Forum Stats

  • 3,734,708 Users
  • 2,247,029 Discussions
  • 7,857,460 Comments

Discussions

discover is showing UMRs when using getaddrinfo/getnameinfo

RaiderOfTheLostSPARC
RaiderOfTheLostSPARC Member Posts: 255 Blue Ribbon

Hi,

I started playing with the discover (Studio 12.4, Solaris 11.2, x86) tool to check my apps for memory errors etc.

I noticed that I get UMR warnings/errors when using the getaddrinfo()/getnameinfo() socket functions. Why?

[email protected]_2_x86:/tmp $ cat getaddrinfo.c

#include <stdio.h>

#include <stdlib.h>

#include <netdb.h>

#include <netinet/in.h>

#include <sys/socket.h>

int

main(void)

{

    struct addrinfo *result, *res;

    int error;

    error = getaddrinfo("www.oracle.com", NULL, NULL, &result);

    for (res = result; res != NULL; res = res->ai_next)

    {

        char hostname[NI_MAXHOST];

        error = getnameinfo(res->ai_addr, res->ai_addrlen, hostname, NI_MAXHOST, NULL, 0, 0);

        if (*hostname != '\0')

            printf("hostname: %s\n", hostname);

    }

    freeaddrinfo(result);

    return 0;

}

[email protected]_2_x86:/tmp $ cc -g getaddrinfo.c -lsocket

[email protected]_2_x86:/tmp $ discover -w - a.out

[email protected]_2_x86:/tmp $ ./a.out

ERROR 1 (UMR): accessing uninitialized data "result" at address 0xfeffe650 (4 bytes) on the stack at:

        main() + 0x141  <getaddrinfo.c:14>

                11:        int error;

                12:

                13:        error = getaddrinfo("www.oracle.com", NULL, NULL, &result);

                14:=>      for (res = result; res != NULL; res = res->ai_next)

                15:        {

                16:            char hostname[NI_MAXHOST];

                17:

        _start() + 0x71

ERROR 2 (UMR): accessing uninitialized data "*(result + 16)" at address 0x8080518 (4 bytes) on the heap at:

        main() + 0x247  <getaddrinfo.c:18>

                15:        {

                16:            char hostname[NI_MAXHOST];

                17:

                18:=>          error = getnameinfo(res->ai_addr, res->ai_addrlen, hostname, NI_MAXHOST, NULL, 0, 0);

                19:            if (*hostname != '\0')

                20:                printf("hostname: %s\n", hostname);

                21:        }

        _start() + 0x71

    was allocated at (32 bytes):

        get_addr() + 0x22f

        _getaddrinfo() + 0x496

        getaddrinfo() + 0x1e

        main() + 0xee  <getaddrinfo.c:13>

                10:        struct addrinfo *result, *res;

                11:        int error;

                12:

                13:=>      error = getaddrinfo("www.oracle.com", NULL, NULL, &result);

                14:        for (res = result; res != NULL; res = res->ai_next)

                15:        {

                16:            char hostname[NI_MAXHOST];

        _start() + 0x71

ERROR 3 (UMR): accessing uninitialized data "*(result + 24)" at address 0x8080520 (4 bytes) on the heap at:

        main() + 0x289  <getaddrinfo.c:18>

                15:        {

                16:            char hostname[NI_MAXHOST];

                17:

                18:=>          error = getnameinfo(res->ai_addr, res->ai_addrlen, hostname, NI_MAXHOST, NULL, 0, 0);

                19:            if (*hostname != '\0')

                20:                printf("hostname: %s\n", hostname);

                21:        }

        _start() + 0x71

    was allocated at (32 bytes):

        get_addr() + 0x22f

        _getaddrinfo() + 0x496

        getaddrinfo() + 0x1e

        main() + 0xee  <getaddrinfo.c:13>

                10:        struct addrinfo *result, *res;

                11:        int error;

                12:

                13:=>      error = getaddrinfo("www.oracle.com", NULL, NULL, &result);

                14:        for (res = result; res != NULL; res = res->ai_next)

                15:        {

                16:            char hostname[NI_MAXHOST];

        _start() + 0x71

ERROR 4 (PIR): accessing partially initialized data at address 0x8084cd5 (51 bytes) on the heap at:

        __mappedtov4() + 0x134

        getipnodebyaddr() + 0x179

        getnameinfo() + 0xbd

        main() + 0x2b1  <getaddrinfo.c:18>

                15:        {

                16:            char hostname[NI_MAXHOST];

                17:

                18:=>          error = getnameinfo(res->ai_addr, res->ai_addrlen, hostname, NI_MAXHOST, NULL, 0, 0);

                19:            if (*hostname != '\0')

                20:                printf("hostname: %s\n", hostname);

                21:        }

        _start() + 0x71

    was allocated at (8500 bytes):

        __IPv6_alloc() + 0x39

        getipnodebyaddr() + 0x95

        getnameinfo() + 0xbd

        main() + 0x2b1  <getaddrinfo.c:18>

                15:        {

                16:            char hostname[NI_MAXHOST];

                17:

                18:=>          error = getnameinfo(res->ai_addr, res->ai_addrlen, hostname, NI_MAXHOST, NULL, 0, 0);

                19:            if (*hostname != '\0')

                20:                printf("hostname: %s\n", hostname);

                21:        }

        _start() + 0x71

ERROR 5 (PIR): accessing partially initialized data at address 0x8086e51 (51 bytes) on the heap at:

        getnameinfo() + 0xf5

        main() + 0x2b1  <getaddrinfo.c:18>

                15:        {

                16:            char hostname[NI_MAXHOST];

                17:

                18:=>          error = getnameinfo(res->ai_addr, res->ai_addrlen, hostname, NI_MAXHOST, NULL, 0, 0);

                19:            if (*hostname != '\0')

                20:                printf("hostname: %s\n", hostname);

                21:        }

        _start() + 0x71

    was allocated at (8500 bytes):

        __IPv6_alloc() + 0x39

        __mappedtov4() + 0x53

        getipnodebyaddr() + 0x179

        getnameinfo() + 0xbd

        main() + 0x2b1  <getaddrinfo.c:18>

                15:        {

                16:            char hostname[NI_MAXHOST];

                17:

                18:=>          error = getnameinfo(res->ai_addr, res->ai_addrlen, hostname, NI_MAXHOST, NULL, 0, 0);

                19:            if (*hostname != '\0')

                20:                printf("hostname: %s\n", hostname);

                21:        }

        _start() + 0x71

hostname: a23-43-22-140.deploy.static.akamaitechnologies.com

ERROR 6 (UMR): accessing uninitialized data "*(result + 28)" at address 0x8080524 (4 bytes) on the heap at:

        main() + 0x37a  <getaddrinfo.c:14>

                11:        int error;

                12:

                13:        error = getaddrinfo("www.oracle.com", NULL, NULL, &result);

                14:=>      for (res = result; res != NULL; res = res->ai_next)

                15:        {

                16:            char hostname[NI_MAXHOST];

                17:

        _start() + 0x71

    was allocated at (32 bytes):

        get_addr() + 0x22f

        _getaddrinfo() + 0x496

        getaddrinfo() + 0x1e

        main() + 0xee  <getaddrinfo.c:13>

                10:        struct addrinfo *result, *res;

                11:        int error;

                12:

                13:=>      error = getaddrinfo("www.oracle.com", NULL, NULL, &result);

                14:        for (res = result; res != NULL; res = res->ai_next)

                15:        {

                16:            char hostname[NI_MAXHOST];

        _start() + 0x71

***************** Discover Memory Report *****************

No allocated memory left on program exit.

DISCOVER SUMMARY:

        unique errors   : 6 (6 total)

        unique warnings : 0 (0 total)

Answers

  • 905885
    905885 Member Posts: 2

    Hi,

    Thanks for reporting the issue.

    Discover instruments the target binary and dependent libraries in order to correctly identify memory errors. For this particular program, the dependent library libsocket.so does not have compiler annotations and so cannot be instrumented by Discover. The current solution for such library function calls is to do interpositions instead. I have created Bug#20139045 against Discover to add support for these functions. In the future releases, we may have more general solutions. Stay tuned.

    - Discover engineer

    RaiderOfTheLostSPARC
This discussion has been closed.