LinuxQuestions.org
LinuxAnswers - the LQ Linux tutorial section.
Go Back   LinuxQuestions.org > Forums > Non-*NIX Forums > Programming
User Name
Password
Programming This forum is for all programming questions.
The question does not have to be directly related to Linux and any language is fair game.

Notices



Reply
 
Search this Thread
Old 12-03-2011, 05:32 AM   #1
golden_boy615
Member
 
Registered: Dec 2008
Distribution: Ubuntu Fedora
Posts: 444

Rep: Reputation: 17
valgrind: Conditional jump or move depends on uninitialised value(s)


Hello
I get this message from valgrind :
Quote:
# valgrind -v --tool=memcheck --num-callers=50 --run-libc-freeres=yes --leak-check=yes --leak-resolution=high --log-fd=2 --show-reachable=yes --track-fds=yes -- myprogram


--2907-- Discarding syms at 0x402ea90-0x4035fe8 in /lib/i386-linux-gnu/libnss_files-2.13.so due to munmap()
==2907==
==2907== FILE DESCRIPTORS: 5 open at exit.
==2907== Open file descriptor 14:
==2907== <inherited from parent>
==2907==
==2907== Open file descriptor 13:
==2907== <inherited from parent>
==2907==
==2907== Open file descriptor 2: /dev/pts/0
==2907== <inherited from parent>
==2907==
==2907== Open file descriptor 1: /dev/pts/0
==2907== <inherited from parent>
==2907==
==2907== Open file descriptor 0: /dev/pts/0
==2907== <inherited from parent>
==2907==
==2907==
==2907== HEAP SUMMARY:
==2907== in use at exit: 0 bytes in 0 blocks
==2907== total heap usage: 65,516 allocs, 65,516 frees, 123,099,012 bytes allocated
==2907==
==2907== All heap blocks were freed -- no leaks are possible
==2907==
==2907== Use --track-origins=yes to see where uninitialised values come from
==2907== ERROR SUMMARY: 2 errors from 1 contexts (suppressed: 27 from 8)
==2907==
==2907== 2 errors in context 1 of 1:
==2907== Conditional jump or move depends on uninitialised value(s)
==2907== at 0x40268E5: realloc (vg_replace_malloc.c:525)
==2907== by 0x8050222: Init_Device_Segments (myprogram.h:2018)
==2907== by 0x8069B72: Configure_All (myprogram.h:8236)
==2907== by 0x806A37A: MainThread (myprogram.h:8446)
==2907== by 0x4567E98: start_thread (pthread_create.c:304)
==2907== by 0x44D073D: clone (clone.S:130)
==2907==
--2907--
--2907-- used_suppression: 27 U1004-ARM-_dl_relocate_object
==2907==
==2907== ERROR SUMMARY: 2 errors from 1 contexts (suppressed: 27 from 8)
and this one with --track-origins=yes :
Quote:
#valgrind -v --tool=memcheck --num-callers=50 --run-libc-freeres=yes --leak-check=yes --leak-resolution=high --track-origins=yes --log-fd=2 --show-reachable=yes --track-fds=yes myprogram

--2942-- Discarding syms at 0x402ea90-0x4035fe8 in /lib/i386-linux-gnu/libnss_files-2.13.so due to munmap()
==2942==
==2942== FILE DESCRIPTORS: 5 open at exit.
==2942== Open file descriptor 14:
==2942== <inherited from parent>
==2942==
==2942== Open file descriptor 13:
==2942== <inherited from parent>
==2942==
==2942== Open file descriptor 2: /dev/pts/0
==2942== <inherited from parent>
==2942==
==2942== Open file descriptor 1: /dev/pts/0
==2942== <inherited from parent>
==2942==
==2942== Open file descriptor 0: /dev/pts/0
==2942== <inherited from parent>
==2942==
==2942==
==2942== HEAP SUMMARY:
==2942== in use at exit: 0 bytes in 0 blocks
==2942== total heap usage: 63,803 allocs, 63,803 frees, 122,831,340 bytes allocated
==2942==
==2942== All heap blocks were freed -- no leaks are possible
==2942==
==2942== ERROR SUMMARY: 2 errors from 1 contexts (suppressed: 27 from 8)
==2942==
==2942== 2 errors in context 1 of 1:
==2942== Conditional jump or move depends on uninitialised value(s)
==2942== at 0x40268E5: realloc (vg_replace_malloc.c:525)
==2942== by 0x8050222: Init_Device_Segments (myprogram.h:2018)
==2942== by 0x8069B72: Configure_All (myprogram.h:8236)
==2942== by 0x806A37A: MainThread (myprogram.h:8446)
==2942== by 0x4567E98: start_thread (pthread_create.c:304)
==2942== by 0x44D073D: clone (clone.S:130)
==2942== Uninitialised value was created by a stack allocation
==2942== at 0x806A206: MainThread (myprogram.h:8391)
==2942==
--2942--
--2942-- used_suppression: 27 U1004-ARM-_dl_relocate_object
==2942==
==2942== ERROR SUMMARY: 2 errors from 1 contexts (suppressed: 27 from 8)
those part that I think is related to these errors are:
Code:





void *MainThread(void *IdDevice)
{ <================================================ line:8391
....
....
....
....
line :: 8446     ret=Configure_All(&MysqlData,&DevTable,&TrendTableArr,&DirtyPage,&LogTableArr,&AlarmTableArr,&DevReg,&DevSeg,&DiffTableArr,&ThisDevInfo,&MBCommand,devid);
..
...

}



int Configure_All(_MysqlData *MysqlData,_DevTable *DevTable,_TrendTableArr *TrendTableArr,_DirtyPage *DirtyPage,_LogTableArr *LogTableArr,_AlarmTableArr *AlarmTableArr,_DevReg *DevReg,_DevSeg *DevSeg,_DiffTableArr *DiffTableArr,_ThisDevInfo *ThisDevInfo,_MBCommand *MBCommand,int devid)
{
    int ret=0;
...
...
...
...
line:8236    ret=Init_Device_Segments(DevSeg,DevReg,ThisDevInfo);
    if (ret!=0)
    {
    	return ret;
    }
...
...
...
...

}



int Init_Device_Segments(_DevSeg *DevSeg,_DevReg *DevRegFirst,_ThisDevInfo *ThisDevInfo)
{

    _DevReg *DevReg;
    ThisDevInfo->registerpartitions=1;
    DevReg=DevRegFirst;
    if (DevSeg->index==0)
    {
        int reggap;
        unsigned int Current_Row=0;
        reggap=ThisDevInfo->reggap;
        int j=0;
        while(DevReg!=NULL)
        {
            if (DevReg->index>0)
            {
line:2018                DevSeg->DevSegArr=(_DevSegArr*)realloc(DevSeg->DevSegArr,((DevSeg->index+1)*sizeof(_DevSegArr)));
                DevSeg->DevSegArr[Current_Row].startreg=DevReg->DevRegArr[0].regaddr+DevReg->DevRegArr[0].offset;
                DevSeg->DevSegArr[Current_Row].startarrayindex=0;
                DevSeg->DevSegArr[Current_Row].numberofarrayelement=0;
                DevSeg->DevSegArr[Current_Row].range=0;
                DevSeg->DevSegArr[Current_Row].MBFunction=DevReg->MBFunction;
                DevSeg->index=Current_Row+1;

                while (j < DevReg->index)
                {
                    if (j != (DevReg->index-1) )
                    {
                        if ((DevReg->DevRegArr[j].regaddr+DevReg->DevRegArr[j].regformatint == DevReg->DevRegArr[j+1].regaddr || DevReg->DevRegArr[j+1].regaddr-DevReg->DevRegArr[j].regaddr <= reggap ) && DevSeg->DevSegArr[Current_Row].range+DevReg->DevRegArr[j].regformatint < 120)
                        {
                            if (DevReg->DevRegArr[j].regaddr+DevReg->DevRegArr[j].regformatint == DevReg->DevRegArr[j+1].regaddr)
                            {
                                DevSeg->DevSegArr[Current_Row].numberofarrayelement++;
                                DevSeg->DevSegArr[Current_Row].range=DevSeg->DevSegArr[Current_Row].range+DevReg->DevRegArr[j].regformatint;
                                DevSeg->DevSegArr[Current_Row].MBFunction=DevReg->MBFunction;
                            }
                            else if ((DevReg->DevRegArr[j].regaddr+reggap >= DevReg->DevRegArr[j+1].regaddr) && (DevSeg->DevSegArr[Current_Row].range+(DevReg->DevRegArr[j+1].regaddr+DevReg->DevRegArr[j+1].regformatint)-DevReg->DevRegArr[j].regaddr <= 120))
                            {
                                while (j < DevReg->index-1 && (DevReg->DevRegArr[j+1].regaddr-DevReg->DevRegArr[j].regaddr <= reggap || (DevReg->DevRegArr[j+1].regaddr+DevReg->DevRegArr[j+1].regformatint)-DevReg->DevRegArr[j].regaddr <= reggap) && DevSeg->DevSegArr[Current_Row].range+(DevReg->DevRegArr[j+1].regaddr+DevReg->DevRegArr[j+1].regformatint)-DevReg->DevRegArr[j].regaddr <= 120)
                                {
                                    DevSeg->DevSegArr[Current_Row].numberofarrayelement++;
                                    if (j != (DevReg->index-1) )
                                    {
                                        DevSeg->DevSegArr[Current_Row].range=DevSeg->DevSegArr[Current_Row].range+DevReg->DevRegArr[j+1].regaddr-DevReg->DevRegArr[j].regaddr; 
                                        DevSeg->DevSegArr[Current_Row].MBFunction=DevReg->MBFunction;
                                    }
                                    j++;
                                }
                                if (j == (DevReg->index-1) && (DevReg->DevRegArr[j].regaddr-DevReg->DevRegArr[j-1].regaddr <= reggap || (DevReg->DevRegArr[j].regaddr+DevReg->DevRegArr[j].regformatint)-DevReg->DevRegArr[j-1].regaddr <= reggap) && DevSeg->DevSegArr[Current_Row].range+(DevReg->DevRegArr[j].regaddr+DevReg->DevRegArr[j].regformatint)-DevReg->DevRegArr[j-1].regaddr <= 120)
                                {
                                    DevSeg->DevSegArr[Current_Row].range=DevSeg->DevSegArr[Current_Row].range+DevReg->DevRegArr[j].regformatint;
                                    DevSeg->DevSegArr[Current_Row].MBFunction=DevReg->MBFunction;
                                }
                                j--;
                            }
                        }
                        else
                        {
                            DevSeg->DevSegArr[Current_Row].range=DevSeg->DevSegArr[Current_Row].range+DevReg->DevRegArr[j].regformatint;
                            DevSeg->DevSegArr[Current_Row].MBFunction=DevReg->MBFunction;
                            Current_Row++;
                            DevSeg->index=Current_Row+1;
                            DevSeg->DevSegArr=(_DevSegArr*)realloc(DevSeg->DevSegArr,DevSeg->index*sizeof(_DevSegArr));
                            DevSeg->DevSegArr[Current_Row].startreg=DevReg->DevRegArr[j+1].regaddr+DevReg->DevRegArr[j+1].offset;
                            DevSeg->DevSegArr[Current_Row].startarrayindex=j+1; 
                            DevSeg->DevSegArr[Current_Row].numberofarrayelement=1; 
                            DevSeg->DevSegArr[Current_Row].range=0;
                            ThisDevInfo->registerpartitions++;
                        }
                    }
                    else
                    {
                        DevSeg->DevSegArr[Current_Row].range=DevSeg->DevSegArr[Current_Row].range+DevReg->DevRegArr[j].regformatint;
                    }
                    j++;
                }
            }
            else
            {
                DevSeg->index=0;
            }
            DevReg=DevReg->next;
        }
    }
    return 0;
}
I can not find out how to solve this problem.
would you please tell me how to solve it ?
I know what does "Conditional jump or move depends on uninitialised value(s)" means but I can not find where I did that and as you see one of them is first line of my thread "void *MainThread(void *IdDevice)" it is really strange for me.

Thank you for any help.
 
Click here to see the post LQ members have rated as the most helpful post in this thread.
Old 12-03-2011, 05:54 AM   #2
SigTerm
Member
 
Registered: Dec 2009
Distribution: Slackware 12.2
Posts: 379

Rep: Reputation: 233Reputation: 233Reputation: 233
Quote:
Originally Posted by golden_boy615 View Post
would you please tell me how to solve it ?
As far as I can tell, problem does not happen at
Quote:
Init_Device_Segments (myprogram.h:2018)
But at
Quote:
realloc (vg_replace_malloc.c:525)
So you should dig up valgrid source code for your version of valgrind, and investigate line 525 of vg_replace_malloc.c to see what happens there.

My guess is that that
Quote:
DevSeg->DevSegArr
was not initialized properly and contains unitialized value, which probably triggers error in this part of valgrind code:
Code:
#define REALLOC(soname, fnname) \
   \
   void* VG_REPLACE_FUNCTION_ZU(soname,fnname) ( void* ptrV, SizeT new_size );\
   void* VG_REPLACE_FUNCTION_ZU(soname,fnname) ( void* ptrV, SizeT new_size ) \
   { \
      void* v; \
      \
      if (!init_done) init(); \
      MALLOC_TRACE("realloc(%p,%llu)", ptrV, (ULong)new_size ); \
      \
      if (ptrV == NULL) \ /*<---------------HERE*/
         /* We need to call a malloc-like function; so let's use \
            one which we know exists. */ \
         return VG_REPLACE_FUNCTION_ZU(VG_Z_LIBC_SONAME,malloc) (new_size); \
      if (new_size <= 0) { \
         VG_REPLACE_FUNCTION_ZU(VG_Z_LIBC_SONAME,free)(ptrV); \
         MALLOC_TRACE(" = 0\n"); \
         return NULL; \
      } \
      v = (void*)VALGRIND_NON_SIMD_CALL2( info.tl_realloc, ptrV, new_size ); \
      MALLOC_TRACE(" = %p\n", v ); \
      return v; \
   }
Please note that I do not use valgrind at all, so this is simply an assumption based on info you provided.

Last edited by SigTerm; 12-03-2011 at 05:56 AM.
 
Old 12-03-2011, 06:50 AM   #3
golden_boy615
Member
 
Registered: Dec 2008
Distribution: Ubuntu Fedora
Posts: 444

Original Poster
Rep: Reputation: 17
thats true that valgrind said "==2907== at 0x40268E5: realloc (vg_replace_malloc.c:525)" but realloc system call does not have problem what did I do in reallocation or after that, that cause this error?
 
0 members found this post helpful.
Old 12-03-2011, 07:42 AM   #4
SigTerm
Member
 
Registered: Dec 2009
Distribution: Slackware 12.2
Posts: 379

Rep: Reputation: 233Reputation: 233Reputation: 233
Quote:
Originally Posted by golden_boy615 View Post
thats true that valgrind said "==2907== at 0x40268E5: realloc (vg_replace_malloc.c:525)" but realloc system call does not have problem what did I do in reallocation or after that, that cause this error?
If you question valgrind diagnostic messages, then why did you bother to use it in the first place?

realloc in this case is not a system call, but a replacement call provided by valgrind.
Purpose of valgrind is to catch errors that do not cause immediate visible problem, but are nevertheless bugs that can take months to catch. Passing unintialized pointer to realloc is one of those cases - it might works, or it might crash your program. If it works now, it doesn't mean it won't crash entire program tomorrow or when you run a release build.

In other hands if "program works", it doesn't mean everything is alright and program is "guaranteed to work". So just fix the problem already.
 
Old 12-03-2011, 08:20 AM   #5
johnsfine
Guru
 
Registered: Dec 2007
Distribution: Centos
Posts: 5,139

Rep: Reputation: 1127Reputation: 1127Reputation: 1127Reputation: 1127Reputation: 1127Reputation: 1127Reputation: 1127Reputation: 1127Reputation: 1127
It appears to be telling you that at line 2018 in Init_Device_Segments, DevSeg->DevSegArr is uninitialized.

That comes from line 8236, which comes from line 8446.

You didn't show us where the DevSeg on line 8446 comes from. ValGrind appears to be saying the uninitialized field of DevSeg originates at myprogram.h line 8391.

Quote:
Originally Posted by golden_boy615 View Post
what did I do in reallocation or after that, that cause this error?
You did something wrong before calling reallocation, that resulted in the error during reallocation.

Assuming Valgrind is correct (a good starting assumption, but not a certainty) the program would typically work because the "uninitialized" stack location is zero, causing the reallocation to do an initial allocation. That is then a landmine for future revisions (or even just recompiles) of the program. The combination of program flow and allocation sizes that causes that portion of the stack to be unused before the problem spot (in myprogram.h) might be reliable now, but it is subject to change in many ways that have no direct connection to the actual bug (thus my labeling this kind of bug a "landmine").

Last edited by johnsfine; 12-03-2011 at 08:31 AM.
 
2 members found this post helpful.
Old 12-04-2011, 03:32 AM   #6
golden_boy615
Member
 
Registered: Dec 2008
Distribution: Ubuntu Fedora
Posts: 444

Original Poster
Rep: Reputation: 17
Thanks a lot for all of your answers and thank you johnsfine you guide me through the answer the problem was that I did not initialize DevSeg->DevSegArr before using realloc I added this line :
Code:
    
    if (DevSeg->index==0)
    {
       DevSeg->DevSegArr=NULL;
and it fixed.
This is my valgring out put:

Quote:
=10738== FILE DESCRIPTORS: 5 open at exit.
==10738== Open file descriptor 14:
==10738== <inherited from parent>
==10738==
==10738== Open file descriptor 13:
==10738== <inherited from parent>
==10738==
==10738== Open file descriptor 2: /dev/pts/1
==10738== <inherited from parent>
==10738==
==10738== Open file descriptor 1: /dev/pts/1
==10738== <inherited from parent>
==10738==
==10738== Open file descriptor 0: /dev/pts/1
==10738== <inherited from parent>
==10738==
==10738==
==10738== HEAP SUMMARY:
==10738== in use at exit: 0 bytes in 0 blocks
==10738== total heap usage: 819 allocs, 819 frees, 2,150,586 bytes allocated
==10738==
==10738== All heap blocks were freed -- no leaks are possible
==10738==
==10738== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 27 from 8)
--10738--
--10738-- used_suppression: 27 U1004-ARM-_dl_relocate_object
==10738==
==10738== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 27 from 8)
what about file descriptors are they error too or not??
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Dovecot depends on gnomemeeting? anw Linux - Software 4 09-07-2010 09:33 AM
libpng Uninitialised Pointer Arrays Vulnerability win32sux Linux - Security 1 03-03-2009 06:44 PM
Partition size depends upon what ? tofee Linux - Newbie 2 03-23-2006 01:56 AM
OpenSSH Server Depends DrWorm Linux - Software 0 07-17-2005 07:26 PM
Gentoo - What depends on KDE? Orkie Linux - Distributions 3 05-09-2005 03:22 PM


All times are GMT -5. The time now is 08:47 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration