This is the mail archive of the
libc-alpha@sources.redhat.com
mailing list for the glibc project.
Re: Possible bug in wcsxfrm() with included testcase
- From: Petter Reinholdtsen <pere at hungry dot com>
- To: Art Haas <ahaas at airmail dot net>
- Cc: libc-alpha at sources dot redhat dot com
- Date: Tue, 22 Jul 2003 15:46:54 +0200
- Subject: Re: Possible bug in wcsxfrm() with included testcase
- Bcc: Petter Reinholdtsen <petter dot reinholdtsen at usit dot uio dot no>
- References: <20030722132954.GA17577@artsapartment.org>
[Art Haas]
> I believe the test case is valid and shows there is a bug in
> wcsxfrm(), or more precisely wcpncpy(). Agree?
This is the output I get when running valgrind on the source. It
indicates a code error in your example.
LD_LIBRARY_PATH=/usr/lib/debug valgrind wcsxfrm_test .
==30798== Memcheck, a.k.a. Valgrind, a memory error detector for x86-linux.
==30798== Copyright (C) 2002, and GNU GPL'd, by Julian Seward.
==30798== Using valgrind-1.9.6, a program instrumentation system for x86-linux.
==30798== Copyright (C) 2000-2002, and GNU GPL'd, by Julian Seward.
==30798== Estimated CPU clock rate is 1831 MHz
==30798== For more details, rerun with: -v
==30798==
entry name: '.'
==30798== Conditional jump or move depends on uninitialised value(s)
==30798== at 0x4028A8AB: __wcslen (wcslen.c:30)
==30798== by 0x402A3121: wcsxfrm (../string/strxfrm.c:113)
==30798== by 0x804882F: main (wcsxfrm_test.c:80)
==30798== by 0x4022B14E: __libc_start_main (../sysdeps/generic/libc-start.c:129)
xfrm_len: 0
==30798==
==30798== Conditional jump or move depends on uninitialised value(s)
==30798== at 0x4028A8AB: __wcslen (wcslen.c:30)
==30798== by 0x402A3121: wcsxfrm (../string/strxfrm.c:113)
==30798== by 0x804886D: main (wcsxfrm_test.c:90)
==30798== by 0x4022B14E: __libc_start_main (../sysdeps/generic/libc-start.c:129)
==30798==
==30798== Invalid free() / delete / delete[]
==30798== at 0x40165B8E: free (vg_clientfuncs.c:185)
==30798== by 0x8048882: main (wcsxfrm_test.c:92)
==30798== by 0x4022B14E: __libc_start_main (../sysdeps/generic/libc-start.c:129)
==30798== by 0x8048590: (within /usit/saruman/bsd-u1/pre/src/bugs/wcsxfrm_test)
==30798== Address 0x40F205B8 is 4 bytes inside a block of size 8 alloc'd
==30798== at 0x401658B0: malloc (vg_clientfuncs.c:103)
==30798== by 0x804867D: mbstouwcs (wcsxfrm_test.c:23)
==30798== by 0x8048815: main (wcsxfrm_test.c:72)
==30798== by 0x4022B14E: __libc_start_main (../sysdeps/generic/libc-start.c:129)
entry name: '..'
xfrm_len: 0
entry name: 'bug-gcc-double-main.c'
xfrm_len: 0
entry name: 'wcsxfrm_test'
xfrm_len: 0
entry name: 'wcsxfrm_test.c'
xfrm_len: 0
==30798==
==30798== ERROR SUMMARY: 15 errors from 3 contexts (suppressed: 0 from 0)
==30798== malloc/free: in use at exit: 220 bytes in 5 blocks.
==30798== malloc/free: 30 allocs, 30 frees, 37796 bytes allocated.
==30798== For a detailed leak analysis, rerun with: --leak-check=yes
==30798== For counts of detected errors, rerun with: -v