[Pkg-opencl-devel] Bug#975339: clinfo: Uninitialised value cause print of random characters

Davide Prina Davide.Prina at gmail.com
Fri Nov 20 17:05:07 GMT 2020 

Package: clinfo
Version: 2.2.18.04.06-1
Severity: normal
Tags: patch
X-Debbugs-Cc: Davide.Prina at gmail.com

Hi,

I see that clinfo have a very strange result

if I run
$ clinfo

I don't note nothing unusual

if I run
$ clinfo > /tmp/clinfo.txt
$ cat /tmp/clinfo.txt
[...]
  clGetDeviceIDs(NULL, CL_DEVICE_TYPE_ALL, ...)   P�b�U
[...]

I noted that in the row clGetDeviceIDs there are "strange" characters, who don't show up if you run clinfo from xterm.

Each time I rerun clinfo those "strange" characters are different.

Note: this error make piglit fails

Note: I'm using Debian Bullseye (testing), so I have done all the the following on the testing source. I have see, when I have try to report the but the 1st time, that there is a new version in Sid, but looking at the source
https://sources.debian.org/src/clinfo/2.2.18.04.06-2/src/clinfo.c/
I believe that the bug is still present.

So I run valgind:

$ valgrind --track-origins=yes --leak-check=full  clinfo
[...]
  Platform Name                                   Clover
Number of devices                                 0

NULL platform behavior
  clGetPlatformInfo(NULL, CL_PLATFORM_NAME, ...)  Clover
==17199== Conditional jump or move depends on uninitialised value(s)
==17199==    at 0x483BCE5: __strlen_sse2 (in /usr/lib/x86_64-linux-gnu/valgrind/vgpreload_memcheck-amd64-linux.so)
==17199==    by 0x48F0ECD: __vfprintf_internal (vfprintf-internal.c:1688)
==17199==    by 0x4990CC6: __printf_chk (printf_chk.c:33)
==17199==    by 0x115D0C: printf (stdio2.h:107)
==17199==    by 0x115D0C: checkNullGetDevices (clinfo.c:2739)
==17199==    by 0x116E6C: checkNullBehavior (clinfo.c:2917)
==17199==    by 0x10E70A: main (clinfo.c:3216)
==17199==  Uninitialised value was created by a heap allocation
==17199==    at 0x483877F: malloc (in /usr/lib/x86_64-linux-gnu/valgrind/vgpreload_memcheck-amd64-linux.so)
==17199==    by 0x115B5C: realloc_strbuf (strbuf.h:38)
==17199==    by 0x115B5C: checkNullGetDevices (clinfo.c:2655)
==17199==    by 0x116E6C: checkNullBehavior (clinfo.c:2917)
==17199==    by 0x10E70A: main (clinfo.c:3216)
==17199== 
  clGetDeviceIDs(NULL, CL_DEVICE_TYPE_ALL, ...)   
  clCreateContext(NULL, ...) [default]            No devices found in platform
  clCreateContextFromType(NULL, CL_DEVICE_TYPE_DEFAULT)  No devices found in platform
  clCreateContextFromType(NULL, CL_DEVICE_TYPE_CPU)  No devices found in platform
  clCreateContextFromType(NULL, CL_DEVICE_TYPE_GPU)  No devices found in platform
  clCreateContextFromType(NULL, CL_DEVICE_TYPE_ACCELERATOR)  No devices found in platform
  clCreateContextFromType(NULL, CL_DEVICE_TYPE_CUSTOM)  No devices found in platform
  clCreateContextFromType(NULL, CL_DEVICE_TYPE_ALL)  No devices found in platform
[...]

I have try to investigate and I found that, as say valgrind, there are uninitialized variables.
---8<-----8<-----8<-----8<-----8<-----8<-----8<-----8<-----8<-----8<-----8<--
--- clinfo-2.2.18.04.06/src/clinfo.c	2018-04-06 07:50:01.000000000 +0200
+++ src/clinfo.c	2020-11-20 17:40:36.453403905 +0100
@@ -100,6 +100,7 @@
 	plist->dev_offset = NULL;
 	plist->pdata = NULL;
 	plist->platform_checks = NULL;
+	plist->max_sname_len=0; /* not initialized */
 }
 
 void plist_devs_reserve(struct platform_list *plist, cl_uint amount)
@@ -2653,6 +2654,8 @@
 	cl_uint numdevs = 0;
 
 	INIT_RET(ret, "null get devices");
+	(&ret.err_str)->buf[0]='\0';
+	(&ret.str)->buf[0]='\0';
 
 	reset_loc(&loc, __func__);
 	loc.sname = "device IDs";
---8<-----8<-----8<-----8<-----8<-----8<-----8<-----8<-----8<-----8<-----8<--

the first one is an uninitialized values that don't cause the problem above.
As you can see I have made a fast initialization to check if this solve the problem. For sure the upstream will do a better job.
Probably it was better to wrote "ret.err_str.>buf[0]='\0';" but I have started from the instruction that generate the error: RET_BUF(ret)->buf

After that valgrind report no more problem in that point, but the result of problems and possible problems are not zero:

$ valgrind --track-origins=yes --leak-check=full --show-leak-kinds=all  clinfo
[...]
==110314== LEAK SUMMARY:
==110314==    definitely lost: 140 bytes in 4 blocks
==110314==    indirectly lost: 0 bytes in 0 blocks
==110314==      possibly lost: 1,600 bytes in 4 blocks
==110314==    still reachable: 250,744 bytes in 2,085 blocks
==110314==         suppressed: 32 bytes in 1 blocks
==110314== 
==110314== For lists of detected and suppressed errors, rerun with: -s
==110314== ERROR SUMMARY: 10 errors from 7 contexts (suppressed: 0 from 0)

Ciao
Davide


-- System Information:
Debian Release: bullseye/sid
  APT prefers testing-debug
  APT policy: (500, 'testing-debug'), (500, 'testing'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 5.9.6-dp-20201119 (SMP w/4 CPU threads; PREEMPT)
Kernel taint flags: TAINT_UNSIGNED_MODULE
Locale: LANG=it_IT.utf8, LC_CTYPE=it_IT.utf8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages clinfo depends on:
ii  libc6                            2.31-4
ii  ocl-icd-libopencl1 [libopencl1]  2.2.13-1

clinfo recommends no packages.

clinfo suggests no packages.

-- no debconf information

More information about the Pkg-opencl-devel mailing list