| Summary: | Incorrectly assumes static text is uninitialized | ||
|---|---|---|---|
| Product: | [Developer tools] valgrind | Reporter: | PQCraft <0456523> |
| Component: | memcheck | Assignee: | Julian Seward <jseward> |
| Status: | RESOLVED NOT A BUG | ||
| Severity: | normal | CC: | pjfloyd, tom |
| Priority: | NOR | ||
| Version First Reported In: | unspecified | ||
| Target Milestone: | --- | ||
| Platform: | Arch Linux | ||
| OS: | Linux | ||
| Latest Commit: | Version Fixed/Implemented In: | ||
| Sentry Crash Report: | |||
|
Description
PQCraft
2021-10-26 14:15:27 UTC
Really, nothing would work properly if that was actually the case. Whatever is really going on I'm sure it's more complicated than that but we're going to need to see some example code that demonstrates the problem. Also, what version of valgrind are you using? i am using valgrind 3.17.0 and here is an updated output: ``` $ valgrind --leak-check=full --show-leak-kinds=all ./clibasic ==27401== Memcheck, a memory error detector ==27401== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al. ==27401== Using Valgrind-3.17.0 and LibVEX; rerun with -h for copyright info ==27401== Command: ./clibasic ==27401== CLIBASIC> dim test, 5 ==27401== Use of uninitialised value of size 8 ==27401== at 0x48447B2: strlen (vg_replace_strmem.c:469) ==27401== by 0x4141C7: setVar (clibasic.c:2016) ==27401== by 0x4181DB: runcmd.part.0 (commands.c:66) ==27401== by 0x4045BD: runcmd (clibasic.c:3185) ==27401== by 0x4045BD: main (clibasic.c:1165) ==27401== ==27401== Use of uninitialised value of size 8 ==27401== at 0x48447C4: strlen (vg_replace_strmem.c:469) ==27401== by 0x4141C7: setVar (clibasic.c:2016) ==27401== by 0x4181DB: runcmd.part.0 (commands.c:66) ==27401== by 0x4045BD: runcmd (clibasic.c:3185) ==27401== by 0x4045BD: main (clibasic.c:1165) ==27401== ==27401== Use of uninitialised value of size 8 ==27401== at 0x4B7DA40: __strcpy_avx2 (in /usr/lib/libc-2.33.so) ==27401== by 0x4141E9: setVar (clibasic.c:2017) ==27401== by 0x4181DB: runcmd.part.0 (commands.c:66) ==27401== by 0x4045BD: runcmd (clibasic.c:3185) ==27401== by 0x4045BD: main (clibasic.c:1165) ==27401== ==27401== Conditional jump or move depends on uninitialised value(s) ==27401== at 0x484493D: is_overlap (vg_replace_strmem.c:130) ==27401== by 0x484493D: strcpy (vg_replace_strmem.c:523) ==27401== by 0x4141E9: setVar (clibasic.c:2017) ==27401== by 0x4181DB: runcmd.part.0 (commands.c:66) ==27401== by 0x4045BD: runcmd (clibasic.c:3185) ==27401== by 0x4045BD: main (clibasic.c:1165) ==27401== ==27401== Conditional jump or move depends on uninitialised value(s) ==27401== at 0x4844942: is_overlap (vg_replace_strmem.c:139) ==27401== by 0x4844942: is_overlap (vg_replace_strmem.c:126) ==27401== by 0x4844942: strcpy (vg_replace_strmem.c:523) ==27401== by 0x4141E9: setVar (clibasic.c:2017) ==27401== by 0x4181DB: runcmd.part.0 (commands.c:66) ==27401== by 0x4045BD: runcmd (clibasic.c:3185) ==27401== by 0x4045BD: main (clibasic.c:1165) ==27401== ==27401== Conditional jump or move depends on uninitialised value(s) ==27401== at 0x48449B0: strcpy (vg_replace_strmem.c:523) ==27401== by 0x4141E9: setVar (clibasic.c:2017) ==27401== by 0x4181DB: runcmd.part.0 (commands.c:66) ==27401== by 0x4045BD: runcmd (clibasic.c:3185) ==27401== by 0x4045BD: main (clibasic.c:1165) ==27401== CLIBASIC> ``` it complains about this line in every error:
```
if (!setVar(arg[1], val, type, asize)) goto cmderr;
```
which above is set like so:
```
char* val = NULL; uint8_t type = 0;
if (argct == 3) {
val = arg[3];
type = argt[3];
} else {
val = ((arg[1][argl[1] - 1] == '$') ? "" : "0");
type = 2 - (arg[1][argl[1] - 1] == '$');
}
```
It would be really helpful if you could show the actual code. It really looks like you are passing around some undefined values. You can also try adding --track-origins=yes to see where the undefined values are created. the code can be found here: https://github.com/pqcraft/clibasic after passing `--track-origins=yes` it states that the uninitialized variable was created by heap allocation and points to `arg[3]` but i know this is wrong as the argument count is 2 and if the argument count isn't 3, it doesn't consider `arg[3]` also, if `arg[3]` was actually used, it causes a segmentation fault You code is truly horrible. gotos everywhere. Including C source in the middle of a file. K&R non-prototype function declarations. The Makefile looks like it is trying to be a script. The Makefile mixes compiler flags and linker flags willy nilly. You really need to learn how to program correctly.
The first error is on this line
│ > 144 val = (arg[1][argl[1] - 1] == '$') ? defaultstr : defaultnu│
arg is
char **arg = NULL;
and argl is
int32_t *argl = NULL;
The seem to be allocated OK.
arg[1] contains "TEST".
argl[1] contains 6.
Than means you are accessing the 6-1 = 5 or the 6th byte in arg[1]. But it only points to 5 bytes.
There are lots of bugs in the code. For a start I think that
argl[i] = ngptr - gptr;
is out by one and should be
argl[i] = ngptr - gptr - 1;
Sorry I completely forgot about this report. The project here (CLIBASIC) had its last commit 2 years ago. I moved on other projects out of boredom and the bug whack-a-mole sessions stemming from the poor code quality. I do still use labels though, just only for jumping to cleanup code in a function. |