Searched hist:"27789 c4afdd3eab78759f3efcfeaa4defc3938e5" (Results 1 – 1 of 1) sorted by relevance
| /libCEED/interface/ |
| H A D | ceed-preconditioning.c | 27789c4afdd3eab78759f3efcfeaa4defc3938e5 Thu Aug 31 18:08:24 UTC 2023 Jed Brown <jed@jedbrown.org> preconditioning: fix realloc use-after-free bug
realloc(&p, size) may change the value of p. In this function, we stored
the local variable into a struct, then call realloc again on
the (untrue) assumption that the value would not change.
==31299== Invalid read of size 4
==31299== at 0x65A38F5: CeedSingleOperatorAssembleAddDiagonal_Core (ceed-preconditioning.c:329)
==31299== by 0x65A5321: CeedOperatorLinearAssembleAddDiagonal (ceed-preconditioning.c:1751)
==31299== by 0x65A529E: CeedOperatorLinearAssembleAddDiagonal (ceed-preconditioning.c:1743)
==31299== by 0x65A52F8: CeedCompositeOperatorLinearAssembleAddDiagonal (ceed-preconditioning.c:433)
==31299== by 0x65A52F8: CeedOperatorLinearAssembleAddDiagonal (ceed-preconditioning.c:1749)
==31299== by 0x65A54B8: CeedOperatorLinearAssembleDiagonal (ceed-preconditioning.c:1694)
==31299== by 0x48C6437: RatelGetDiagonal (ratel-petsc-ops.c:71)
==31299== by 0x558FA59: MatGetDiagonal_Shell (in /home/rezgar/petsc/mpich_arch/lib/libpetsc.so.3.019.4)
==31299== by 0x55A20A7: MatGetDiagonal (in /home/rezgar/petsc/mpich_arch/lib/libpetsc.so.3.019.4)
==31299== by 0x5960EF4: PCSetUp_Jacobi (in /home/rezgar/petsc/mpich_arch/lib/libpetsc.so.3.019.4)
==31299== by 0x59611C1: PCApply_Jacobi (in /home/rezgar/petsc/mpich_arch/lib/libpetsc.so.3.019.4)
==31299== by 0x5936522: PCApply (in /home/rezgar/petsc/mpich_arch/lib/libpetsc.so.3.019.4)
==31299== by 0x58F1BE5: KSPSolve_PREONLY (in /home/rezgar/petsc/mpich_arch/lib/libpetsc.so.3.019.4)
==31299== Address 0xaf09f20 is 0 bytes inside a block of size 4 free'd
==31299== at 0x484DCD3: realloc (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so)
==31299== by 0x6595067: CeedReallocArray (ceed.c:252)
==31299== by 0x65A2217: CeedOperatorAssemblyDataCreate (ceed-preconditioning.c:1265)
==31299== by 0x65A2628: CeedOperatorGetOperatorAssemblyData (ceed-preconditioning.c:1129)
==31299== by 0x65A3526: CeedSingleOperatorAssembleAddDiagonal_Core (ceed-preconditioning.c:295)
==31299== by 0x65A5321: CeedOperatorLinearAssembleAddDiagonal (ceed-preconditioning.c:1751)
==31299== by 0x65A529E: CeedOperatorLinearAssembleAddDiagonal (ceed-preconditioning.c:1743)
==31299== by 0x65A52F8: CeedCompositeOperatorLinearAssembleAddDiagonal (ceed-preconditioning.c:433)
==31299== by 0x65A52F8: CeedOperatorLinearAssembleAddDiagonal (ceed-preconditioning.c:1749)
==31299== by 0x65A54B8: CeedOperatorLinearAssembleDiagonal (ceed-preconditioning.c:1694)
==31299== by 0x48C6437: RatelGetDiagonal (ratel-petsc-ops.c:71)
==31299== by 0x558FA59: MatGetDiagonal_Shell (in /home/rezgar/petsc/mpich_arch/lib/libpetsc.so.3.019.4)
==31299== by 0x55A20A7: MatGetDiagonal (in /home/rezgar/petsc/mpich_arch/lib/libpetsc.so.3.019.4)
==31299== Block was alloc'd at
==31299== at 0x48487A9: malloc (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so)
==31299== by 0x6595067: CeedReallocArray (ceed.c:252)
==31299== by 0x65A1D24: CeedOperatorAssemblyDataCreate (ceed-preconditioning.c:1201)
==31299== by 0x65A2628: CeedOperatorGetOperatorAssemblyData (ceed-preconditioning.c:1129)
==31299== by 0x65A3526: CeedSingleOperatorAssembleAddDiagonal_Core (ceed-preconditioning.c:295)
==31299== by 0x65A5321: CeedOperatorLinearAssembleAddDiagonal (ceed-preconditioning.c:1751)
==31299== by 0x65A529E: CeedOperatorLinearAssembleAddDiagonal (ceed-preconditioning.c:1743)
==31299== by 0x65A52F8: CeedCompositeOperatorLinearAssembleAddDiagonal (ceed-preconditioning.c:433)
==31299== by 0x65A52F8: CeedOperatorLinearAssembleAddDiagonal (ceed-preconditioning.c:1749)
==31299== by 0x65A54B8: CeedOperatorLinearAssembleDiagonal (ceed-preconditioning.c:1694)
==31299== by 0x48C6437: RatelGetDiagonal (ratel-petsc-ops.c:71)
==31299== by 0x558FA59: MatGetDiagonal_Shell (in /home/rezgar/petsc/mpich_arch/lib/libpetsc.so.3.019.4)
==31299== by 0x55A20A7: MatGetDiagonal (in /home/rezgar/petsc/mpich_arch/lib/libpetsc.so.3.019.4)
Reported-by: Rezgar Shakeri
|