Bug 702953

Summary: Valgrind error in apr_vformatter
Product: Ghostscript Reporter: Peter Cherepanov <sphinx.pinastri>
Component: Valgrind/AddressSanitizerAssignee: Default assignee <ghostpdl-bugs>
Status: RESOLVED FIXED    
Severity: normal    
Priority: P4    
Version: master   
Hardware: PC   
OS: Linux   
Customer: Word Size: ---
Attachments: Sample file
Log file
Simplified sample file

Description Peter Cherepanov 2020-10-01 07:57:24 UTC 
Created attachment 19900 [details]
Sample file

Valgrind reports an error in apr_vformatter() on the ps2write device.
Comment 1 Peter Cherepanov 2020-10-02 17:30:38 UTC 
Created attachment 19908 [details]
Log file

Here is the log for the commit df537046c2130be285b213b5d0478159d1c5b16d .
This bug report is about the first error in the log. The rest are assumed to be duplicates or parts of the cascade.
Comment 2 Peter Cherepanov 2020-10-05 03:27:43 UTC 
Created attachment 19919 [details]
Simplified sample file

The uUninitialized values are introduced in

int convert_separation_alternate( ... )
{
        // ...
        gs_client_color cc;

        // ...

        // Should be sizeof(float)*GS_CLIENT_COLOR_MAX_COMPONENTS
        memset(&cc.paint.values, 0x00, GS_CLIENT_COLOR_MAX_COMPONENTS);

        // Why? It is already zeroed.
        cc.paint.values[0] = 0;

        // This function leaves the separation color intact.
        // And writes only 1 component to conc[]
        sep_space->type->concretize_color(&cc, sep_space, conc, pgs, (gx_device *)pdev);

        // The next fragment uses 3 components.
        for (i = 0;i < pdev->color_info.num_components;i++)
            cc.paint.values[i] = frac2float(conc[i]);

        // ...
}
Comment 3 Ray Johnston 2021-08-13 20:28:12 UTC 
No longer happens. Tested with commit 4ea891719046f38f2d7758f7556d7a291fb1b1ad

Not worth git bisect since it is fixed.