|
From: Yeshurun, M. <mei...@in...> - 2006-08-21 14:09:24
|
Hi, Would it be possible to report copying of an uninitialized value when 4 contiguous bytes (or more) are copied at once? Why not report such cases? It's a nightmare trying to track where uninitialized values are coming from... Thanks, Meir |
|
From: Julian S. <js...@ac...> - 2006-08-21 15:38:02
|
On Monday 21 August 2006 15:08, Yeshurun, Meir wrote: > cases? It's a nightmare trying to track where uninitialized values are > coming from... Even if you use the VALGRIND_CHECK_DEFINED macro? J |
|
From: <pin...@so...> - 2006-08-21 15:57:21
|
dGhlIHByb2dyYW0gaXMgb2sgd2hlbiBpIG5vdCB1c2UgdGltZXIhDQppIHNvcnJ5IGZvciBteSBi YWQgZW5nbGlzaCENCg0KY2FuIHlvdSB0ZWxsbCBtZSB3aHk/DQovLyBjcmVhdGUgYSBzeXN0ZW0g dGltZXINCmludCBUaW1lcjo6Y3JlYXRlVGltZXIoKQ0Kew0KICAgY2xvY2tfdCBjbG9jayA9IENM T0NLX1JFQUxUSU1FOw0KICAgc3RydWN0IHNpZ2V2ZW50IHNlOw0KICAgc3RydWN0IHNpZ2FjdGlv biBhY3Q7DQogICBpbnQgc2lnbnVtID0gU0lHUlRNQVg7DQogICBpbnQgcmV0Ow0KDQogICBzaWdm aWxsc2V0KCZhY3Quc2FfbWFzayk7DQogICBhY3Quc2FfZmxhZ3MgICA9IDA7DQogICBhY3Quc2Ff aGFuZGxlciA9IHNpZ2FsYXJtOw0KICAgc2lnYWN0aW9uKHNpZ251bSwgJmFjdCwgTlVMTCk7DQoN CiAgIG1lbXNldCgmc2UsIDAsIHNpemVvZihzZSkpOw0KICAgc2Uuc2lnZXZfbm90aWZ5ICAgICAg ICAgID0gU0lHRVZfU0lHTkFMOw0KICAgc2Uuc2lnZXZfc2lnbm8gICAgICAgICAgID0gc2lnbnVt Ow0KICAgc2Uuc2lnZXZfdmFsdWUuc2l2YWxfaW50ID0gMDsNCiAgIHJldCA9IHRpbWVyX2NyZWF0 ZShjbG9jaywgJnNlLCAmdGltZXJfaWQpOw0KICAgaWYgKHJldCA8IDApDQogICB7DQogICAgICBy ZXR1cm4gQ1JFQVRFX1RJTUVSX0ZBSUxFRDsNCiAgIH0NCg0KICAgcmV0dXJuIFNVQ0NFU1M7DQp9 DQoNCi8vIGFjdGl2ZSB0aGUgdGltZXINCmludCBUaW1lcjo6YWN0aXZlVGltZXIoaW50IHNlYywg bG9uZyB1c2VjKQ0Kew0KICAgaW50IHJldDsNCiAgIHN0cnVjdCBpdGltZXJzcGVjIHRzOw0KICAg c2lnc2V0X3Qgc2lnbWFzaywgb3JpZ19zaWdtYXNrOw0KICAgDQogICB0cy5pdF9pbnRlcnZhbC50 dl9zZWMgID0gMDsNCiAgIHRzLml0X2ludGVydmFsLnR2X25zZWMgPSAxMDAwOw0KICAgdHMuaXRf dmFsdWUudHZfc2VjICAgICA9IHNlYzsNCiAgIHRzLml0X3ZhbHVlLnR2X25zZWMgICAgPSB1c2Vj KjEwMDA7DQogICANCiAgIGlmIChsb2dnZXJQLT5pc0VuYWJsZWQpDQogICB7DQogICAgICBjaGFy IGJ1ZlsxMjhdOw0KICAgICAgc3ByaW50ZihidWYsICJBY3RpdmF0ZSBhIHN5c3RlbSB0aW1lcjpz ZWM9JWQsIHVzZWM9JWQiLCBzZWMsIHVzZWMpOw0KICAgICAgTE9HR0VSX0RFQlVHKGxvZ2dlclAs IGJ1Zik7DQogICB9DQogICByZXQgPSB0aW1lcl9zZXR0aW1lKHRpbWVyX2lkLCAwLCAmdHMsIE5V TEwpOw0KICAgaWYgKHJldCA8IDApIA0KICAgew0KICAgICAgcmV0dXJuIFNFVF9USU1FUl9GQUlM RUQ7DQogICB9DQoNCiAgIHNpZ2VtcHR5c2V0KCZzaWdtYXNrKTsNCiAgIHNpZ2FkZHNldCgmc2ln bWFzaywgU0lHRVZfU0lHTkFMKTsNCiAgIHNpZ3Byb2NtYXNrKFNJR19CTE9DSywgJnNpZ21hc2ss ICZvcmlnX3NpZ21hc2spOw0KICAgDQogICByZXR1cm4gU1VDQ0VTUzsNCn0NCg0KDQoNCg0Kxr3V 8NPuDQoyMDA2LTA4LTIxDQoNCg0KDQq3orz+yMujuiBKdWxpYW4gU2V3YXJkDQq3osvNyrG85KO6 IDIwMDYtMDgtMjEgMjM6Mzg6MDYNCsrVvP7Iy6O6IHZhbGdyaW5kLXVzZXJzQGxpc3RzLnNvdXJj ZWZvcmdlLm5ldA0Ks63LzaO6IFllc2h1cnVuLCBNZWlyDQrW98zio7ogUmU6IFtWYWxncmluZC11 c2Vyc10gY29weWluZyB1bmluaXRpYWxpemVkIHZhbHVlcw0KDQpPbiBNb25kYXkgMjEgQXVndXN0 IDIwMDYgMTU6MDgsIFllc2h1cnVuLCBNZWlyIHdyb3RlOg0KDQo+IGNhc2VzPyBJdCdzIGEgbmln aHRtYXJlIHRyeWluZyB0byB0cmFjayB3aGVyZSB1bmluaXRpYWxpemVkICB2YWx1ZXMgYXJlDQo+ IGNvbWluZyBmcm9tLi4uDQoNCkV2ZW4gaWYgeW91IHVzZSB0aGUgVkFMR1JJTkRfQ0hFQ0tfREVG SU5FRCBtYWNybz8NCg0KSg0KDQotLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQpVc2luZyBUb21jYXQgYnV0IG5l ZWQgdG8gZG8gbW9yZT8gTmVlZCB0byBzdXBwb3J0IHdlYiBzZXJ2aWNlcywgc2VjdXJpdHk/DQpH ZXQgc3R1ZmYgZG9uZSBxdWlja2x5IHdpdGggcHJlLWludGVncmF0ZWQgdGVjaG5vbG9neSB0byBt YWtlIHlvdXIgam9iIGVhc2llcg0KRG93bmxvYWQgSUJNIFdlYlNwaGVyZSBBcHBsaWNhdGlvbiBT ZXJ2ZXIgdi4xLjAuMSBiYXNlZCBvbiBBcGFjaGUgR2Vyb25pbW8NCmh0dHA6Ly9zZWwuYXMtdXMu ZmFsa2FnLm5ldC9zZWw/Y21kPWxuayZraWQ9MTIwNzA5JmJpZD0yNjMwNTcmZGF0PTEyMTY0Mg0K X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX18NClZhbGdyaW5k LXVzZXJzIG1haWxpbmcgbGlzdA0KVmFsZ3JpbmQtdXNlcnNAbGlzdHMuc291cmNlZm9yZ2UubmV0 DQpodHRwczovL2xpc3RzLnNvdXJjZWZvcmdlLm5ldC9saXN0cy9saXN0aW5mby92YWxncmluZC11 c2Vycw0KDQoNCl9fX19fX19fX18gTk9EMzIgMS4xNzE3ICgyMDA2MDgyMSkgSW5mb3JtYXRpb24g X19fX19fX19fXw0KDQpUaGlzIG1lc3NhZ2Ugd2FzIGNoZWNrZWQgYnkgTk9EMzIgYW50aXZpcnVz IHN5c3RlbS4NCmh0dHA6Ly93d3cubm9kMzJjbi5jb20NCg== |
|
From: Dennis L. <pla...@pr...> - 2006-08-21 23:53:58
|
Am Montag, den 21.08.2006, 16:37 +0100 schrieb Julian Seward:
> On Monday 21 August 2006 15:08, Yeshurun, Meir wrote:
>
> > cases? It's a nightmare trying to track where uninitialized values are
> > coming from...
>
> Even if you use the VALGRIND_CHECK_DEFINED macro?
Yes.
IMHO thats because of multiple reasons:
not every environment is setup to use valgrind headers and macros. There
are even some projects, were (e.g. due to company policy etc.) its not
allowed to check in code that uses valgrind, so you have to add it for
debugging, and then remove it again.
It happens quite often (though of course not in all cases) that the
undefinedness of a variable starts at, or near its lifetime (missing
initialization, using the return of a function to initialize etc.). But
since the report of the uninitialized value is at the latest point
possible (good reason to avoid false positives due to intentional
uninitialized memory copying by the compiler), this can be quite far
away. In lots of programs, variables can get their values from lots of
places (where they are calculated, choosen because of other values etc.)
so you have to track back its origin. for that, you litter your code
with valgrind defined checks (of course not everywhere, since you later
might have to remove them, as stated above).
Everytime I encounter some unitialized value use warning I cannot
immediately solve, it turns out into a quite hard debugging situation.
Don't get me wrong, its really great to at least know that its
unitialized. Or one bit.
So, how to use that problem? Often when I track down such problems I
think about it. I also try to understand the V code every time a bit,
but its quite complex. Maybe after 20 tries, I understand more ;) But I
mainly consider two solutions, which have often be discussed, but let me
state them again:
Every operation, where some unitialized value is involved, copy some
information (maybe the code address?) along with that value. Don't copy
it when its defined.
Disadvantage: Check for definedness needed quite often, so probably a
huge runtime impact.
Advantage: The exact origin of the uninitialized value can be tracked
down immediately.
Report the unitialized values earlier. This should only be done
sometimes, e.g. not when a value is just copied, since compilers
sometimes intentionally copy unitialized data, due to efficiency
reasons. Consider the following example:
int i; // clearly unitialized
int z = 0;
z += i; // no report
printf("%d\n",z); // V only reports here
Here I think, V should already report at the point, where the
calculation is done. I could not think of any reason (thin ice here, I
might be as well wrong, please tell me if you know more) why a compiler
should do calculations with unitialized values. Also maybe there is a
way to let V detect, if a value is passed as a function parameter, or is
returned from a function. Thos (I think) are copy events, where a report
should be given.
Disadvantage: Could miss some cases (worst would be to delay the report
until the point its done today)
Advantage: hopefully less runtime impact.
There are certainly more ways to mix both, or even entirely different
ways. But every way would be an improvement, as long as the chance for a
false positive is really low.
greets
Dennis
|
|
From: Nicholas N. <nj...@cs...> - 2006-08-22 00:29:32
|
On Tue, 22 Aug 2006, Dennis Lubert wrote:
> Every operation, where some unitialized value is involved, copy some
> information (maybe the code address?) along with that value. Don't copy
> it when its defined.
>
> Disadvantage: Check for definedness needed quite often, so probably a
> huge runtime impact.
Yes, this approach is a non-starter for this reason.
> Report the unitialized values earlier. This should only be done
> sometimes, e.g. not when a value is just copied, since compilers
> sometimes intentionally copy unitialized data, due to efficiency
> reasons. Consider the following example:
>
> int i; // clearly unitialized
> int z = 0;
> z += i; // no report
> printf("%d\n",z); // V only reports here
>
> Here I think, V should already report at the point, where the
> calculation is done. I could not think of any reason (thin ice here, I
> might be as well wrong, please tell me if you know more) why a compiler
> should do calculations with unitialized values.
Real programs do all sorts of things that you wouldn't expect them to. For
example, I never would have expected a pointer to be multiplied, but when I
worked on Annelid (a bounds-checker) I found this to be not uncommon -- I
think mostly when the pointer was being put through a hash function.
So any ideas like this have to be tested.
> There are certainly more ways to mix both, or even entirely different
> ways. But every way would be an improvement, as long as the chance for a
> false positive is really low.
Of course. But finding that sweet spot of "lots of errors, no false
positives" is difficult.
I'm interested to try the idea of reporting suspicious copies of N or more
bytes of undefined data, where N is the machine word size (4 or 8 bytes).
Nick
|
|
From: Maurice v. d. P. <gri...@ge...> - 2006-08-22 09:08:44
|
On Mon, Aug 21, 2006 at 05:08:39PM +0300, Yeshurun, Meir wrote: > Would it be possible to report copying of an uninitialized value when 4 > contiguous bytes (or more) are copied at once? Why not report such > cases? It's a nightmare trying to track where uninitialized values are > coming from... >=20 You mean something like this? http://bugs.kde.org/show_bug.cgi?id=3D92456 At one time I started implementing it, but I got stuck when I needed to go from a pointer to a variable name + location. Maurice. --=20 Maurice van der Pot Gentoo Linux Developer gri...@ge... http://www.gentoo.org Creator of BiteMe! gri...@kf... http://www.kfk4ever.com |