Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

bitfield in glibc rbtree causes false pos UNINIT #162

Open
derekbruening opened this issue Nov 28, 2014 · 1 comment
Open

bitfield in glibc rbtree causes false pos UNINIT #162

derekbruening opened this issue Nov 28, 2014 · 1 comment
Labels
Bug-FalsePositive FalsePos-BitLevel Migrated OpSys-Linux Priority-Low

Comments

@derekbruening
Copy link
Contributor

From derek.br...@gmail.com on December 10, 2010 17:58:08

PR 488813

I'm seeing errors like this:

Error #1: UNINITIALIZED READ 1 byte(s)
0x1f170582 libc.so.6!maybe_split_for_insert
/usr/src/debug/glibc-2.5-20061008T1257/misc/tsearch.c:177
0x1f0b8b88 libc.so.6!add_alias2
/usr/src/debug/glibc-2.5-20061008T1257/iconv/gconv_conf.c:149
0x1f0b91cd libc.so.6!__gconv_read_conf
/usr/src/debug/glibc-2.5-20061008T1257/iconv/gconv_conf.c:607
0x1e36fb10 libpthread.so.0!??
??:0
0x1f0c00d1 libc.so.6!_nl_find_locale
/usr/src/debug/glibc-2.5-20061008T1257/locale/findlocale.c:234
0x1f0bf849 libc.so.6!*__GI_setlocale
/usr/src/debug/glibc-2.5-20061008T1257/locale/setlocale.c:327

glibc-2.5/src/vmware/misc/tsearch.c:177 is:

  if (parentp != NULL && (*parentp)->red)

d0582: f6 46 0c 01 testb $0x1,0xc(%esi)

it implements
root->red = 1;
by only setting the bottom-most bit:
d054c: 80 48 0c 01 orb $0x1,0xc(%eax)

and the "red" field is indeed a bitfield:

typedef struct node_t
{
/* Callers expect this to be the first element in the structure - do not
move! */
const void *key;
struct node_t *left;
struct node_t *right;
unsigned int red:1;
} *node;

so, not surprising to get an UNINIT. we'll need PR 408523 to remove this
false positive.

These suppression improvements are only implemented in postprocess.pl for
mod!func callstacks so I'll leave these cases open to cover adding support
to report.c for mod+offs callstacks:

In suppress-default.txt I have:

  • PR 523512: python deliberate UNADDR
  • PR 488813: tsearch bitfields
  • PR 525272: ld-linux.so UNINIT and strlen UNADDR
    already committed separately UNADDR fix for accesses to DR+client libs

Testing done:

  • loader on linux

Will come in future diff:

  • generalize and clean up loader.c test
  • add wildcard suppression tests
  • getting an uninit on return value of dlopen: need more analysis of
    these PR 525272 loader uninits

lowering priority since now suppressed by default
leaving open so we can test this once we have PR 408523

Original issue: http://code.google.com/p/drmemory/issues/detail?id=162
@derekbruening
Copy link
Contributor Author

From bruen...@google.com on December 07, 2011 11:18:43

Labels: Bug-FalsePositive FalsePos-BitLevel OpSys-Linux

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Bug-FalsePositive FalsePos-BitLevel Migrated OpSys-Linux Priority-Low
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@derekbruening