valgrind errors in X server
Jeremy Huddleston
jeremyhu at apple.com
Tue Oct 11 09:53:08 PDT 2011
On Oct 11, 2011, at 02:52, Michal Suchanek wrote:
> Hello,
>
> While valgrinding the X server to track a double free in one of my
> patches I found the errors below.
>
> I run Xorg +extension GLX +extension RANDR +extension RENDER -logfile
> /scratch/xdummy.log -config ~hramrach/xdummy.conf :1
>
>
> ==3355== Conditional jump or move depends on uninitialised value(s)
> ==3355== at 0x6DCE290: inflateReset2 (in /usr/lib/libz.so.1.2.3.4)
> ==3355== by 0x6DCE37F: inflateInit2_ (in /usr/lib/libz.so.1.2.3.4)
> ==3355== by 0x5B65E95: BufFilePushZIP (in /usr/lib/libXfont.so.1.4.1)
...
> ==3355== Uninitialised value was created by a heap allocation
> ==3355== at 0x4C2779D: malloc (in
> /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
> ==3355== by 0x6DCE35B: inflateInit2_ (in /usr/lib/libz.so.1.2.3.4)
> ==3355== by 0x5B65E95: BufFilePushZIP (in /usr/lib/libXfont.so.1.4.1)
...
BufFilePushZIP does:
xzip_buf *x;
x = malloc (sizeof (xzip_buf));
if (!x) return 0;
/* these are just for raw calloc/free */
x->z.zalloc = Z_NULL;
x->z.zfree = Z_NULL;
x->z.opaque = Z_NULL;
x->f = f;
/* force inflateInit to allocate it's own history buffer */
x->z.next_in = Z_NULL;
x->z.next_out = Z_NULL;
x->z.avail_in = x->z.avail_out = 0;
/* using negative windowBits sets "nowrap" mode, which turns off
zlib header checking [undocumented, for gzip compatibility only?] */
x->zstat = inflateInit2(&(x->z), -MAX_WBITS);
...
Perhaps this -MAX_WBITS and your zlib don't get along... ? I have 0 familiarity with that code.
> ==3355== Syscall param socketcall.setsockopt(optval) points to
> uninitialised byte(s)
> ==3355== at 0x691344A: setsockopt (syscall-template.S:82)
> ==3355== by 0x4E362FC: udev_monitor_filter_update (in /lib/libudev.so.0.9.3)
> ==3355== by 0x4E36414: udev_monitor_enable_receiving (in
> /lib/libudev.so.0.9.3)
> ==3355== by 0x492C45: config_udev_init (udev.c:293)
> ==3355== by 0x491728: config_init (config.c:39)
> ==3355== by 0x472944: InitInput (xf86Init.c:927)
> ==3355== by 0x4271F5: main (main.c:258)
> ==3355== Address 0x7ff000212 is on thread 1's stack
> ==3355== Uninitialised value was created by a stack allocation
> ==3355== at 0x4E2FA58: ??? (in /lib/libudev.so.0.9.3)
Looks like a udev bug to me ...
More information about the xorg-devel
mailing list