
Address 0x........ is not stack'd, malloc'd or (recently) free'd
-----------------------------------------------------
@@ -630,15 +630,15 @@
-----------------------------------------------------
Syscall param umount2(path) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:264)
+ by 0x........: main (scalar.c:265)
Syscall param umount2(flags) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:264)
+ by 0x........: main (scalar.c:265)
Syscall param umount2(path) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:264)
+ by 0x........: main (scalar.c:265)
Address 0x........ is not stack'd, malloc'd or (recently) free'd
-----------------------------------------------------
@@ -649,19 +649,19 @@
-----------------------------------------------------
Syscall param ioctl(fd) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:273)
+ by 0x........: main (scalar.c:274)
Syscall param ioctl(request) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:273)
+ by 0x........: main (scalar.c:274)
Syscall param ioctl(arg) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:273)
+ by 0x........: main (scalar.c:274)
Syscall param ioctl(TCSET{S,SW,SF}) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:273)
+ by 0x........: main (scalar.c:274)
Address 0x........ is not stack'd, malloc'd or (recently) free'd
-----------------------------------------------------
@@ -669,49 +669,49 @@
-----------------------------------------------------
Syscall param fcntl(fd) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:279)
+ by 0x........: main (scalar.c:280)
Syscall param fcntl(cmd) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:279)
+ by 0x........: main (scalar.c:280)
-----------------------------------------------------
55: __NR_fcntl (DUPFD) 1s 0m
-----------------------------------------------------
Syscall param fcntl(arg) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:285)
+ by 0x........: main (scalar.c:286)
-----------------------------------------------------
55: __NR_fcntl (GETLK) 1s 5m
-----------------------------------------------------
Syscall param fcntl(lock) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:291)
+ by 0x........: main (scalar.c:292)
Syscall param fcntl(lock->l_type) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:291)
+ by 0x........: main (scalar.c:292)
Address 0x........ is not stack'd, malloc'd or (recently) free'd
Syscall param fcntl(lock->l_whence) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:291)
+ by 0x........: main (scalar.c:292)
Address 0x........ is not stack'd, malloc'd or (recently) free'd
Syscall param fcntl(lock->l_start) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:291)
+ by 0x........: main (scalar.c:292)
Address 0x........ is not stack'd, malloc'd or (recently) free'd
Syscall param fcntl(lock->l_len) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:291)
+ by 0x........: main (scalar.c:292)
Address 0x........ is not stack'd, malloc'd or (recently) free'd
Syscall param fcntl(lock->l_pid) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:291)
+ by 0x........: main (scalar.c:292)
Address 0x........ is not stack'd, malloc'd or (recently) free'd
-----------------------------------------------------
@@ -722,11 +722,11 @@
-----------------------------------------------------
Syscall param setpgid(pid) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:299)
+ by 0x........: main (scalar.c:300)
Syscall param setpgid(pgid) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:299)
+ by 0x........: main (scalar.c:300)
-----------------------------------------------------
58: __NR_ulimit ni
@@ -739,18 +739,18 @@
-----------------------------------------------------
Syscall param umask(mask) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:311)
+ by 0x........: main (scalar.c:312)
-----------------------------------------------------
61: __NR_chroot 1s 1m
-----------------------------------------------------
Syscall param chroot(path) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:315)
+ by 0x........: main (scalar.c:316)
Syscall param chroot(path) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:315)
+ by 0x........: main (scalar.c:316)
Address 0x........ is not stack'd, malloc'd or (recently) free'd
-----------------------------------------------------
@@ -761,11 +761,11 @@
-----------------------------------------------------
Syscall param dup2(oldfd) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:323)
+ by 0x........: main (scalar.c:324)
Syscall param dup2(newfd) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:323)
+ by 0x........: main (scalar.c:324)
-----------------------------------------------------
64: __NR_getppid 0s 0m
@@ -781,43 +781,43 @@
-----------------------------------------------------
Syscall param sigaction(signum) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:339)
+ by 0x........: main (scalar.c:340)
Syscall param sigaction(act) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:339)
+ by 0x........: main (scalar.c:340)
Syscall param sigaction(oldact) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:339)
+ by 0x........: main (scalar.c:340)
Syscall param sigaction(act->sa_handler) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:339)
+ by 0x........: main (scalar.c:340)
Address 0x........ is 0 bytes after a block of size 4 alloc'd
at 0x........: malloc (vg_replace_malloc.c:...)
- by 0x........: main (scalar.c:30)
+ by 0x........: main (scalar.c:31)
Syscall param sigaction(act->sa_mask) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:339)
+ by 0x........: main (scalar.c:340)
Address 0x........ is 4 bytes after a block of size 4 alloc'd
at 0x........: malloc (vg_replace_malloc.c:...)
- by 0x........: main (scalar.c:30)
+ by 0x........: main (scalar.c:31)
Syscall param sigaction(act->sa_flags) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:339)
+ by 0x........: main (scalar.c:340)
Address 0x........ is 8 bytes after a block of size 4 alloc'd
at 0x........: malloc (vg_replace_malloc.c:...)
- by 0x........: main (scalar.c:30)
+ by 0x........: main (scalar.c:31)
Syscall param sigaction(oldact) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:339)
+ by 0x........: main (scalar.c:340)
Address 0x........ is 0 bytes after a block of size 4 alloc'd
at 0x........: malloc (vg_replace_malloc.c:...)
- by 0x........: main (scalar.c:30)
+ by 0x........: main (scalar.c:31)
-----------------------------------------------------
68: __NR_sgetmask n/a
@@ -830,22 +830,22 @@
-----------------------------------------------------
Syscall param setreuid16(ruid) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:351)
+ by 0x........: main (scalar.c:352)
Syscall param setreuid16(euid) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:351)
+ by 0x........: main (scalar.c:352)
-----------------------------------------------------
71: __NR_setregid 2s 0m
-----------------------------------------------------
Syscall param setregid16(rgid) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:355)
+ by 0x........: main (scalar.c:356)
Syscall param setregid16(egid) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:355)
+ by 0x........: main (scalar.c:356)
-----------------------------------------------------
72: __NR_sigsuspend ignore
@@ -855,11 +855,11 @@
-----------------------------------------------------
Syscall param sigpending(set) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:364)
+ by 0x........: main (scalar.c:365)
Syscall param sigpending(set) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:364)
+ by 0x........: main (scalar.c:365)
Address 0x........ is not stack'd, malloc'd or (recently) free'd
-----------------------------------------------------
@@ -870,15 +870,15 @@
-----------------------------------------------------
Syscall param setrlimit(resource) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:372)
+ by 0x........: main (scalar.c:373)
Syscall param setrlimit(rlim) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:372)
+ by 0x........: main (scalar.c:373)
Syscall param setrlimit(rlim) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:372)
+ by 0x........: main (scalar.c:373)
Address 0x........ is not stack'd, malloc'd or (recently) free'd
-----------------------------------------------------
@@ -886,15 +886,15 @@
-----------------------------------------------------
Syscall param old_getrlimit(resource) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:376)
+ by 0x........: main (scalar.c:377)
Syscall param old_getrlimit(rlim) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:376)
+ by 0x........: main (scalar.c:377)
Syscall param old_getrlimit(rlim) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:376)
+ by 0x........: main (scalar.c:377)
Address 0x........ is not stack'd, malloc'd or (recently) free'd
-----------------------------------------------------
@@ -902,15 +902,15 @@
-----------------------------------------------------
Syscall param getrusage(who) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:380)
+ by 0x........: main (scalar.c:381)
Syscall param getrusage(usage) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:380)
+ by 0x........: main (scalar.c:381)
Syscall param getrusage(usage) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:380)
+ by 0x........: main (scalar.c:381)
Address 0x........ is not stack'd, malloc'd or (recently) free'd
-----------------------------------------------------
@@ -918,20 +918,20 @@
-----------------------------------------------------
Syscall param gettimeofday(tv) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:384)
+ by 0x........: main (scalar.c:385)
Syscall param gettimeofday(tz) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:384)
+ by 0x........: main (scalar.c:385)
Syscall param gettimeofday(tv) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:384)
+ by 0x........: main (scalar.c:385)
Address 0x........ is not stack'd, malloc'd or (recently) free'd
Syscall param gettimeofday(tz) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:384)
+ by 0x........: main (scalar.c:385)
Address 0x........ is not stack'd, malloc'd or (recently) free'd
-----------------------------------------------------
@@ -939,20 +939,20 @@
-----------------------------------------------------
Syscall param settimeofday(tv) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:388)
+ by 0x........: main (scalar.c:389)
Syscall param settimeofday(tz) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:388)
+ by 0x........: main (scalar.c:389)
Syscall param settimeofday(tv) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:388)
+ by 0x........: main (scalar.c:389)
Address 0x........ is not stack'd, malloc'd or (recently) free'd
Syscall param settimeofday(tz) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:388)
+ by 0x........: main (scalar.c:389)
Address 0x........ is not stack'd, malloc'd or (recently) free'd
-----------------------------------------------------
@@ -960,15 +960,15 @@
-----------------------------------------------------
Syscall param getgroups16(size) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:392)
+ by 0x........: main (scalar.c:393)
Syscall param getgroups16(list) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:392)
+ by 0x........: main (scalar.c:393)
Syscall param getgroups16(list) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:392)
+ by 0x........: main (scalar.c:393)
Address 0x........ is not stack'd, malloc'd or (recently) free'd
-----------------------------------------------------
@@ -976,15 +976,15 @@
-----------------------------------------------------
Syscall param setgroups16(size) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:396)
+ by 0x........: main (scalar.c:397)
Syscall param setgroups16(list) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:396)
+ by 0x........: main (scalar.c:397)
Syscall param setgroups16(list) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:396)
+ by 0x........: main (scalar.c:397)
Address 0x........ is not stack'd, malloc'd or (recently) free'd
-----------------------------------------------------
@@ -992,32 +992,32 @@
-----------------------------------------------------
Syscall param old_select(args) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:402)
+ by 0x........: main (scalar.c:403)
Syscall param old_select(args) points to uninitialised byte(s)
...
- by 0x........: main (scalar.c:402)
+ by 0x........: main (scalar.c:403)
Address 0x........ is on thread 1's stack
- in frame #1, created by main (scalar.c:28)
+ in frame #1, created by main (scalar.c:29)
Syscall param old_select(readfds) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:402)
+ by 0x........: main (scalar.c:403)
Address 0x........ is not stack'd, malloc'd or (recently) free'd
Syscall param old_select(writefds) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:402)
+ by 0x........: main (scalar.c:403)
Address 0x........ is not stack'd, malloc'd or (recently) free'd
Syscall param old_select(exceptfds) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:402)
+ by 0x........: main (scalar.c:403)
Address 0x........ is not stack'd, malloc'd or (recently) free'd
Syscall param old_select(timeout) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:402)
+ by 0x........: main (scalar.c:403)
Address 0x........ is not stack'd, malloc'd or (recently) free'd
-----------------------------------------------------
@@ -1025,20 +1025,20 @@
-----------------------------------------------------
Syscall param symlink(oldpath) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:407)
+ by 0x........: main (scalar.c:408)
Syscall param symlink(newpath) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:407)
+ by 0x........: main (scalar.c:408)
Syscall param symlink(oldpath) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:407)
+ by 0x........: main (scalar.c:408)
Address 0x........ is not stack'd, malloc'd or (recently) free'd
Syscall param symlink(newpath) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:407)
+ by 0x........: main (scalar.c:408)
Address 0x........ is not stack'd, malloc'd or (recently) free'd
-----------------------------------------------------
@@ -1049,24 +1049,24 @@
-----------------------------------------------------
Syscall param readlink(path) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:415)
+ by 0x........: main (scalar.c:416)
Syscall param readlink(buf) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:415)
+ by 0x........: main (scalar.c:416)
Syscall param readlink(bufsiz) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:415)
+ by 0x........: main (scalar.c:416)
Syscall param readlink(path) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:415)
+ by 0x........: main (scalar.c:416)
Address 0x........ is not stack'd, malloc'd or (recently) free'd
Syscall param readlink(buf) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:415)
+ by 0x........: main (scalar.c:416)
Address 0x........ is not stack'd, malloc'd or (recently) free'd
-----------------------------------------------------
@@ -1086,39 +1086,39 @@
-----------------------------------------------------
Syscall param old_mmap(args) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:437)
+ by 0x........: main (scalar.c:438)
Syscall param old_mmap(args) points to uninitialised byte(s)
...
- by 0x........: main (scalar.c:437)
+ by 0x........: main (scalar.c:438)
Address 0x........ is on thread 1's stack
- in frame #1, created by main (scalar.c:28)
+ in frame #1, created by main (scalar.c:29)
-----------------------------------------------------
91: __NR_munmap 2s 0m
-----------------------------------------------------
Syscall param munmap(start) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:442)
+ by 0x........: main (scalar.c:443)
Syscall param munmap(length) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:442)
+ by 0x........: main (scalar.c:443)
-----------------------------------------------------
92: __NR_truncate 2s 1m
-----------------------------------------------------
Syscall param truncate(path) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:446)
+ by 0x........: main (scalar.c:447)
Syscall param truncate(length) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:446)
+ by 0x........: main (scalar.c:447)
Syscall param truncate(path) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:446)
+ by 0x........: main (scalar.c:447)
Address 0x........ is not stack'd, malloc'd or (recently) free'd
-----------------------------------------------------
@@ -1126,63 +1126,63 @@
-----------------------------------------------------
Syscall param ftruncate(fd) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:450)
+ by 0x........: main (scalar.c:451)
Syscall param ftruncate(length) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:450)
+ by 0x........: main (scalar.c:451)
-----------------------------------------------------
94: __NR_fchmod 2s 0m
-----------------------------------------------------
Syscall param fchmod(fildes) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:454)
+ by 0x........: main (scalar.c:455)
Syscall param fchmod(mode) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:454)
+ by 0x........: main (scalar.c:455)
-----------------------------------------------------
95: __NR_fchown 3s 0m
-----------------------------------------------------
Syscall param fchown16(fd) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:458)
+ by 0x........: main (scalar.c:459)
Syscall param fchown16(owner) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:458)
+ by 0x........: main (scalar.c:459)
Syscall param fchown16(group) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:458)
+ by 0x........: main (scalar.c:459)
-----------------------------------------------------
96: __NR_getpriority 2s 0m
-----------------------------------------------------
Syscall param getpriority(which) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:462)
+ by 0x........: main (scalar.c:463)
Syscall param getpriority(who) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:462)
+ by 0x........: main (scalar.c:463)
-----------------------------------------------------
97: __NR_setpriority 3s 0m
-----------------------------------------------------
Syscall param setpriority(which) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:466)
+ by 0x........: main (scalar.c:467)
Syscall param setpriority(who) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:466)
+ by 0x........: main (scalar.c:467)
Syscall param setpriority(prio) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:466)
+ by 0x........: main (scalar.c:467)
-----------------------------------------------------
98: __NR_profil ni
@@ -1192,20 +1192,20 @@
-----------------------------------------------------
Syscall param statfs(path) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:474)
+ by 0x........: main (scalar.c:475)
Syscall param statfs(buf) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:474)
+ by 0x........: main (scalar.c:475)
Syscall param statfs(path) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:474)
+ by 0x........: main (scalar.c:475)
Address 0x........ is not stack'd, malloc'd or (recently) free'd
Syscall param statfs(buf) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:474)
+ by 0x........: main (scalar.c:475)
Address 0x........ is not stack'd, malloc'd or (recently) free'd
-----------------------------------------------------
@@ -1213,15 +1213,15 @@
-----------------------------------------------------
Syscall param fstatfs(fd) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:478)
+ by 0x........: main (scalar.c:479)
Syscall param fstatfs(buf) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:478)
+ by 0x........: main (scalar.c:479)
Syscall param fstatfs(buf) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:478)
+ by 0x........: main (scalar.c:479)
Address 0x........ is not stack'd, malloc'd or (recently) free'd
-----------------------------------------------------
@@ -1229,15 +1229,15 @@
-----------------------------------------------------
Syscall param ioperm(from) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:482)
+ by 0x........: main (scalar.c:483)
Syscall param ioperm(num) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:482)
+ by 0x........: main (scalar.c:483)
Syscall param ioperm(turn_on) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:482)
+ by 0x........: main (scalar.c:483)
-----------------------------------------------------
102: __NR_socketcall XXX
@@ -1247,19 +1247,19 @@
-----------------------------------------------------
Syscall param syslog(type) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:490)
+ by 0x........: main (scalar.c:491)
Syscall param syslog(bufp) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:490)
+ by 0x........: main (scalar.c:491)
Syscall param syslog(len) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:490)
+ by 0x........: main (scalar.c:491)
Syscall param syslog(bufp) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:490)
+ by 0x........: main (scalar.c:491)
Address 0x........ is not stack'd, malloc'd or (recently) free'd
-----------------------------------------------------
@@ -1267,34 +1267,34 @@
-----------------------------------------------------
Syscall param setitimer(which) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:494)
+ by 0x........: main (scalar.c:495)
Syscall param setitimer(value) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:494)
+ by 0x........: main (scalar.c:495)
Syscall param setitimer(ovalue) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:494)
+ by 0x........: main (scalar.c:495)
Syscall param setitimer(&value->it_interval) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:494)
+ by 0x........: main (scalar.c:495)
Address 0x........ is not stack'd, malloc'd or (recently) free'd
Syscall param setitimer(&value->it_value) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:494)
+ by 0x........: main (scalar.c:495)
Address 0x........ is not stack'd, malloc'd or (recently) free'd
Syscall param setitimer(&ovalue->it_interval) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:494)
+ by 0x........: main (scalar.c:495)
Address 0x........ is not stack'd, malloc'd or (recently) free'd
Syscall param setitimer(&ovalue->it_value) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:494)
+ by 0x........: main (scalar.c:495)
Address 0x........ is not stack'd, malloc'd or (recently) free'd
-----------------------------------------------------
@@ -1302,20 +1302,20 @@
-----------------------------------------------------
Syscall param getitimer(which) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:498)
+ by 0x........: main (scalar.c:499)
Syscall param getitimer(value) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:498)
+ by 0x........: main (scalar.c:499)
Syscall param getitimer(&value->it_interval) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:498)
+ by 0x........: main (scalar.c:499)
Address 0x........ is not stack'd, malloc'd or (recently) free'd
Syscall param getitimer(&value->it_value) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:498)
+ by 0x........: main (scalar.c:499)
Address 0x........ is not stack'd, malloc'd or (recently) free'd
-----------------------------------------------------
@@ -1323,20 +1323,20 @@
-----------------------------------------------------
Syscall param stat(file_name) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:502)
+ by 0x........: main (scalar.c:503)
Syscall param stat(buf) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:502)
+ by 0x........: main (scalar.c:503)
Syscall param stat(file_name) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:502)
+ by 0x........: main (scalar.c:503)
Address 0x........ is not stack'd, malloc'd or (recently) free'd
Syscall param stat(buf) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:502)
+ by 0x........: main (scalar.c:503)
Address 0x........ is not stack'd, malloc'd or (recently) free'd
-----------------------------------------------------
@@ -1344,20 +1344,20 @@
-----------------------------------------------------
Syscall param lstat(file_name) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:506)
+ by 0x........: main (scalar.c:507)
Syscall param lstat(buf) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:506)
+ by 0x........: main (scalar.c:507)
Syscall param lstat(file_name) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:506)
+ by 0x........: main (scalar.c:507)
Address 0x........ is not stack'd, malloc'd or (recently) free'd
Syscall param lstat(buf) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:506)
+ by 0x........: main (scalar.c:507)
Address 0x........ is not stack'd, malloc'd or (recently) free'd
-----------------------------------------------------
@@ -1365,15 +1365,15 @@
-----------------------------------------------------
Syscall param fstat(fd) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:510)
+ by 0x........: main (scalar.c:511)
Syscall param fstat(buf) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:510)
+ by 0x........: main (scalar.c:511)
Syscall param fstat(buf) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:510)
+ by 0x........: main (scalar.c:511)
Address 0x........ is not stack'd, malloc'd or (recently) free'd
-----------------------------------------------------
@@ -1384,7 +1384,7 @@
-----------------------------------------------------
Syscall param iopl(level) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:518)
+ by 0x........: main (scalar.c:519)
-----------------------------------------------------
111: __NR_vhangup 0s 0m
@@ -1400,28 +1400,28 @@
-----------------------------------------------------
Syscall param wait4(pid) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:534)
+ by 0x........: main (scalar.c:535)
Syscall param wait4(status) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:534)
+ by 0x........: main (scalar.c:535)
Syscall param wait4(options) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:534)
+ by 0x........: main (scalar.c:535)
Syscall param wait4(rusage) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:534)
+ by 0x........: main (scalar.c:535)
Syscall param wait4(status) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:534)
+ by 0x........: main (scalar.c:535)
Address 0x........ is not stack'd, malloc'd or (recently) free'd
Syscall param wait4(rusage) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:534)
+ by 0x........: main (scalar.c:535)
Address 0x........ is not stack'd, malloc'd or (recently) free'd
-----------------------------------------------------
@@ -1432,11 +1432,11 @@
-----------------------------------------------------
Syscall param sysinfo(info) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:542)
+ by 0x........: main (scalar.c:543)
Syscall param sysinfo(info) points to unaddressable byte(s)
...
- by 0x........: main (scalar.c:542)
+ by 0x........: main (scalar.c:543)
Address 0x........ is not stack'd, malloc'd or (recently) free'd
-----------------------------------------------------
@@ -1444,34 +1444,34 @@
-----------------------------------------------------
Syscall param ipc(call) contains uninitialised byte(s)
...
- by 0x........: main (scalar.c:5...
[truncated message content] |
|
From: Carl E. L. <ce...@us...> - 2017-04-26 16:03:32
|
On Wed, 2017-04-26 at 16:11 +0200, Julian Seward wrote:
> Carl,
>
> There are various refinements in memcheck/mc_translate.c that are related
> to accurate definedness tracking in this kind of case, for
> Iop_Cmp{32,64}, Iop_{Add,Sub}{32,64}, and Iop_CmpORD{32,64}{S,U}, the
> last of which are PPC64 specials. But they don't seem to have had any
> effect here.
>
> To diagnose this we really need to see the front end translation of the
> assembly fragment you showed, plus the uninstrumented, optimised IR
> relating to it. You should be able to get those with --tool=none
> --trace-flags=10001000 --trace-notbelow=<whatever>. Please get those
> and then we can see what's going on. Maybe!
>
> J
>
Julian:
Here is the test program.
#include <string.h>
int main ()
{
char str1[15];
char str2[15];
strcpy(str1, "abcdef");
strcpy(str2, "ABCDEF");
return strcmp(str1, str2);
}
Here is a dump of the Power binary produced by gcc7 for the code we are
interested in.
0000000010000460 <main>:
#include <string.h>
int main ()
{
10000460: 02 10 40 3c lis r2,4098
10000464: 00 7f 42 38 addi r2,r2,32512
char str1[15];
char str2[15];
strcpy(str1, "abcdef");
strcpy(str2, "ABCDEF");
10000468: fe ff 22 3d addis r9,r2,-2
1000046c: 40 8a 29 81 lwz r9,-30144(r9)
10000470: fe ff 42 3d addis r10,r2,-2
10000474: 46 8a 4a 89 lbz r10,-30138(r10)
{
10000478: c1 ff 21 f8 stdu r1,-64(r1)
strcpy(str1, "abcdef");
1000047c: fe ff a2 3c addis r5,r2,-2
10000480: 38 8a a5 80 lwz r5,-30152(r5)
10000484: fe ff c2 3c addis r6,r2,-2
10000488: 3c 8a c6 a0 lhz r6,-30148(r6)
1000048c: fe ff e2 3c addis r7,r2,-2
10000490: 3e 8a e7 88 lbz r7,-30146(r7)
strcpy(str2, "ABCDEF");
10000494: fe ff 02 3d addis r8,r2,-2
10000498: 44 8a 08 a1 lhz r8,-30140(r8)
1000049c: 20 00 21 91 stw r9,32(r1)
100004a0: 26 00 41 99 stb r10,38(r1)
return strcmp(str1, str2);
100004a4: 30 00 21 39 addi r9,r1,48
100004a8: 20 00 41 39 addi r10,r1,32
strcpy(str1, "abcdef");
100004ac: 30 00 a1 90 stw r5,48(r1)
100004b0: 34 00 c1 b0 sth r6,52(r1)
100004b4: 36 00 e1 98 stb r7,54(r1)
strcpy(str2, "ABCDEF");
100004b8: 24 00 01 b1 sth r8,36(r1)
return strcmp(str1, str2);
100004bc: 28 4c 20 7d ldbrx r9,0,r9
100004c0: 28 54 40 7d ldbrx r10,0,r10
100004c4: 51 48 6a 7c subf. r3,r10,r9
100004c8: 1c 00 82 40 bne 100004e4 <main+0x84>
100004cc: f8 1b 2a 7d cmpb r10,r9,r3
100004d0: 00 00 aa 2f cmpdi cr7,r10,0
100004d4: 38 00 9e 41 beq cr7,1000050c <main+0xac>
}
100004d8: b4 07 63 7c extsw r3,r3
100004dc: 40 00 21 38 addi r1,r1,64
100004e0: 20 00 80 4e blr
return strcmp(str1, str2);
100004e4: 00 00 00 39 li r8,0
100004e8: f8 53 23 7d cmpb r3,r9,r10
100004ec: f8 43 28 7d cmpb r8,r9,r8
100004f0: 38 1b 03 7d orc r3,r8,r3
100004f4: 74 00 63 7c cntlzd r3,r3
100004f8: 08 00 63 38 addi r3,r3,8
100004fc: 30 1e 29 79 rldcl r9,r9,r3,56
10000500: 30 1e 4a 79 rldcl r10,r10,r3,56
10000504: 50 48 6a 7c subf r3,r10,r9
10000508: d0 ff ff 4b b 100004d8 <main+0x78>
The loads in question are at addresses 100004bc and 100004c0. The
optimization loads these partially ininitialized values. The compiler
uses the cmpb instruction to make sure it really only looks at the valid
bytes, but as we said Valgrind doesn't know all that.
I ran valgrind as:
valgrind --tool=none --trace-flags=10001000
--trace-notbelow=1408 ./bug80497-gcc7 > bug80497-debug 2>&1
Took a little playing but it looks like SB 1408 corresponds to the
beginning of main and the above assembly code runs thru SB1409. I
edited down the valgrind output to just SB1408 and SB1409. I have
attached it as a file. I have the complete output if I threw away too
much. Thanks for your help on this.
Carl Love
|
|
From: Julian S. <js...@ac...> - 2017-04-26 14:11:25
|
Carl,
There are various refinements in memcheck/mc_translate.c that are related
to accurate definedness tracking in this kind of case, for
Iop_Cmp{32,64}, Iop_{Add,Sub}{32,64}, and Iop_CmpORD{32,64}{S,U}, the
last of which are PPC64 specials. But they don't seem to have had any
effect here.
To diagnose this we really need to see the front end translation of the
assembly fragment you showed, plus the uninstrumented, optimised IR
relating to it. You should be able to get those with --tool=none
--trace-flags=10001000 --trace-notbelow=<whatever>. Please get those
and then we can see what's going on. Maybe!
J
|
Author: petarj
Date: Wed Apr 26 11:15:45 2017
New Revision: 16313
Log:
update drd/tests/tc23_bogus_condwait.stderr.exp files
Follow up to r16312. drd tests use the same file, so we need to update
its exp files too.
Modified:
trunk/drd/tests/tc23_bogus_condwait.stderr.exp-darwin-amd64
trunk/drd/tests/tc23_bogus_condwait.stderr.exp-darwin-x86
trunk/drd/tests/tc23_bogus_condwait.stderr.exp-linux-ppc
trunk/drd/tests/tc23_bogus_condwait.stderr.exp-linux-x86
Modified: trunk/drd/tests/tc23_bogus_condwait.stderr.exp-darwin-amd64
==============================================================================
--- trunk/drd/tests/tc23_bogus_condwait.stderr.exp-darwin-amd64 (original)
+++ trunk/drd/tests/tc23_bogus_condwait.stderr.exp-darwin-amd64 Wed Apr 26 11:15:45 2017
@@ -8,7 +8,7 @@
by 0x........: main (tc23_bogus_condwait.c:72)
mutex 0x........ was first observed at:
at 0x........: pthread_mutex_init (drd_pthread_intercepts.c:?)
- by 0x........: main (tc23_bogus_condwait.c:51)
+ by 0x........: main (tc23_bogus_condwait.c:54)
Thread 3:
Probably a race condition: condition variable 0x........ has been signaled but the associated mutex 0x........ is not locked by the signalling thread.
@@ -20,7 +20,7 @@
by 0x........: main (tc23_bogus_condwait.c:56)
mutex 0x........ was first observed at:
at 0x........: pthread_mutex_init (drd_pthread_intercepts.c:?)
- by 0x........: main (tc23_bogus_condwait.c:51)
+ by 0x........: main (tc23_bogus_condwait.c:54)
Thread 1:
The object at address 0x........ is not a mutex.
Modified: trunk/drd/tests/tc23_bogus_condwait.stderr.exp-darwin-x86
==============================================================================
--- trunk/drd/tests/tc23_bogus_condwait.stderr.exp-darwin-x86 (original)
+++ trunk/drd/tests/tc23_bogus_condwait.stderr.exp-darwin-x86 Wed Apr 26 11:15:45 2017
@@ -8,7 +8,7 @@
by 0x........: main (tc23_bogus_condwait.c:72)
mutex 0x........ was first observed at:
at 0x........: pthread_mutex_init (drd_pthread_intercepts.c:?)
- by 0x........: main (tc23_bogus_condwait.c:51)
+ by 0x........: main (tc23_bogus_condwait.c:54)
Thread 3:
Probably a race condition: condition variable 0x........ has been signaled but the associated mutex 0x........ is not locked by the signalling thread.
@@ -20,7 +20,7 @@
by 0x........: main (tc23_bogus_condwait.c:56)
mutex 0x........ was first observed at:
at 0x........: pthread_mutex_init (drd_pthread_intercepts.c:?)
- by 0x........: main (tc23_bogus_condwait.c:51)
+ by 0x........: main (tc23_bogus_condwait.c:54)
Thread 1:
The object at address 0x........ is not a mutex.
Modified: trunk/drd/tests/tc23_bogus_condwait.stderr.exp-linux-ppc
==============================================================================
--- trunk/drd/tests/tc23_bogus_condwait.stderr.exp-linux-ppc (original)
+++ trunk/drd/tests/tc23_bogus_condwait.stderr.exp-linux-ppc Wed Apr 26 11:15:45 2017
@@ -18,7 +18,7 @@
by 0x........: main (tc23_bogus_condwait.c:72)
mutex 0x........ was first observed at:
at 0x........: pthread_mutex_init (drd_pthread_intercepts.c:?)
- by 0x........: main (tc23_bogus_condwait.c:51)
+ by 0x........: main (tc23_bogus_condwait.c:54)
The object at address 0x........ is not a mutex.
at 0x........: pthread_cond_wait (drd_pthread_intercepts.c:?)
Modified: trunk/drd/tests/tc23_bogus_condwait.stderr.exp-linux-x86
==============================================================================
--- trunk/drd/tests/tc23_bogus_condwait.stderr.exp-linux-x86 (original)
+++ trunk/drd/tests/tc23_bogus_condwait.stderr.exp-linux-x86 Wed Apr 26 11:15:45 2017
@@ -18,7 +18,7 @@
by 0x........: main (tc23_bogus_condwait.c:72)
mutex 0x........ was first observed at:
at 0x........: pthread_mutex_init (drd_pthread_intercepts.c:?)
- by 0x........: main (tc23_bogus_condwait.c:51)
+ by 0x........: main (tc23_bogus_condwait.c:54)
Thread 3:
Probably a race condition: condition variable 0x........ has been signaled but the associated mutex 0x........ is not locked by the signalling thread.
@@ -30,7 +30,7 @@
by 0x........: main (tc23_bogus_condwait.c:56)
mutex 0x........ was first observed at:
at 0x........: pthread_mutex_init (drd_pthread_intercepts.c:?)
- by 0x........: main (tc23_bogus_condwait.c:51)
+ by 0x........: main (tc23_bogus_condwait.c:54)
Thread 1:
The object at address 0x........ is not a mutex.
|
|
From: Ivo R. <iv...@iv...> - 2017-04-26 01:04:47
|
2017-04-26 1:21 GMT+02:00 Patrick J. LoPresti <lop...@gm...>: > On Tue, Apr 25, 2017 at 12:22 PM, Carl E. Love <ce...@us...> wrote: >> >> I did try recompiling the test case with -fno-builtin-strcmp and running without any >> additional Valgrind flags and still got the issue. > > Hm. You are sure the warning is still from the application code and > not the C library? I'd suggest to try gdb+vgdb combo, as described nicely for example here: http://valgrind.org/docs/manual/manual-core-adv.html#manual-core-adv.gdbserver Start your application with: --vgdb=full --vgdb-error=1 [--vgdb-shadow-registers=yes] and after attaching with gdb you'll get exact location which is causing all the trouble. I. |