From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.8) Gecko/20051118 Fedora/1.5-0.5.0.rc3 Firefox/1.5 Description of problem: memcheck complains that internal testcase posix/tst-rxspencer uses an uninit value. Snippet of un-redirected stdout (helping to locate which test): ----- abc & xabcy abc a\(b\)?c\1d b acd aBc i Abc Abc a[Bc]*d i abBCcd abBCcd ==24586== Conditional jump or move depends on uninitialised value(s) ==24586== at 0x4AA97C7: re_compile_fastmap_iter (regcomp.c:325) ==24586== by 0x4AA9B2A: re_compile_fastmap (regcomp.c:275) ==24586== by 0x4AB5D18: regcomp (regcomp.c:491) ==24586== by 0x400FA6: test (tst-rxspencer.c:226) ==24586== by 0x401E3C: main (tst-rxspencer.c:545) ==24586== ----- Version-Release number of selected component (if applicable): glibc-2.3.90-18 How reproducible: Always Steps to Reproduce: 1. Run internal testcase posix/tst-rxspencer under valgrind-3.1.0 on x86_64. 2. 3. Actual Results: memcheck complains as in Description. Expected Results: No complaints. Additional info:
valgrind bug (though probably really hard to fix). There are some bitfields in the structure: ... re_token_type_t type : 8; unsigned int constraint : 10; /* context constraint */ unsigned int duplicated : 1; unsigned int opt_subexp : 1; unsigned int accept_mb : 1; unsigned int mb_partial : 1; unsigned int word_char : 1; and GCC optimizes: while (++node < dfa->nodes_len && dfa->nodes[node].type == CHARACTER && dfa->nodes[node].mb_partial) as reading whole 32-bit word that contains both type and mb_partial bitfield, masking it and then comparing. mb_partial is known to be initialized when type == CHARACTER, but not otherwise. If type is not CHARACTER, it is uninitialized, but that doesn't matter, as it doesn't influence runtime at all in that case. But valgrind isn't able to figure it out.