<html> <head> <style></style></head> <body class='hmmessage'><div dir='ltr'><br><br><div>> To: poppler@lists.freedesktop.org<br>> Date: Fri, 4 Mar 2016 17:51:24 -0800<br>> From: mathog@caltech.edu<br>> Subject: Re: [poppler] Poppler provided printf() functions on Windows not language compliant<br>> <br>> On 04-Mar-2016 15:27, William Bader wrote:<br>> > Do you have any tools to track down bad memory accesses similar to<br>> > valgrind on Linux?<br>> <br>> Well, I had tried Dr. Memory previously on Inkscape and it died a <br>> horrible death trying to handle all of those memory structures. However <br>> this test program is tiny, so let's go with that.<br>> <br>> Installs current release of Dr. Memory on 32 bit XP machine.<br>> <br>> In DOS shell<br>> <br>> mingwenv<br>> mingw32-g++ -O0 -ggdb -static-libgcc -static-libstdc++ -o printf_bug <br>> printf_bug.c -Lc:\progs\devlibs61/lib -lpoppler<br>> "C:\Program Files\Dr. Memory\bin\drmemory.exe" -logdir C:/temp/logs -- <br>> printf_bug<br>> <br>> This logged several errors in libpoppler<br>> <br>> or<br>> <br>> mingw32-g++ -O0 -ggdb -static-libgcc -static-libstdc++ -o printf_bug <br>> printf_bug.c<br>> "C:\Program Files\Dr. Memory\bin\drmemory.exe" -logdir C:/temp/logs -- <br>> printf_bug<br>> <br>> this logged no errors.<br>> <br>> <br>> Jason Crain suggested stepping in with a debugger. Tried that and it <br>> didn't help, the libpoppler is not compiled with -g, there are no <br>> symbols.<br>> <br>> These are the errors from the first run mentioned above. It is not very <br>> helpful because libpoppler is built without debugging symbols. Sorry, <br>> this will probably wrap:<br>> <br>> Dr. Memory version 1.9.0 build 4 built on Oct 2 2015 13:13:14<br>> Dr. Memory results for pid 2056: "printf_bug.exe"<br>> Application cmdline: "printf_bug"<br>> Recorded 116 suppression(s) from default C:\Program files\Dr. <br>> Memory\bin\suppress-default.txt<br>> <br>> Error #1: UNINITIALIZED READ: reading 0x00220378-0x0022037a 2 byte(s) <br>> within 0x00220370-0x0022037a<br>> # 0 libpoppler-58.dll!__pformat_cvt [../../mingw/include/math.h:361]<br>> # 1 libpoppler-58.dll!__pformat_float <br>> [../../mingw/mingwex/stdio/pformat.c:800]<br>> # 2 libpoppler-58.dll!__mingw_pformat <br>> [../../mingw/mingwex/stdio/pformat.c:2047]<br>> # 3 libpoppler-58.dll!__mingw_vprintf <br>> [../../mingw/mingwex/stdio/vprintf.c:61]<br>> # 4 libpoppler-58.dll!printf <br>> [../../../../src/gcc-4.6.1/libgcc/../gcc/config/i386/cygwin.asm:125]<br>> # 5 main <br>> [C:\progs\inkscape_trunk/printf_bug.c:8]<br>> Note: @0:00:01.328 in thread 3760<br>> Note: instruction: fld 0x20(%esp) -> %st0<br>> <br>> Error #2: UNINITIALIZED READ: reading 0x00220374-0x0022037a 6 byte(s) <br>> within 0x00220370-0x0022037a<br>> # 0 libpoppler-58.dll!__pformat_cvt [../../mingw/include/math.h:361]<br>> # 1 libpoppler-58.dll!__pformat_float <br>> [../../mingw/mingwex/stdio/pformat.c:800]<br>> # 2 libpoppler-58.dll!__mingw_pformat <br>> [../../mingw/mingwex/stdio/pformat.c:2047]<br>> # 3 libpoppler-58.dll!__mingw_vprintf <br>> [../../mingw/mingwex/stdio/vprintf.c:61]<br>> # 4 libpoppler-58.dll!printf <br>> [../../../../src/gcc-4.6.1/libgcc/../gcc/config/i386/cygwin.asm:125]<br>> # 5 main <br>> [C:\progs\inkscape_trunk/printf_bug.c:10]<br>> Note: @0:00:01.437 in thread 3760<br>> Note: instruction: fld 0x20(%esp) -> %st0<br>> <br>> ===========================================================================<br>> FINAL SUMMARY:<br>> <br>> DUPLICATE ERROR COUNTS:<br>> Error # 2: 2<br>> <br>> SUPPRESSIONS USED:<br>> <br>> ERRORS FOUND:<br>> 0 unique, 0 total unaddressable access(es)<br>> 2 unique, 3 total uninitialized access(es)<br>> 0 unique, 0 total invalid heap argument(s)<br>> 0 unique, 0 total GDI usage error(s)<br>> 0 unique, 0 total handle leak(s)<br>> 0 unique, 0 total warning(s)<br>> 0 unique, 0 total, 0 byte(s) of leak(s)<br>> 0 unique, 0 total, 0 byte(s) of possible leak(s)<br>> ERRORS IGNORED:<br>> 4 unique, 5 total, 11360 byte(s) of still-reachable <br>> allocation(s)<br>> (re-run with "-show_reachable" for details)<br>> Details: c:\temp\logs\DrMemory-printf_bug.exe.2056.000\results.txt<br>> <br>> Guess I should report it as a bug. Although I am not sure if it is a <br>> devlibs61 problem or an underlying issue in poppler.<br>> <br>> Thanks,<br>> <br>> David Mathog<br>> mathog@caltech.edu<br>> Manager, Sequence Analysis Facility, Biology Division, Caltech<br></div><div><br></div><div><br></div><div>I think that the log above does not show the error that caused the crash.</div><div><br></div><div>"Uninitialized access" warnings are common false positives in memory checkers. They can happen when you copy a structure that has not had every byte of every field initialized. Dr. Memory even comments on that at <a href="http://drmemory.org/docs/page_uninit.html" target="_blank" style="font-size: 12pt;">http://drmemory.org/docs/page_uninit.html</a></div><div><br></div><div>An access to an invalid address can cause a crash, but reading an uninitialized variable should not directly cause a crash. If the uninitialized variable was a length or a pointer, using the value could lead to an invalid access, and that could cause a crash, but through an an invalid access, and the log does not show any "unaddressable access" errors.</div><div><br></div><div>Also, the stack trace shows pformat.c and vprintf.c. Those are not part of poppler. Poppler is C++, and almost all of the files with code are .cc not .c. You can also verify that by searching in the poppler source.</div><div><br></div><div>Did the person who built the poppler dll add parts of the C stdio library into the poppler dll?</div><div><br></div><div>William</div><div><br></div><div><br></div><div><br></div><div><br></div><div><br></div> </div></body> </html>