[Bug-gnubg] Conditional jump or move depends on uninitialised value(s) at CacheLookupNoLocking (cache.c:287)

Mon, 14 Jul 2014 07:57:42 -0700 

Hi,

Here is another access to uninitialized values detected by valgrind. The 
function CacheFlush() (cache.c:335) initializes 
entries[k].nd_{primary,secondary}.nEvalContext and entries[k].lock, but keys 
are not initialized.
When the eval cache is almost empty (e.g., at the startup), 
CacheLookupNoLocking() and CacheLookupWithLocking () accesses keys, which may 
be uninitialized, before checking nEvalContext.
Below patch swaps the order of condition check.
Thank you very much.

Regards,
Daisuke Takahashi

--- lib/cache.c 16 Jun 2013 02:16:23 -0000      1.35
+++ lib/cache.c 14 Jul 2014 14:43:46 -0000
@@ -247,8 +247,8 @@
 #if USE_MULTITHREAD
     cache_lock(pc, l);
 #endif
-    if (!EqualKeys(pc->entries[l].nd_primary.key, e->key) || 
pc->entries[l].nd_primary.nEvalContext != e->nEvalContext) {       /* Not in 
primary slot */
-        if (!EqualKeys(pc->entries[l].nd_secondary.key, e->key) || 
pc->entries[l].nd_secondary.nEvalContext != e->nEvalContext) {       /* Cache 
miss */
+    if (pc->entries[l].nd_primary.nEvalContext != e->nEvalContext || 
!EqualKeys(pc->entries[l].nd_primary.key, e->key)) {       /* Not in primary 
slot */
+        if (pc->entries[l].nd_secondary.nEvalContext != e->nEvalContext || 
!EqualKeys(pc->entries[l].nd_secondary.key, e->key)) {       /* Cache miss */
 #if USE_MULTITHREAD
             cache_unlock(pc, l);
 #endif
@@ -284,8 +284,8 @@
 #if CACHE_STATS
     ++pc->cLookup;
 #endif
-    if (!EqualKeys(pc->entries[l].nd_primary.key, e->key) || 
pc->entries[l].nd_primary.nEvalContext != e->nEvalContext) {       /* Not in 
primary slot */
-        if (!EqualKeys(pc->entries[l].nd_secondary.key, e->key) || 
pc->entries[l].nd_secondary.nEvalContext != e->nEvalContext) {       /* Cache 
miss */
+    if (pc->entries[l].nd_primary.nEvalContext != e->nEvalContext || 
!EqualKeys(pc->entries[l].nd_primary.key, e->key)) {       /* Not in primary 
slot */
+        if (pc->entries[l].nd_secondary.nEvalContext != e->nEvalContext || 
!EqualKeys(pc->entries[l].nd_secondary.key, e->key)) {       /* Cache miss */
             return l;
         } else {                /* Found in second slot, promote "hot" entry */
             cacheNodeDetail tmp = pc->entries[l].nd_primary;


_______________________________________________
Bug-gnubg mailing list
[email protected]
https://lists.gnu.org/mailman/listinfo/bug-gnubg

Reply via email to