* uninitialized globals
@ 2024-04-05 8:29 Karl Dahlke
2024-04-05 10:43 ` Sebastian Humenda
0 siblings, 1 reply; 14+ messages in thread
From: Karl Dahlke @ 2024-04-05 8:29 UTC (permalink / raw)
To: edbrowse-dev
Perhaps someone can shed some light on this.
I received this from a friend of mine, who does some packaging for
debian.
------------------------------
I have been running a self-compiled version of the latest edbrowse
3.8.9 on
Debian, compiled with GCC 12.2. It segfaults on startup, and the
backtrace
suggests it is in main.c:1926, where it nzFree's sslCerts. This is
likely
caused by some hardning options of the Debian packaging infrastructure.
It cause sslCerts to be not NULL-initialised. I couldn't track down
exactly
which option it is, but the simple fix is to NULL out the static pointer
sslCerts. I could hand in a patch, if you like (or a pull request). At
the
moment, this makes Edbrowse unusable on Debian.
------------------------------
I am rather stunned by this.
I have been using C since 1980.
Ever since the original K&R, global uninitialized variables are 0.
I don't understand how sslCerts could be not zero.
The "simple fix" I'm guessing is to set it to 0,
but that's not simple because there are dozens of global variables, and
some static variables too, that are not initialized, that I count on
being zero.
If we got past sslCerts we would just run into another one.
We'd have to scan through the entire body of code, some 50 thousand
lines, to find them all and set them all to 0,
or,
we could try to understand how and why sslCerts is not null,
because I would have said that was impossible.
I just did an internet search, and site after site after site confirms
that all such uninitialized variables are 0.
Karl Dahlke
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: uninitialized globals
2024-04-05 8:29 uninitialized globals Karl Dahlke
@ 2024-04-05 10:43 ` Sebastian Humenda
2024-04-05 11:14 ` Tyler Spivey
2024-04-05 14:21 ` Karl Dahlke
0 siblings, 2 replies; 14+ messages in thread
From: Sebastian Humenda @ 2024-04-05 10:43 UTC (permalink / raw)
To: edbrowse-dev
[-- Attachment #1: Type: text/plain, Size: 12304 bytes --]
Hi
Pardon, I should have sent it to the list.
Karl Dahlke schrieb am 05.04.2024, 4:29 -0400:
>the latest edbrowse 3.8.9 on Debian, compiled with GCC 12.2. It segfaults on
>startup, and the backtrace suggests it is in main.c:1926, where it nzFree's
[…]
[…]
An excerpt of the build output is below this e-mail; it includes the build
flags.
>I am rather stunned by this. I have been using C since 1980. Ever since the
>original K&R, global uninitialized variables are 0. I don't understand how
[…]
I am bored by C standards and alike. I have been writing MISRA C for several
years and I do remember the checkre requiring us to initialise explicitly
every static (i.e. global) as its initialisation was either depending on the
type or implementation defined, I do not recall.
Here is what nm says:
% nm src/edbrowse | grep 'sslCerts'
0000000000247088 D sslCerts
% nm src/edbrowse | fgrep allowJS
% nm src/edbrowse | fgrep allowJS
0000000000247079 D allowJS
>but that's not simple because there are dozens of global variables, and some
>static variables too, that are not initialized, that I count on being zero.
>If we got past sslCerts we would just run into another one. We'd have to
[…]
Agreed. I actually just looked whether I can call up my.test.website and with
this set, it worked :). I actually was trying out the QuicJS support.
Cheers
Sebastian
=== Build Output
cc -g -O2 -ffile-prefix-map=/tmp/edbrowse=. -fstack-protector-strong -Wformat -Werror=format-security -Wall -Wno-unused -D_FILE_OFFSET_BITS=64 -DEDBROWSE_ON_LINUX -I/usr/include/x86_64-linux-gnu -g -ggdb -Wextra -Wdate-time -D_FORTIFY_SOURCE=2 -c -o dbodbc.o dbodbc.c
isup.c: In function ‘decodePostData’:
isup.c:1276:30: warning: ‘c’ may be used uninitialized [-Wmaybe-uninitialized]
1276 | *w++ = c;
| ~~~~~^~~
isup.c:1230:14: note: ‘c’ was declared here
1230 | char c;
| ^
css.c: In function ‘hashSortCrunch’:
css.c:3222:37: warning: ‘j’ may be used uninitialized [-Wmaybe-uninitialized]
3222 | mark->body[j++] = v->t;
| ~^~
css.c:3202:16: note: ‘j’ was declared here
3202 | int i, j, distinct = 0;
| ^
css.c: In function ‘do_rules’:
css.c:3106:9: warning: ‘tn’ may be used uninitialized [-Wmaybe-uninitialized]
3106 | set_property_bool_t(tn, "inj$css", true);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
css.c:2957:20: note: ‘tn’ was declared here
2957 | const Tag *tn; // the text node that holds before or after text
| ^~
dbops.c: In function ‘stringDate’:
dbops.c:505:17: warning: ‘__builtin_strncpy’ output may be truncated copying 4 bytes from a string of length 7 [-Wstringop-truncation]
505 | strncpy(buf, buf + 4, 4);
| ^
dbodbc.c: In function ‘retsFromOdbc’:
dbodbc.c:937:30: warning: ‘input_length’ may be used uninitialized [-Wmaybe-uninitialized]
937 | rc = SQLGetData(hstmt, (ushort) (i + 1),
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
938 | c_type, q1, input_length,
| ~~~~~~~~~~~~~~~~~~~~~~~~~
939 | &output_length);
| ~~~~~~~~~~~~~~~
dbodbc.c:827:14: note: ‘input_length’ was declared here
827 | long input_length, output_length;
| ^~~~~~~~~~~~
dbodbc.c:937:30: warning: ‘c_type’ may be used uninitialized [-Wmaybe-uninitialized]
937 | rc = SQLGetData(hstmt, (ushort) (i + 1),
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
938 | c_type, q1, input_length,
| ~~~~~~~~~~~~~~~~~~~~~~~~~
939 | &output_length);
| ~~~~~~~~~~~~~~~
dbodbc.c:826:15: note: ‘c_type’ was declared here
826 | short c_type; /* C data type */
| ^~~~~~
dbops.c: In function ‘stringTime’:
dbops.c:636:28: warning: ‘c’ may be used uninitialized [-Wmaybe-uninitialized]
636 | if (c == 'A')
| ^
dbops.c:593:14: note: ‘c’ was declared here
593 | char c;
| ^
css.c: In function ‘cssParseLeft’:
css.c:1336:52: warning: ‘sel2’ may be used uninitialized [-Wmaybe-uninitialized]
1336 | sel2->next = sel, sel2 = sel;
| ~~~~~~~~~~~^~~~~
css.c:1258:21: note: ‘sel2’ was declared here
1258 | struct sel *sel2;
| ^~~~
dbodbc.c: In function ‘oneRetValue.constprop’:
dbodbc.c:1114:19: warning: ‘f’ may be used uninitialized [-Wmaybe-uninitialized]
1114 | n = f;
| ~~^~~
dbodbc.c:1097:16: note: ‘f’ was declared here
1097 | double f;
| ^
dbodbc.c:1126:19: warning: ‘c’ may be used uninitialized [-Wmaybe-uninitialized]
1126 | n = c;
| ~~^~~
dbodbc.c:1095:14: note: ‘c’ was declared here
1095 | char c;
| ^
dbodbc.c:1133:16: warning: ‘n’ may be used uninitialized [-Wmaybe-uninitialized]
1133 | return n;
| ^
dbodbc.c:1096:14: note: ‘n’ was declared here
1096 | long n;
| ^
dbops.c: In function ‘lineFormatStack’:
dbops.c:191:40: warning: ‘dn’ may be used uninitialized [-Wmaybe-uninitialized]
191 | (pdir == 'f' && dn == nullfloat) ||
dbops.c:101:16: note: ‘dn’ was declared here
101 | double dn; /* double number */
| ^~
dbops.c:189:37: warning: ‘n’ may be used uninitialized [-Wmaybe-uninitialized]
189 | if ((pdir == 'c' && !n) ||
| ^~
dbops.c:100:14: note: ‘n’ was declared here
100 | long n;
| ^
css.c: In function ‘cssPieces’:
css.c:1008:42: warning: ‘d2’ may be used uninitialized [-Wmaybe-uninitialized]
1008 | d2->next = d, d2 = d;
| ~~~~~~~~~^~~
css.c:802:31: note: ‘d2’ was declared here
802 | struct desc *d1 = 0, *d2, *d = 0;
| ^~
In function ‘uncomment’,
inlined from ‘cssPieces’ at css.c:815:2:
css.c:176:56: warning: ‘url0’ may be used uninitialized [-Wmaybe-uninitialized]
176 | *w++ = *u;
| ^~
css.c: In function ‘cssPieces’:
css.c:147:23: note: ‘url0’ was declared here
147 | char *w = s, *url0;
| ^~~~
cc -I/usr/include/quickjs -Wdate-time -D_FORTIFY_SOURCE=2 -g -O2 -ffile-prefix-map=/tmp/edbrowse=. -fstack-protector-strong -Wformat -Werror=format-security -Wall -Wno-unused -D_FILE_OFFSET_BITS=64 -DEDBROWSE_ON_LINUX -I/usr/include/x86_64-linux-gnu -g -ggdb -Wextra -c jseng-quick.c
In function ‘cursor_comm’,
inlined from ‘syncup_table’ at dbops.c:2051:2:
dbops.c:1945:31: warning: ‘sortval2’ may be used uninitialized [-Wmaybe-uninitialized]
1943 | ((sorttype == 'S'
| ~~~~~~~~~~~~~~~~~
1944 | && strcmp(sortstring1, sortstring2) < 0)
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1945 | || (sorttype != 'S' && sortval1 < sortval2)))) {
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
dbops.c: In function ‘syncup_table’:
dbops.c:1835:23: note: ‘sortval2’ was declared here
1835 | int sortval1, sortval2;
| ^~~~~~~~
In function ‘cursor_comm’,
inlined from ‘syncup_table’ at dbops.c:2051:2:
dbops.c:1945:31: warning: ‘sortval1’ may be used uninitialized [-Wmaybe-uninitialized]
1943 | ((sorttype == 'S'
| ~~~~~~~~~~~~~~~~~
1944 | && strcmp(sortstring1, sortstring2) < 0)
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1945 | || (sorttype != 'S' && sortval1 < sortval2)))) {
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
dbops.c: In function ‘syncup_table’:
dbops.c:1835:13: note: ‘sortval1’ was declared here
1835 | int sortval1, sortval2;
| ^~~~~~~~
css.c: In function ‘qsaMatch’:
css.c:2387:28: warning: ‘rc’ may be used uninitialized [-Wmaybe-uninitialized]
2387 | if (rc)
| ^
css.c:2100:14: note: ‘rc’ was declared here
2100 | bool rc;
| ^~
In file included from /usr/include/quickjs/quickjs-libc.h:30,
from jseng-quick.c:18:
/usr/include/quickjs/quickjs.h: In function ‘JS_NewCFunctionMagic’:
/usr/include/quickjs/quickjs.h:969:34: warning: cast between incompatible function types from ‘JSValue (*)(JSContext *, JSValue, int, JSValue *, int)’ to ‘JSValue (*)(JSContext *, JSValue, int, JSValue *)’ [-Wcast-function-type]
969 | return JS_NewCFunction2(ctx, (JSCFunction *)func, name, length, cproto, magic);
| ^
cc -g -O2 -ffile-prefix-map=/tmp/edbrowse=. -fstack-protector-strong -Wformat -Werror=format-security -Wall -Wno-unused -D_FILE_OFFSET_BITS=64 -DEDBROWSE_ON_LINUX -I/usr/include/x86_64-linux-gnu -g -ggdb -Wextra -Wdate-time -D_FORTIFY_SOURCE=2 -c -o ebrc.o ebrc.c
cc -g -O2 -ffile-prefix-map=/tmp/edbrowse=. -fstack-protector-strong -Wformat -Werror=format-security -Wall -Wno-unused -D_FILE_OFFSET_BITS=64 -DEDBROWSE_ON_LINUX -I/usr/include/x86_64-linux-gnu -g -ggdb -Wextra -Wdate-time -D_FORTIFY_SOURCE=2 -c -o msg-strings.o msg-strings.c
jseng-quick.c: In function ‘setup_window_2’:
jseng-quick.c:3787:9: warning: ignoring return value of ‘asprintf’ declared with attribute ‘warn_unused_result’ [-Wunused-result]
3787 | asprintf(&wpc, "Wp`Set@%s", cf->fileName);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
jseng-quick.c: In function ‘set_basehref’:
jseng-quick.c:4448:17: warning: ignoring return value of ‘asprintf’ declared with attribute ‘warn_unused_result’ [-Wunused-result]
4448 | asprintf(&wpc, "Wp`Set@%s", h);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
cc -g -O2 -ffile-prefix-map=/tmp/edbrowse=. -fstack-protector-strong -Wformat -Werror=format-security -Wall -Wno-unused -D_FILE_OFFSET_BITS=64 -DEDBROWSE_ON_LINUX -I/usr/include/x86_64-linux-gnu -g -ggdb -Wextra -Wdate-time -D_FORTIFY_SOURCE=2 -c -o startwindow.o startwindow.c
jseng-quick.c: In function ‘embedNodeName’:
jseng-quick.c:2012:17: warning: ‘__builtin___strncpy_chk’ specified bound depends on the length of the source argument [-Wstringop-truncation]
2012 | strncpy(b, nodeName, length);
| ^
jseng-quick.c:2009:26: note: length computed here
2009 | length = strlen(nodeName);
| ^~~~~~~~~~~~~~~~
cc main.o buffers.o sendmail.o fetchmail.o html.o html-tags.o format.o stringfile.o ebrc.o msg-strings.o http.o isup.o css.o startwindow.o dbops.o dbodbc.o jseng-quick.o /usr/lib/x86_64-linux-gnu/quickjs/libquickjs.a -ldl -latomic -Wl,-z,relro -Wl,-z,now -lcurl -lodbc -lpcre2-8 -lreadline -lssl -lcrypto -lpthread -lm -lssl -lcrypto -o edbrowse
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: uninitialized globals
2024-04-05 10:43 ` Sebastian Humenda
@ 2024-04-05 11:14 ` Tyler Spivey
2024-04-05 11:52 ` Sebastian Humenda
2024-04-05 14:21 ` Karl Dahlke
1 sibling, 1 reply; 14+ messages in thread
From: Tyler Spivey @ 2024-04-05 11:14 UTC (permalink / raw)
To: edbrowse-dev
How do I reproduce this? I tried:
dpkg-buildflags --export=sh > export.out
source export.out
make clean && make
But edbrowse doesn't crash for me.
This is on a new Debian 12.5 machine.
On 4/5/2024 3:43 AM, Sebastian Humenda wrote:
> Hi
>
> Pardon, I should have sent it to the list.
>
> Karl Dahlke schrieb am 05.04.2024, 4:29 -0400:
>> the latest edbrowse 3.8.9 on Debian, compiled with GCC 12.2. It segfaults on
>> startup, and the backtrace suggests it is in main.c:1926, where it nzFree's
> […]
> […]
>
> An excerpt of the build output is below this e-mail; it includes the build
> flags.
>
>> I am rather stunned by this. I have been using C since 1980. Ever since the
>> original K&R, global uninitialized variables are 0. I don't understand how
> […]
>
> I am bored by C standards and alike. I have been writing MISRA C for several
> years and I do remember the checkre requiring us to initialise explicitly
> every static (i.e. global) as its initialisation was either depending on the
> type or implementation defined, I do not recall.
>
> Here is what nm says:
>
> % nm src/edbrowse | grep 'sslCerts'
> 0000000000247088 D sslCerts
>
> % nm src/edbrowse | fgrep allowJS
> % nm src/edbrowse | fgrep allowJS
>
> 0000000000247079 D allowJS
>
>> but that's not simple because there are dozens of global variables, and some
>> static variables too, that are not initialized, that I count on being zero.
>> If we got past sslCerts we would just run into another one. We'd have to
> […]
>
> Agreed. I actually just looked whether I can call up my.test.website and with
> this set, it worked :). I actually was trying out the QuicJS support.
>
> Cheers
> Sebastian
>
> === Build Output
> cc -g -O2 -ffile-prefix-map=/tmp/edbrowse=. -fstack-protector-strong -Wformat -Werror=format-security -Wall -Wno-unused -D_FILE_OFFSET_BITS=64 -DEDBROWSE_ON_LINUX -I/usr/include/x86_64-linux-gnu -g -ggdb -Wextra -Wdate-time -D_FORTIFY_SOURCE=2 -c -o dbodbc.o dbodbc.c
> isup.c: In function ‘decodePostData’:
> isup.c:1276:30: warning: ‘c’ may be used uninitialized [-Wmaybe-uninitialized]
> 1276 | *w++ = c;
> | ~~~~~^~~
> isup.c:1230:14: note: ‘c’ was declared here
> 1230 | char c;
> | ^
> css.c: In function ‘hashSortCrunch’:
> css.c:3222:37: warning: ‘j’ may be used uninitialized [-Wmaybe-uninitialized]
> 3222 | mark->body[j++] = v->t;
> | ~^~
> css.c:3202:16: note: ‘j’ was declared here
> 3202 | int i, j, distinct = 0;
> | ^
> css.c: In function ‘do_rules’:
> css.c:3106:9: warning: ‘tn’ may be used uninitialized [-Wmaybe-uninitialized]
> 3106 | set_property_bool_t(tn, "inj$css", true);
> | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> css.c:2957:20: note: ‘tn’ was declared here
> 2957 | const Tag *tn; // the text node that holds before or after text
> | ^~
> dbops.c: In function ‘stringDate’:
> dbops.c:505:17: warning: ‘__builtin_strncpy’ output may be truncated copying 4 bytes from a string of length 7 [-Wstringop-truncation]
> 505 | strncpy(buf, buf + 4, 4);
> | ^
> dbodbc.c: In function ‘retsFromOdbc’:
> dbodbc.c:937:30: warning: ‘input_length’ may be used uninitialized [-Wmaybe-uninitialized]
> 937 | rc = SQLGetData(hstmt, (ushort) (i + 1),
> | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> 938 | c_type, q1, input_length,
> | ~~~~~~~~~~~~~~~~~~~~~~~~~
> 939 | &output_length);
> | ~~~~~~~~~~~~~~~
> dbodbc.c:827:14: note: ‘input_length’ was declared here
> 827 | long input_length, output_length;
> | ^~~~~~~~~~~~
> dbodbc.c:937:30: warning: ‘c_type’ may be used uninitialized [-Wmaybe-uninitialized]
> 937 | rc = SQLGetData(hstmt, (ushort) (i + 1),
> | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> 938 | c_type, q1, input_length,
> | ~~~~~~~~~~~~~~~~~~~~~~~~~
> 939 | &output_length);
> | ~~~~~~~~~~~~~~~
> dbodbc.c:826:15: note: ‘c_type’ was declared here
> 826 | short c_type; /* C data type */
> | ^~~~~~
> dbops.c: In function ‘stringTime’:
> dbops.c:636:28: warning: ‘c’ may be used uninitialized [-Wmaybe-uninitialized]
> 636 | if (c == 'A')
> | ^
> dbops.c:593:14: note: ‘c’ was declared here
> 593 | char c;
> | ^
> css.c: In function ‘cssParseLeft’:
> css.c:1336:52: warning: ‘sel2’ may be used uninitialized [-Wmaybe-uninitialized]
> 1336 | sel2->next = sel, sel2 = sel;
> | ~~~~~~~~~~~^~~~~
> css.c:1258:21: note: ‘sel2’ was declared here
> 1258 | struct sel *sel2;
> | ^~~~
> dbodbc.c: In function ‘oneRetValue.constprop’:
> dbodbc.c:1114:19: warning: ‘f’ may be used uninitialized [-Wmaybe-uninitialized]
> 1114 | n = f;
> | ~~^~~
> dbodbc.c:1097:16: note: ‘f’ was declared here
> 1097 | double f;
> | ^
> dbodbc.c:1126:19: warning: ‘c’ may be used uninitialized [-Wmaybe-uninitialized]
> 1126 | n = c;
> | ~~^~~
> dbodbc.c:1095:14: note: ‘c’ was declared here
> 1095 | char c;
> | ^
> dbodbc.c:1133:16: warning: ‘n’ may be used uninitialized [-Wmaybe-uninitialized]
> 1133 | return n;
> | ^
> dbodbc.c:1096:14: note: ‘n’ was declared here
> 1096 | long n;
> | ^
> dbops.c: In function ‘lineFormatStack’:
> dbops.c:191:40: warning: ‘dn’ may be used uninitialized [-Wmaybe-uninitialized]
> 191 | (pdir == 'f' && dn == nullfloat) ||
> dbops.c:101:16: note: ‘dn’ was declared here
> 101 | double dn; /* double number */
> | ^~
> dbops.c:189:37: warning: ‘n’ may be used uninitialized [-Wmaybe-uninitialized]
> 189 | if ((pdir == 'c' && !n) ||
> | ^~
> dbops.c:100:14: note: ‘n’ was declared here
> 100 | long n;
> | ^
> css.c: In function ‘cssPieces’:
> css.c:1008:42: warning: ‘d2’ may be used uninitialized [-Wmaybe-uninitialized]
> 1008 | d2->next = d, d2 = d;
> | ~~~~~~~~~^~~
> css.c:802:31: note: ‘d2’ was declared here
> 802 | struct desc *d1 = 0, *d2, *d = 0;
> | ^~
> In function ‘uncomment’,
> inlined from ‘cssPieces’ at css.c:815:2:
> css.c:176:56: warning: ‘url0’ may be used uninitialized [-Wmaybe-uninitialized]
> 176 | *w++ = *u;
> | ^~
> css.c: In function ‘cssPieces’:
> css.c:147:23: note: ‘url0’ was declared here
> 147 | char *w = s, *url0;
> | ^~~~
> cc -I/usr/include/quickjs -Wdate-time -D_FORTIFY_SOURCE=2 -g -O2 -ffile-prefix-map=/tmp/edbrowse=. -fstack-protector-strong -Wformat -Werror=format-security -Wall -Wno-unused -D_FILE_OFFSET_BITS=64 -DEDBROWSE_ON_LINUX -I/usr/include/x86_64-linux-gnu -g -ggdb -Wextra -c jseng-quick.c
> In function ‘cursor_comm’,
> inlined from ‘syncup_table’ at dbops.c:2051:2:
> dbops.c:1945:31: warning: ‘sortval2’ may be used uninitialized [-Wmaybe-uninitialized]
> 1943 | ((sorttype == 'S'
> | ~~~~~~~~~~~~~~~~~
> 1944 | && strcmp(sortstring1, sortstring2) < 0)
> | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> 1945 | || (sorttype != 'S' && sortval1 < sortval2)))) {
> | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> dbops.c: In function ‘syncup_table’:
> dbops.c:1835:23: note: ‘sortval2’ was declared here
> 1835 | int sortval1, sortval2;
> | ^~~~~~~~
> In function ‘cursor_comm’,
> inlined from ‘syncup_table’ at dbops.c:2051:2:
> dbops.c:1945:31: warning: ‘sortval1’ may be used uninitialized [-Wmaybe-uninitialized]
> 1943 | ((sorttype == 'S'
> | ~~~~~~~~~~~~~~~~~
> 1944 | && strcmp(sortstring1, sortstring2) < 0)
> | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> 1945 | || (sorttype != 'S' && sortval1 < sortval2)))) {
> | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> dbops.c: In function ‘syncup_table’:
> dbops.c:1835:13: note: ‘sortval1’ was declared here
> 1835 | int sortval1, sortval2;
> | ^~~~~~~~
> css.c: In function ‘qsaMatch’:
> css.c:2387:28: warning: ‘rc’ may be used uninitialized [-Wmaybe-uninitialized]
> 2387 | if (rc)
> | ^
> css.c:2100:14: note: ‘rc’ was declared here
> 2100 | bool rc;
> | ^~
> In file included from /usr/include/quickjs/quickjs-libc.h:30,
> from jseng-quick.c:18:
> /usr/include/quickjs/quickjs.h: In function ‘JS_NewCFunctionMagic’:
> /usr/include/quickjs/quickjs.h:969:34: warning: cast between incompatible function types from ‘JSValue (*)(JSContext *, JSValue, int, JSValue *, int)’ to ‘JSValue (*)(JSContext *, JSValue, int, JSValue *)’ [-Wcast-function-type]
> 969 | return JS_NewCFunction2(ctx, (JSCFunction *)func, name, length, cproto, magic);
> | ^
> cc -g -O2 -ffile-prefix-map=/tmp/edbrowse=. -fstack-protector-strong -Wformat -Werror=format-security -Wall -Wno-unused -D_FILE_OFFSET_BITS=64 -DEDBROWSE_ON_LINUX -I/usr/include/x86_64-linux-gnu -g -ggdb -Wextra -Wdate-time -D_FORTIFY_SOURCE=2 -c -o ebrc.o ebrc.c
> cc -g -O2 -ffile-prefix-map=/tmp/edbrowse=. -fstack-protector-strong -Wformat -Werror=format-security -Wall -Wno-unused -D_FILE_OFFSET_BITS=64 -DEDBROWSE_ON_LINUX -I/usr/include/x86_64-linux-gnu -g -ggdb -Wextra -Wdate-time -D_FORTIFY_SOURCE=2 -c -o msg-strings.o msg-strings.c
> jseng-quick.c: In function ‘setup_window_2’:
> jseng-quick.c:3787:9: warning: ignoring return value of ‘asprintf’ declared with attribute ‘warn_unused_result’ [-Wunused-result]
> 3787 | asprintf(&wpc, "Wp`Set@%s", cf->fileName);
> | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> jseng-quick.c: In function ‘set_basehref’:
> jseng-quick.c:4448:17: warning: ignoring return value of ‘asprintf’ declared with attribute ‘warn_unused_result’ [-Wunused-result]
> 4448 | asprintf(&wpc, "Wp`Set@%s", h);
> | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> cc -g -O2 -ffile-prefix-map=/tmp/edbrowse=. -fstack-protector-strong -Wformat -Werror=format-security -Wall -Wno-unused -D_FILE_OFFSET_BITS=64 -DEDBROWSE_ON_LINUX -I/usr/include/x86_64-linux-gnu -g -ggdb -Wextra -Wdate-time -D_FORTIFY_SOURCE=2 -c -o startwindow.o startwindow.c
> jseng-quick.c: In function ‘embedNodeName’:
> jseng-quick.c:2012:17: warning: ‘__builtin___strncpy_chk’ specified bound depends on the length of the source argument [-Wstringop-truncation]
> 2012 | strncpy(b, nodeName, length);
> | ^
> jseng-quick.c:2009:26: note: length computed here
> 2009 | length = strlen(nodeName);
> | ^~~~~~~~~~~~~~~~
> cc main.o buffers.o sendmail.o fetchmail.o html.o html-tags.o format.o stringfile.o ebrc.o msg-strings.o http.o isup.o css.o startwindow.o dbops.o dbodbc.o jseng-quick.o /usr/lib/x86_64-linux-gnu/quickjs/libquickjs.a -ldl -latomic -Wl,-z,relro -Wl,-z,now -lcurl -lodbc -lpcre2-8 -lreadline -lssl -lcrypto -lpthread -lm -lssl -lcrypto -o edbrowse
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: uninitialized globals
2024-04-05 11:14 ` Tyler Spivey
@ 2024-04-05 11:52 ` Sebastian Humenda
2024-04-05 12:20 ` Tyler Spivey
0 siblings, 1 reply; 14+ messages in thread
From: Sebastian Humenda @ 2024-04-05 11:52 UTC (permalink / raw)
To: edbrowse-dev
[-- Attachment #1: Type: text/plain, Size: 303 bytes --]
Hi
Tyler Spivey schrieb am 05.04.2024, 4:14 -0700:
>How do I reproduce this? I tried:
[…]
$ debcheckout edbrowse
$ cd edbrowse
$ git buildpackage
$ ./src/edbrowse https://scalable.capital
Do you need instructions that do not rely on devscripts and git-buildpackage?
Cheers
Sebastian
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: uninitialized globals
2024-04-05 11:52 ` Sebastian Humenda
@ 2024-04-05 12:20 ` Tyler Spivey
[not found] ` <ZhABdF68z0u7NC7g@kraftkrust>
0 siblings, 1 reply; 14+ messages in thread
From: Tyler Spivey @ 2024-04-05 12:20 UTC (permalink / raw)
To: edbrowse-dev
Where do I get libquickjs? Do I need to be running Debian unstable?
On 4/5/2024 4:52 AM, Sebastian Humenda wrote:
> Hi
>
> Tyler Spivey schrieb am 05.04.2024, 4:14 -0700:
>> How do I reproduce this? I tried:
> […]
>
> $ debcheckout edbrowse
> $ cd edbrowse
> $ git buildpackage
> $ ./src/edbrowse https://scalable.capital
>
> Do you need instructions that do not rely on devscripts and git-buildpackage?
> Cheers
> Sebastian
^ permalink raw reply [flat|nested] 14+ messages in thread
* uninitialized globals
2024-04-05 10:43 ` Sebastian Humenda
2024-04-05 11:14 ` Tyler Spivey
@ 2024-04-05 14:21 ` Karl Dahlke
2024-04-05 14:42 ` Sebastian Humenda
1 sibling, 1 reply; 14+ messages in thread
From: Karl Dahlke @ 2024-04-05 14:21 UTC (permalink / raw)
To: shumenda, edbrowse-dev
And this captures the weirdness.
> % nm src/edbrowse | grep 'sslCerts'
> 0000000000247088 D sslCerts
It puts it in the .data section of the executable, I bet everyone else
has B as I do, for .bss.
Why does it not wind up in .bss?
For grins I did the same with the object, before the linke,
$ nm main.o | fgrep sslCerts
00000004 C sslCerts
It puts the uninitialized global in a C section, of some kind, maybe
that's a gcc thing, then at link time C becomes .bss,
but in your world C becomes .data.
Karl Dahlke
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: uninitialized globals
2024-04-05 14:21 ` Karl Dahlke
@ 2024-04-05 14:42 ` Sebastian Humenda
2024-04-05 15:10 ` Karl Dahlke
0 siblings, 1 reply; 14+ messages in thread
From: Sebastian Humenda @ 2024-04-05 14:42 UTC (permalink / raw)
To: edbrowse-dev
[-- Attachment #1: Type: text/plain, Size: 465 bytes --]
Hi
Karl Dahlke schrieb am 05.04.2024, 10:21 -0400:
>And this captures the weirdness.
>
>> % nm src/edbrowse | grep 'sslCerts'
>> 0000000000247088 D sslCerts
>
>It puts it in the .data section of the executable, I bet everyone else has B
>as I do, for .bss. Why does it not wind up in .bss? For grins I did the same
>with the object, before the linke, $ nm main.o | fgrep sslCerts 00000004 C
Also if you use the posted compiler and linker flags?
Cheers
Sebastian
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: uninitialized globals
[not found] ` <ZhANkf4kZM2UkLka@kraftkrust>
@ 2024-04-05 14:54 ` Tyler Spivey
2024-04-05 15:48 ` Tyler Spivey
0 siblings, 1 reply; 14+ messages in thread
From: Tyler Spivey @ 2024-04-05 14:54 UTC (permalink / raw)
To: edbrowse-dev
That worked, now I get a segfault.
On 4/5/2024 7:41 AM, Sebastian Humenda wrote:
> Hi
>
> Tyler Spivey schrieb am 05.04.2024, 7:12 -0700:
>> I still can't get it to break. Here are all my steps:
> […]
>
> Lovely, memory corruption keeps people so busy ;), thanks for investigating it.
> Would you please try this in your test env:
>
> echo "certfile = /dev/null" > ~/.ebrc
>
> Cheers
> Sebastian
^ permalink raw reply [flat|nested] 14+ messages in thread
* uninitialized globals
2024-04-05 14:42 ` Sebastian Humenda
@ 2024-04-05 15:10 ` Karl Dahlke
0 siblings, 0 replies; 14+ messages in thread
From: Karl Dahlke @ 2024-04-05 15:10 UTC (permalink / raw)
To: shumenda, edbrowse-dev
> Also if you use the posted compiler and linker flags?
Yes. I used same flags, as much as possible, save a couple of -I
locations,
sslCerts is in C the common symbols in main.o, as expected, but in B in
my executable.
No idea why it folds into D that is .data in your executable.
Though I'm on a 32 bit machine so that could make a difference, and I'm
sure a different version of gcc,
but all that said, I've never heard of such a behavior, of putting
those variables in the .data section.
Karl Dahlke
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: uninitialized globals
2024-04-05 14:54 ` Tyler Spivey
@ 2024-04-05 15:48 ` Tyler Spivey
2024-04-05 18:18 ` Sebastian Humenda
0 siblings, 1 reply; 14+ messages in thread
From: Tyler Spivey @ 2024-04-05 15:48 UTC (permalink / raw)
To: edbrowse-dev
You patched sslCerts. That's causing your crash.
Without the patch, it should use whatever curl uses.
On 4/5/2024 7:54 AM, Tyler Spivey wrote:
> That worked, now I get a segfault.
>
> On 4/5/2024 7:41 AM, Sebastian Humenda wrote:
>> Hi
>>
>> Tyler Spivey schrieb am 05.04.2024, 7:12 -0700:
>>> I still can't get it to break. Here are all my steps:
>> […]
>>
>> Lovely, memory corruption keeps people so busy ;), thanks for
>> investigating it.
>> Would you please try this in your test env:
>>
>> echo "certfile = /dev/null" > ~/.ebrc
>>
>> Cheers
>> Sebastian
>
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: uninitialized globals
2024-04-05 15:48 ` Tyler Spivey
@ 2024-04-05 18:18 ` Sebastian Humenda
2024-04-05 18:37 ` Dominique Martinet
0 siblings, 1 reply; 14+ messages in thread
From: Sebastian Humenda @ 2024-04-05 18:18 UTC (permalink / raw)
To: edbrowse-dev
[-- Attachment #1: Type: text/plain, Size: 290 bytes --]
Hi
Tyler Spivey schrieb am 05.04.2024, 8:48 -0700:
>You patched sslCerts. That's causing your crash.
I didn't patch it, I specified a different source.
>Without the patch, it should use whatever curl uses.
It should not segfault, no matter what the configuration specifies.
Sebastian
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: uninitialized globals
2024-04-05 18:18 ` Sebastian Humenda
@ 2024-04-05 18:37 ` Dominique Martinet
2024-04-05 18:47 ` Sebastian Humenda
0 siblings, 1 reply; 14+ messages in thread
From: Dominique Martinet @ 2024-04-05 18:37 UTC (permalink / raw)
To: edbrowse-dev
Sebastian Humenda wrote on Fri, Apr 05, 2024 at 08:18:15PM +0200:
> Tyler Spivey schrieb am 05.04.2024, 8:48 -0700:
> >You patched sslCerts. That's causing your crash.
>
> I didn't patch it, I specified a different source.
I think that's what he means by patched:
edbrowse# cat debian/patches/ssl_certs
Make edbrowse use the system CA certificates list.
---
src/main.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- a/src/main.c
+++ b/src/main.c
@@ -34,7 +34,7 @@ bool errorExit;
int webTimeout = 20, mailTimeout = 0;
int displayLength = 500;
int verifyCertificates = 1;
-char *sslCerts, *pubKey;
+char *sslCerts = "/etc/ssl/certs/ca-certificates.crt", *pubKey;
int localAccount, maxAccount;
struct MACCOUNT accounts[MAXACCOUNT];
bool ebvar = true; // update environment variables before each shell command
That cannot be passed to nzFree as it's not an allocated value; this
patch should change to set it from strdup at start of main or something.
--
Dominique Martinet | Asmadeus
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: uninitialized globals
2024-04-05 18:37 ` Dominique Martinet
@ 2024-04-05 18:47 ` Sebastian Humenda
2024-04-05 19:07 ` Dominique Martinet
0 siblings, 1 reply; 14+ messages in thread
From: Sebastian Humenda @ 2024-04-05 18:47 UTC (permalink / raw)
To: edbrowse-dev
[-- Attachment #1: Type: text/plain, Size: 641 bytes --]
Hi
Dominique Martinet schrieb am 06.04.2024, 3:37 +0900:
>Sebastian Humenda wrote on Fri, Apr 05, 2024 at 08:18:15PM +0200:
>> Tyler Spivey schrieb am 05.04.2024, 8:48 -0700:
>> >You patched sslCerts. That's causing your crash.
>>
>> I didn't patch it, I specified a different source.
>
>I think that's what he means by patched:
Thanks :-). I also found that patch in the meantime. It's indeed the culprit.
I updated the patch, works now.
It also explains why sslCerts migrated to .data.
At least I now fixed two bugs in the packaging and got quickjs support Debian.
Let this be the announcement.
Cheers
Sebastian
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: uninitialized globals
2024-04-05 18:47 ` Sebastian Humenda
@ 2024-04-05 19:07 ` Dominique Martinet
0 siblings, 0 replies; 14+ messages in thread
From: Dominique Martinet @ 2024-04-05 19:07 UTC (permalink / raw)
To: edbrowse-dev
Sebastian Humenda wrote on Fri, Apr 05, 2024 at 08:47:14PM +0200:
> Thanks :-). I also found that patch in the meantime. It's indeed the culprit.
> I updated the patch, works now.
> It also explains why sslCerts migrated to .data.
Sorry I replied without thinking and suggested an equivalent patch, but
do you know why the curl default would not be good enough?
It looks like that patch originally came from this bug:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=646802
but since then it shouldn't be needed anymore (at least I've never had
that problem on my builds without setting sslCerts - leaving it null
should use the system defaults), so the patch could probably be dropped.
There was discussion on irc to upstream the other two patches as well,
so we wouldn't need to patch the debian package; they both make sense to
me as well.
--
Dominique Martinet | Asmadeus
^ permalink raw reply [flat|nested] 14+ messages in thread
end of thread, other threads:[~2024-04-05 19:07 UTC | newest]
Thread overview: 14+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2024-04-05 8:29 uninitialized globals Karl Dahlke
2024-04-05 10:43 ` Sebastian Humenda
2024-04-05 11:14 ` Tyler Spivey
2024-04-05 11:52 ` Sebastian Humenda
2024-04-05 12:20 ` Tyler Spivey
[not found] ` <ZhABdF68z0u7NC7g@kraftkrust>
[not found] ` <3749fabd-aadf-95da-99da-04d34268a68a@pcdesk.net>
[not found] ` <ZhANkf4kZM2UkLka@kraftkrust>
2024-04-05 14:54 ` Tyler Spivey
2024-04-05 15:48 ` Tyler Spivey
2024-04-05 18:18 ` Sebastian Humenda
2024-04-05 18:37 ` Dominique Martinet
2024-04-05 18:47 ` Sebastian Humenda
2024-04-05 19:07 ` Dominique Martinet
2024-04-05 14:21 ` Karl Dahlke
2024-04-05 14:42 ` Sebastian Humenda
2024-04-05 15:10 ` Karl Dahlke
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).