The score of an audio file in the score table is defined as a quantity
which is sizeof(long) bytes large, i.e. 4 bytes on 32bit systems and
8 bytes on 64 bit systems. This is not a problem per se because the
score column lives only in memory, so we do not have to worry about
incompatibilities of the on-disk layout.
However, at several places in score.c we cast the pointer to the osl
object to (int *) rather than (long *). When writing to the object on
a 64 bit machine, this will only set 4 out of the 8 allocated bytes,
the other four bytes stay uninitialized. The "ls" command uses the
correct cast to (long *) and reads the full 8 bytes. This causes
valgrind to complain:
==5433== Conditional jump or move depends on uninitialised value(s)
==5433== at 0x4164F4: prepare_ls_row (aft.c:1334)
==5433== by 0x4E2F421: osl_rbtree_loop (osl.c:1457)
==5433== by 0x418935: admissible_file_loop (score.c:255)
==5433== by 0x41601A: com_ls_callback (aft.c:1363)
==5433== by 0x411FDE: command_post_select (afs.c:842)
==5433== by 0x41B67A: schedule (sched.c:76)
==5433== by 0x411ACF: afs_init (afs.c:986)
==5433== by 0x408863: main (server.c:451)
==5433==
==5433== Conditional jump or move depends on uninitialised value(s)
==5433== at 0x41650A: prepare_ls_row (aft.c:1334)
==5433== by 0x4E2F421: osl_rbtree_loop (osl.c:1457)
==5433== by 0x418935: admissible_file_loop (score.c:255)
==5433== by 0x41601A: com_ls_callback (aft.c:1363)
==5433== by 0x411FDE: command_post_select (afs.c:842)
==5433== by 0x41B67A: schedule (sched.c:76)
==5433== by 0x411ACF: afs_init (afs.c:986)
==5433== by 0x408863: main (server.c:451)
Fix this bug by always casting to (long *).
*/
static int score_compare(const struct osl_object *obj1, const struct osl_object *obj2)
{
*/
static int score_compare(const struct osl_object *obj1, const struct osl_object *obj2)
{
- int d1 = *(int*)obj1->data;
- int d2 = *(int*)obj2->data;
+ long d1 = *(long *)obj1->data;
+ long d2 = *(long *)obj2->data;
int ret = NUM_COMPARE(d2, d1);
if (ret)
int ret = NUM_COMPARE(d2, d1);
if (ret)
size = score_table_desc.column_descriptions[SCORECOL_SCORE].data_size;
score_objs[SCORECOL_SCORE].data = para_malloc(size);
score_objs[SCORECOL_SCORE].size = size;
size = score_table_desc.column_descriptions[SCORECOL_SCORE].data_size;
score_objs[SCORECOL_SCORE].data = para_malloc(size);
score_objs[SCORECOL_SCORE].size = size;
- *(int *)(score_objs[SCORECOL_SCORE].data) = score;
+ *(long *)(score_objs[SCORECOL_SCORE].data) = score;
// PARA_DEBUG_LOG("adding %p\n", *(void **) (score_objs[SCORECOL_AFT_ROW].data));
ret = osl(osl_add_row(score_table, score_objs));
// PARA_DEBUG_LOG("adding %p\n", *(void **) (score_objs[SCORECOL_AFT_ROW].data));
ret = osl(osl_add_row(score_table, score_objs));