[Bug 28756] New: ws2_32/tests/sock.ok: uninitialised value created in test_events(), used in get_cached_fd()?
http://bugs.winehq.org/show_bug.cgi?id=28756
Bug #: 28756 Summary: ws2_32/tests/sock.ok: uninitialised value created in test_events(), used in get_cached_fd()? Product: Wine Version: 1.3.30 Platform: x86 OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: winsock AssignedTo: wine-bugs@winehq.org ReportedBy: dank@kegel.com Classification: Unclassified
Running "make sock.ok" in ws2_32/tests, valgrind complains:
Conditional jump or move depends on uninitialised value(s) at get_cached_fd (server.c:506, 508, 510, 511) by server_get_unix_fd (server.c:551) by wine_server_handle_to_fd (server.c:636) by WS2_recv_base (socket.c:751) by WSARecv (socket.c:5662) by recv_thread (sock.c:4045) Uninitialised value was created by a stack allocation at test_events (sock.c:3453)
...
Syscall param write(buf) points to uninitialised byte(s) at ??? (syscall-template.S:82) by wine_server_call (server.c:288) by server_get_unix_fd (server.c:557) by wine_server_handle_to_fd (server.c:636) by WS2_recv_base (socket.c:751) by WSARecv (socket.c:5662) by recv_thread (sock.c:4045) Address 0x7f42e7c8 is on thread 1's stack Uninitialised value was created by a stack allocation at test_events (sock.c:3453)
http://bugs.winehq.org/show_bug.cgi?id=28756
Bruno Jesus 00cpxxx@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |00cpxxx@gmail.com
--- Comment #1 from Bruno Jesus 00cpxxx@gmail.com 2011-10-20 18:08:00 CDT --- This is really weird. The get_cached_fd function is inline and there is no way that this variable is left uninitialised. Maybe setting entry = 0 will silence the valgrind warning, but should produce a new "dead assignment" warning.
There are 3 different functions using the exact same approach: get_cache_fd, server_remove_fd_from_cache and add_fd_to_cache.
It seems that the compiler thought it was better to not inline the function or valgind is checking the source and is ignoring the inline attribute.
http://bugs.winehq.org/show_bug.cgi?id=28756
--- Comment #2 from Bruno Jesus 00cpxxx@gmail.com 2011-10-20 18:24:08 CDT --- I meant the get_cached_fd and the other 2 function uses an inline function called handle_to_index.
https://bugs.winehq.org/show_bug.cgi?id=28756
Austin English austinenglish@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Keywords| |download, source, testcase, | |valgrind
--- Comment #3 from Austin English austinenglish@gmail.com --- Still in wine-1.7.19-70-gd6a59f7
==20959== Thread 2: ==20959== Conditional jump or move depends on uninitialised value(s) ==20959== at 0x7BC8162D: get_cached_fd (server.c:861) ==20959== by 0x7BC817C6: server_get_unix_fd (server.c:906) ==20959== by 0x7BC81A9F: wine_server_handle_to_fd (server.c:991) ==20959== by 0x50A6B62: get_sock_fd (socket.c:840) ==20959== by 0x50B62C1: WS2_recv_base (socket.c:6545) ==20959== by 0x50B61D4: WSARecv (socket.c:6522) ==20959== by 0x4F73049: recv_thread (sock.c:5363) ==20959== by 0x7BC870D3: ??? (signal_i386.c:2571) ==20959== by 0x7BC8711C: call_thread_func (signal_i386.c:2630) ==20959== by 0x7BC870B1: ??? (signal_i386.c:2571) ==20959== by 0x7BC8E4F8: start_thread (thread.c:428) ==20959== by 0x421EF92: start_thread (pthread_create.c:309) ==20959== by 0x43237ED: clone (clone.S:129) ==20959== Uninitialised value was created by a stack allocation ==20959== at 0x4F6F0F5: test_events (sock.c:4532) ==20959==
https://bugs.winehq.org/show_bug.cgi?id=28756
Austin English austinenglish@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |austinenglish@gmail.com
https://bugs.winehq.org/show_bug.cgi?id=28756
--- Comment #4 from Bruno Jesus 00cpxxx@gmail.com --- Created attachment 48730 --> https://bugs.winehq.org/attachment.cgi?id=48730 patch
I think the function is doing cleanup before the thread is able to test the socket, this patch may help. Please, test it.
https://bugs.winehq.org/show_bug.cgi?id=28756
--- Comment #5 from Austin English austinenglish@gmail.com --- (In reply to Bruno Jesus from comment #4)
Created attachment 48730 [details] patch
I think the function is doing cleanup before the thread is able to test the socket, this patch may help. Please, test it.
Yup, works here, thanks.
I noticed that my patch for https://bugs.kde.org/show_bug.cgi?id=335441 avoids the valgrind issue without using your patch.
https://bugs.winehq.org/show_bug.cgi?id=28756
Bruno Jesus 00cpxxx@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Fixed by SHA1| |e3998e39886cbdca012af937b9e | |fe081b83c18a7 Status|NEW |RESOLVED Resolution|--- |FIXED
--- Comment #6 from Bruno Jesus 00cpxxx@gmail.com --- (In reply to Austin English from comment #5)
Yup, works here, thanks.
I noticed that my patch for https://bugs.kde.org/show_bug.cgi?id=335441 avoids the valgrind issue without using your patch.
Your patch is still valid to make valgrind behave better but this bug was really a wine issue.
https://bugs.winehq.org/show_bug.cgi?id=28756
Alexandre Julliard julliard@winehq.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED
--- Comment #7 from Alexandre Julliard julliard@winehq.org --- Closing bugs fixed in 1.7.21.
-
wine-bugs@winehq.org