[Bug 210798] devel/gdb: compile-loc2c.c's do_compile_dwarf_expr_to_c( . . . ) uses uoffset += . . . with uoffset uninitialized as of -r417989

bugzilla-noreply at freebsd.org bugzilla-noreply at freebsd.org
Sun Jul 3 20:32:50 UTC 2016 

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=210798

--- Comment #2 from Mark Millard <markmi at dsl-only.net> ---
(In reply to Mark Millard from comment #0)

Another compiler-reported uninitialized value use follows. This one has some
potential to have a complicated invariant that sidesteps the potential issue.
If it does then there is the requirement that certain things be in a specific
order so that fcn_aux_saved is ready for use for cs->c_sclass == C_FCN.

gdb/xcoffread.c's read_xcoff_symtab( . . .) has a variable that is effectively
uninitialized (fcn_aux_saved) by being initialized from another at-the-time
uninitialized variable (main_aux):

static void
read_xcoff_symtab (struct objfile *objfile, struct partial_symtab *pst)
{
. . .
  union internal_auxent main_aux;
. . . main_aux not initialized here . . .
  union internal_auxent fcn_aux_saved = main_aux;
. . .
  while (symnum < max_symnum)
    {
. . .
      if ((cs->c_sclass == C_EXT || cs->c_sclass == C_HIDEXT)
          && cs->c_naux == 1)
        {
. . .
          bfd_coff_swap_aux_in (abfd, raw_auxptr, cs->c_type, cs->c_sclass,
                                0, cs->c_naux, &main_aux);

          switch (CSECT_SMTYP (&main_aux))
            {
. . . (The below is the only potential initialization of fcn_aux_saved) . . .
            case XTY_LD:

              switch (CSECT_SCLAS (&main_aux))
                {
                case XMC_PR:
                  /* a function entry point.  */
                function_entry_point:

                  fcn_start_addr = cs->c_value;

                  /* save the function header info, which will be used
                     when `.bf' is seen.  */
                  fcn_cs_saved = *cs;
                  fcn_aux_saved = main_aux;
                  continue;
. . .
      switch (cs->c_sclass)
        {
. . .
        case C_FCN:
          if (strcmp (cs->c_name, ".bf") == 0)
. . .
          else if (strcmp (cs->c_name, ".ef") == 0)
            {
              bfd_coff_swap_aux_in (abfd, raw_auxptr, cs->c_type, cs->c_sclass,
                                    0, cs->c_naux, &main_aux);
. . . (The  below is the only use of fcn_aux_saved) . . .
              finish_block (newobj->name, &local_symbols, newobj->old_blocks,
                            NULL, newobj->start_addr,
                            (fcn_cs_saved.c_value
                             + fcn_aux_saved.x_sym.x_misc.x_fsize
                             + ANOFFSET (objfile->section_offsets,
                                         SECT_OFF_TEXT (objfile))));
              within_function = 0;
            }
          break;
. . .
    }

[The last "}" is for the while above.]

-- 
You are receiving this mail because:
You are the assignee for the bug.

More information about the freebsd-ports-bugs mailing list