[valgrind] [Bug 381299] New: false uninit on new page via sbrk(n)

Fri, 16 Jun 2017 12:51:46 -0700 

https://bugs.kde.org/show_bug.cgi?id=381299

            Bug ID: 381299
           Summary: false uninit on new page via sbrk(n)
           Product: valgrind
           Version: 3.13 SVN
          Platform: Compiled Sources
                OS: Linux
            Status: UNCONFIRMED
          Severity: normal
          Priority: NOR
         Component: memcheck
          Assignee: [email protected]
          Reporter: [email protected]
  Target Milestone: ---

Memcheck generates a false positive uninitialized complaint when the target
program uses a value from a new page that was [just] allocated via sbrk(n). 
The operating system guarantees that new pages are all zero, so memcheck should
not complain.

===== vg-brk.c test case
#include <stdio.h>
#include <unistd.h>

#define PAGE_SIZE (1u<<12)
#define PAGE_MASK -PAGE_SIZE

int
main(int argc, char *argv[])
{
        void *p0 = sbrk(0);
        printf("p0=%p  from sbrk(0)\n", p0);
        void *p1 = (void *)(PAGE_MASK & (-1+ PAGE_SIZE + (long)p0));
        int r1 = brk(p1);
        printf("p1=%p  p0 rounded up to page boundary  r1=%d\n", p1, r1);
        void *p2 = sbrk(0x1000);
        printf("p2=%p  new page was allocated here\n", p2);
        void *p3 = sbrk(0x1000);
        printf("p3=%p  new page was allocated here\n", p3);
        printf("\n");
        printf("will access %p\n", p2);
        printf("%d\n", *(int *)p2);
        return 0;
}
=====

$ gcc -g -o vg-brk vg-brk.c
$ valgrind-3.13.0/bin/valgrind --track-origins=yes ./vg-brk
==18003== Memcheck, a memory error detector
==18003== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al.
==18003== Using Valgrind-3.13.0 and LibVEX; rerun with -h for copyright info
==18003== Command: ./vg-brk
==18003== 
p0=0x4228000  from sbrk(0)
p1=0x4228000  p0 rounded up to page boundary  r1=0
p2=0x4228000  new page was allocated here
p3=0x4229000  new page was allocated here

will access 0x4228000
==18003== Conditional jump or move depends on uninitialised value(s)
==18003==    at 0x4E8844A: vfprintf (in /usr/lib64/libc-2.24.so)
==18003==    by 0x4E906D8: printf (in /usr/lib64/libc-2.24.so)
==18003==    by 0x4006C2: main (vg-brk.c:21)
==18003==  Uninitialised value was created
==18003==    at 0x4F37579: brk (in /usr/lib64/libc-2.24.so)
==18003==    by 0x4F37658: sbrk (in /usr/lib64/libc-2.24.so)
==18003==    by 0x40064D: main (vg-brk.c:15)
==18003== 
  [[snip]]

-- 
You are receiving this mail because:
You are watching all bug changes.

Reply via email to