Skip to content

Corrupted heap in ARC/ORC with -fno-delete-null-pointer-checks GCC flag #25184

@konradmb

Description

@konradmb

Nim Version

$ nim -v
Nim Compiler Version 2.3.1 [Linux: amd64]
Compiled at 2025-09-19
Copyright (c) 2006-2025 by Andreas Rumpf

git hash: 87ee9c8
active boot switches: -d:release

Description

Reproducible example:

import std/[strformat]

proc logWarning*(msg: string) =
  echo fmt"🟡 WARNING: {msg}"
  echo fmt"🟡 WARNING: {msg}"
  echo fmt"🟡 WARNING: {msg}"
  echo fmt"🟡 WARNING: {msg}"

proc logInfo*(msg: string) =
  echo fmt"🔵 INFO: {msg}"

when isMainModule:
  while true:
    logWarning("A very long warning message A very long warning message")

Compiled with:

nim cpp --passL:"-O1 -fno-delete-null-pointer-checks" --passc:"-O1 -fno-delete-null-pointer-checks" -d:useMalloc -d:debug crashtest.nim

or

nim c --passL:"-O1 -fno-delete-null-pointer-checks" --passc:"-O1 -fno-delete-null-pointer-checks" -d:useMalloc -d:debug crashtest.nim

The memory is getting corrupted after around 590 echos (1300 on C backend) and the program is terminated with SIGABRT.

Required switches:

  • -fno-delete-null-pointer-checks - this one is the culprit 100%
  • -d:useMalloc
  • -O1/-O2/-O3 (although I can reproduce the crash on RP2040 with O0 and Os

Current Output

cpp backend:

[...]
🟡 WARNING: A very long warning message A very long warning message
🟡 WARNING: A very long warning message A very long warning message
🟡 WARNING: A very long warning message A very long warning message
malloc(): corrupted top size
Traceback (most recent call last)
/tmp/crashtest.nim(14)   crashtest
/tmp/crashtest.nim(7)    logWarning
SIGABRT: Abnormal termination.


c backend:

🟡 WARNING: A very long warning message A very long warning message
🟡 WARNING: A very long warning message A very long warning message
malloc(): invalid size (unsorted)
malloc(): invalid size (unsorted)

Expected Output

🟡 WARNING: A very long warning message A very long warning message

forever

Known Workarounds

Do not use -fno-delete-null-pointer-checks? Or this one reveals the bug?

Additional Information

I've found this bug originally on RP2040 (so -d:useMalloc is needed), but found out it's reproducible on x86-64.

Valgrind output:

Details

[konrad@konrad-x570 tmp]$ valgrind --leak-check=full ./crashtest 1>/dev/null
==131269== Memcheck, a memory error detector
==131269== Copyright (C) 2002-2024, and GNU GPL'd, by Julian Seward et al.
==131269== Using Valgrind-3.25.1 and LibVEX; rerun with -h for copyright info
==131269== Command: ./crashtest
==131269== 
==131269== Conditional jump or move depends on uninitialised value(s)
==131269==    at 0x405B83: prepareAdd(NimStringV2&, long) (@psystem.nim.cpp:2080)
==131269==    by 0x4095B4: logWarning__crashtest_u2(NimStringV2) (@mcrashtest.nim.cpp:214)
==131269==    by 0x409D3B: NimMainModule() (@mcrashtest.nim.cpp:321)
==131269==    by 0x409D77: NimMainInner (@mcrashtest.nim.cpp:297)
==131269==    by 0x409D77: NimMain() (@mcrashtest.nim.cpp:303)
==131269==    by 0x409D94: main (@mcrashtest.nim.cpp:311)
==131269== 
==131269== Conditional jump or move depends on uninitialised value(s)
==131269==    at 0x405C04: prepareAdd(NimStringV2&, long) (@psystem.nim.cpp:2130)
==131269==    by 0x4095B4: logWarning__crashtest_u2(NimStringV2) (@mcrashtest.nim.cpp:214)
==131269==    by 0x409D3B: NimMainModule() (@mcrashtest.nim.cpp:321)
==131269==    by 0x409D77: NimMainInner (@mcrashtest.nim.cpp:297)
==131269==    by 0x409D77: NimMain() (@mcrashtest.nim.cpp:303)
==131269==    by 0x409D94: main (@mcrashtest.nim.cpp:311)
==131269== 
==131269== Conditional jump or move depends on uninitialised value(s)
==131269==    at 0x405C09: resize__system_u2268 (@psystem.nim.cpp:1020)
==131269==    by 0x405C09: prepareAdd(NimStringV2&, long) (@psystem.nim.cpp:2134)
==131269==    by 0x4095B4: logWarning__crashtest_u2(NimStringV2) (@mcrashtest.nim.cpp:214)
==131269==    by 0x409D3B: NimMainModule() (@mcrashtest.nim.cpp:321)
==131269==    by 0x409D77: NimMainInner (@mcrashtest.nim.cpp:297)
==131269==    by 0x409D77: NimMain() (@mcrashtest.nim.cpp:303)
==131269==    by 0x409D94: main (@mcrashtest.nim.cpp:311)
==131269== 
==131269== Conditional jump or move depends on uninitialised value(s)
==131269==    at 0x405B83: prepareAdd(NimStringV2&, long) (@psystem.nim.cpp:2080)
==131269==    by 0x409817: logWarning__crashtest_u2(NimStringV2) (@mcrashtest.nim.cpp:226)
==131269==    by 0x409D3B: NimMainModule() (@mcrashtest.nim.cpp:321)
==131269==    by 0x409D77: NimMainInner (@mcrashtest.nim.cpp:297)
==131269==    by 0x409D77: NimMain() (@mcrashtest.nim.cpp:303)
==131269==    by 0x409D94: main (@mcrashtest.nim.cpp:311)
==131269== 
==131269== Conditional jump or move depends on uninitialised value(s)
==131269==    at 0x405C04: prepareAdd(NimStringV2&, long) (@psystem.nim.cpp:2130)
==131269==    by 0x409817: logWarning__crashtest_u2(NimStringV2) (@mcrashtest.nim.cpp:226)
==131269==    by 0x409D3B: NimMainModule() (@mcrashtest.nim.cpp:321)
==131269==    by 0x409D77: NimMainInner (@mcrashtest.nim.cpp:297)
==131269==    by 0x409D77: NimMain() (@mcrashtest.nim.cpp:303)
==131269==    by 0x409D94: main (@mcrashtest.nim.cpp:311)
==131269== 
==131269== Conditional jump or move depends on uninitialised value(s)
==131269==    at 0x405C09: resize__system_u2268 (@psystem.nim.cpp:1020)
==131269==    by 0x405C09: prepareAdd(NimStringV2&, long) (@psystem.nim.cpp:2134)
==131269==    by 0x409817: logWarning__crashtest_u2(NimStringV2) (@mcrashtest.nim.cpp:226)
==131269==    by 0x409D3B: NimMainModule() (@mcrashtest.nim.cpp:321)
==131269==    by 0x409D77: NimMainInner (@mcrashtest.nim.cpp:297)
==131269==    by 0x409D77: NimMain() (@mcrashtest.nim.cpp:303)
==131269==    by 0x409D94: main (@mcrashtest.nim.cpp:311)
==131269== 
==131269== Conditional jump or move depends on uninitialised value(s)
==131269==    at 0x405B83: prepareAdd(NimStringV2&, long) (@psystem.nim.cpp:2080)
==131269==    by 0x40995D: logWarning__crashtest_u2(NimStringV2) (@mcrashtest.nim.cpp:238)
==131269==    by 0x409D3B: NimMainModule() (@mcrashtest.nim.cpp:321)
==131269==    by 0x409D77: NimMainInner (@mcrashtest.nim.cpp:297)
==131269==    by 0x409D77: NimMain() (@mcrashtest.nim.cpp:303)
==131269==    by 0x409D94: main (@mcrashtest.nim.cpp:311)
==131269== 
==131269== Conditional jump or move depends on uninitialised value(s)
==131269==    at 0x405C04: prepareAdd(NimStringV2&, long) (@psystem.nim.cpp:2130)
==131269==    by 0x40995D: logWarning__crashtest_u2(NimStringV2) (@mcrashtest.nim.cpp:238)
==131269==    by 0x409D3B: NimMainModule() (@mcrashtest.nim.cpp:321)
==131269==    by 0x409D77: NimMainInner (@mcrashtest.nim.cpp:297)
==131269==    by 0x409D77: NimMain() (@mcrashtest.nim.cpp:303)
==131269==    by 0x409D94: main (@mcrashtest.nim.cpp:311)
==131269== 
==131269== Conditional jump or move depends on uninitialised value(s)
==131269==    at 0x405C09: resize__system_u2268 (@psystem.nim.cpp:1020)
==131269==    by 0x405C09: prepareAdd(NimStringV2&, long) (@psystem.nim.cpp:2134)
==131269==    by 0x40995D: logWarning__crashtest_u2(NimStringV2) (@mcrashtest.nim.cpp:238)
==131269==    by 0x409D3B: NimMainModule() (@mcrashtest.nim.cpp:321)
==131269==    by 0x409D77: NimMainInner (@mcrashtest.nim.cpp:297)
==131269==    by 0x409D77: NimMain() (@mcrashtest.nim.cpp:303)
==131269==    by 0x409D94: main (@mcrashtest.nim.cpp:311)
==131269== 
==131269== Conditional jump or move depends on uninitialised value(s)
==131269==    at 0x405B83: prepareAdd(NimStringV2&, long) (@psystem.nim.cpp:2080)
==131269==    by 0x409A85: logWarning__crashtest_u2(NimStringV2) (@mcrashtest.nim.cpp:250)
==131269==    by 0x409D3B: NimMainModule() (@mcrashtest.nim.cpp:321)
==131269==    by 0x409D77: NimMainInner (@mcrashtest.nim.cpp:297)
==131269==    by 0x409D77: NimMain() (@mcrashtest.nim.cpp:303)
==131269==    by 0x409D94: main (@mcrashtest.nim.cpp:311)
==131269== 
==131269== Conditional jump or move depends on uninitialised value(s)
==131269==    at 0x405C04: prepareAdd(NimStringV2&, long) (@psystem.nim.cpp:2130)
==131269==    by 0x409A85: logWarning__crashtest_u2(NimStringV2) (@mcrashtest.nim.cpp:250)
==131269==    by 0x409D3B: NimMainModule() (@mcrashtest.nim.cpp:321)
==131269==    by 0x409D77: NimMainInner (@mcrashtest.nim.cpp:297)
==131269==    by 0x409D77: NimMain() (@mcrashtest.nim.cpp:303)
==131269==    by 0x409D94: main (@mcrashtest.nim.cpp:311)
==131269== 
==131269== Conditional jump or move depends on uninitialised value(s)
==131269==    at 0x405C09: resize__system_u2268 (@psystem.nim.cpp:1020)
==131269==    by 0x405C09: prepareAdd(NimStringV2&, long) (@psystem.nim.cpp:2134)
==131269==    by 0x409A85: logWarning__crashtest_u2(NimStringV2) (@mcrashtest.nim.cpp:250)
==131269==    by 0x409D3B: NimMainModule() (@mcrashtest.nim.cpp:321)
==131269==    by 0x409D77: NimMainInner (@mcrashtest.nim.cpp:297)
==131269==    by 0x409D77: NimMain() (@mcrashtest.nim.cpp:303)
==131269==    by 0x409D94: main (@mcrashtest.nim.cpp:311)
==131269== 
==131269== Conditional jump or move depends on uninitialised value(s)
==131269==    at 0x405B83: prepareAdd(NimStringV2&, long) (@psystem.nim.cpp:2080)
==131269==    by 0x40942C: formatValue__crashtest_u18(NimStringV2&, NimStringV2) (@pstrformat.nim.cpp:313)
==131269==    by 0x4099D4: logWarning__crashtest_u2(NimStringV2) (@mcrashtest.nim.cpp:240)
==131269==    by 0x409D3B: NimMainModule() (@mcrashtest.nim.cpp:321)
==131269==    by 0x409D77: NimMainInner (@mcrashtest.nim.cpp:297)
==131269==    by 0x409D77: NimMain() (@mcrashtest.nim.cpp:303)
==131269==    by 0x409D94: main (@mcrashtest.nim.cpp:311)
==131269== 
==131269== Conditional jump or move depends on uninitialised value(s)
==131269==    at 0x405C04: prepareAdd(NimStringV2&, long) (@psystem.nim.cpp:2130)
==131269==    by 0x40942C: formatValue__crashtest_u18(NimStringV2&, NimStringV2) (@pstrformat.nim.cpp:313)
==131269==    by 0x4099D4: logWarning__crashtest_u2(NimStringV2) (@mcrashtest.nim.cpp:240)
==131269==    by 0x409D3B: NimMainModule() (@mcrashtest.nim.cpp:321)
==131269==    by 0x409D77: NimMainInner (@mcrashtest.nim.cpp:297)
==131269==    by 0x409D77: NimMain() (@mcrashtest.nim.cpp:303)
==131269==    by 0x409D94: main (@mcrashtest.nim.cpp:311)
==131269== 
==131269== Invalid write of size 2
==131269==    at 0x484CE43: memmove (vg_replace_strmem.c:1415)
==131269==    by 0x40944A: nimCopyMem (@pstrformat.nim.cpp:118)
==131269==    by 0x40944A: copyMem__system_u1737 (@pstrformat.nim.cpp:122)
==131269==    by 0x40944A: appendString (@pstrformat.nim.cpp:135)
==131269==    by 0x40944A: formatValue__crashtest_u18(NimStringV2&, NimStringV2) (@pstrformat.nim.cpp:314)
==131269==    by 0x4099D4: logWarning__crashtest_u2(NimStringV2) (@mcrashtest.nim.cpp:240)
==131269==    by 0x409D3B: NimMainModule() (@mcrashtest.nim.cpp:321)
==131269==    by 0x409D77: NimMainInner (@mcrashtest.nim.cpp:297)
==131269==    by 0x409D77: NimMain() (@mcrashtest.nim.cpp:303)
==131269==    by 0x409D94: main (@mcrashtest.nim.cpp:311)
==131269==  Address 0x4e1c736 is 0 bytes after a block of size 38 alloc'd
==131269==    at 0x483EB26: malloc (vg_replace_malloc.c:446)
==131269==    by 0x401C8B: allocImpl__system_u1753 (@psystem.nim.cpp:576)
==131269==    by 0x401C8B: allocSharedImpl (@psystem.nim.cpp:582)
==131269==    by 0x401C8B: rawNewString(long) (@psystem.nim.cpp:2221)
==131269==    by 0x409944: logWarning__crashtest_u2(NimStringV2) (@mcrashtest.nim.cpp:237)
==131269==    by 0x409D3B: NimMainModule() (@mcrashtest.nim.cpp:321)
==131269==    by 0x409D77: NimMainInner (@mcrashtest.nim.cpp:297)
==131269==    by 0x409D77: NimMain() (@mcrashtest.nim.cpp:303)
==131269==    by 0x409D94: main (@mcrashtest.nim.cpp:311)
==131269== 
==131269== Invalid write of size 1
==131269==    at 0x484CE73: memmove (vg_replace_strmem.c:1415)
==131269==    by 0x40944A: nimCopyMem (@pstrformat.nim.cpp:118)
==131269==    by 0x40944A: copyMem__system_u1737 (@pstrformat.nim.cpp:122)
==131269==    by 0x40944A: appendString (@pstrformat.nim.cpp:135)
==131269==    by 0x40944A: formatValue__crashtest_u18(NimStringV2&, NimStringV2) (@pstrformat.nim.cpp:314)
==131269==    by 0x4099D4: logWarning__crashtest_u2(NimStringV2) (@mcrashtest.nim.cpp:240)
==131269==    by 0x409D3B: NimMainModule() (@mcrashtest.nim.cpp:321)
==131269==    by 0x409D77: NimMainInner (@mcrashtest.nim.cpp:297)
==131269==    by 0x409D77: NimMain() (@mcrashtest.nim.cpp:303)
==131269==    by 0x409D94: main (@mcrashtest.nim.cpp:311)
==131269==  Address 0x4e1c75c is 76 bytes inside a block of size 80 in arena "client"
==131269== 
==131269== Invalid write of size 1
==131269==    at 0x40945A: appendString (@pstrformat.nim.cpp:140)
==131269==    by 0x40945A: formatValue__crashtest_u18(NimStringV2&, NimStringV2) (@pstrformat.nim.cpp:314)
==131269==    by 0x4099D4: logWarning__crashtest_u2(NimStringV2) (@mcrashtest.nim.cpp:240)
==131269==    by 0x409D3B: NimMainModule() (@mcrashtest.nim.cpp:321)
==131269==    by 0x409D77: NimMainInner (@mcrashtest.nim.cpp:297)
==131269==    by 0x409D77: NimMain() (@mcrashtest.nim.cpp:303)
==131269==    by 0x409D94: main (@mcrashtest.nim.cpp:311)
==131269==  Address 0x4e1c75d is 77 bytes inside a block of size 80 in arena "client"
==131269== 
==131269== Invalid read of size 1
==131269==    at 0x484DD8E: mempcpy (vg_replace_strmem.c:1701)
==131269==    by 0x4C7C28E: _IO_new_file_xsputn (fileops.c:1296)
==131269==    by 0x4C7C28E: _IO_file_xsputn@@GLIBC_2.2.5 (fileops.c:1257)
==131269==    by 0x4C6EF07: fwrite (iofwrite.c:39)
==131269==    by 0x408304: echoBinSafe(NimStringV2*, long) (@psystem.nim.cpp:3773)
==131269==    by 0x409A32: logWarning__crashtest_u2(NimStringV2) (@mcrashtest.nim.cpp:244)
==131269==    by 0x409D3B: NimMainModule() (@mcrashtest.nim.cpp:321)
==131269==    by 0x409D77: NimMainInner (@mcrashtest.nim.cpp:297)
==131269==    by 0x409D77: NimMain() (@mcrashtest.nim.cpp:303)
==131269==    by 0x409D94: main (@mcrashtest.nim.cpp:311)
==131269==  Address 0x4e1c736 is 0 bytes after a block of size 38 alloc'd
==131269==    at 0x483EB26: malloc (vg_replace_malloc.c:446)
==131269==    by 0x401C8B: allocImpl__system_u1753 (@psystem.nim.cpp:576)
==131269==    by 0x401C8B: allocSharedImpl (@psystem.nim.cpp:582)
==131269==    by 0x401C8B: rawNewString(long) (@psystem.nim.cpp:2221)
==131269==    by 0x409944: logWarning__crashtest_u2(NimStringV2) (@mcrashtest.nim.cpp:237)
==131269==    by 0x409D3B: NimMainModule() (@mcrashtest.nim.cpp:321)
==131269==    by 0x409D77: NimMainInner (@mcrashtest.nim.cpp:297)
==131269==    by 0x409D77: NimMain() (@mcrashtest.nim.cpp:303)
==131269==    by 0x409D94: main (@mcrashtest.nim.cpp:311)
==131269== 
==131269== Invalid read of size 1
==131269==    at 0x484DD80: mempcpy (vg_replace_strmem.c:1701)
==131269==    by 0x4C7C28E: _IO_new_file_xsputn (fileops.c:1296)
==131269==    by 0x4C7C28E: _IO_file_xsputn@@GLIBC_2.2.5 (fileops.c:1257)
==131269==    by 0x4C6EF07: fwrite (iofwrite.c:39)
==131269==    by 0x408304: echoBinSafe(NimStringV2*, long) (@psystem.nim.cpp:3773)
==131269==    by 0x409A32: logWarning__crashtest_u2(NimStringV2) (@mcrashtest.nim.cpp:244)
==131269==    by 0x409D3B: NimMainModule() (@mcrashtest.nim.cpp:321)
==131269==    by 0x409D77: NimMainInner (@mcrashtest.nim.cpp:297)
==131269==    by 0x409D77: NimMain() (@mcrashtest.nim.cpp:303)
==131269==    by 0x409D94: main (@mcrashtest.nim.cpp:311)
==131269==  Address 0x4e1c737 is 1 bytes after a block of size 38 alloc'd
==131269==    at 0x483EB26: malloc (vg_replace_malloc.c:446)
==131269==    by 0x401C8B: allocImpl__system_u1753 (@psystem.nim.cpp:576)
==131269==    by 0x401C8B: allocSharedImpl (@psystem.nim.cpp:582)
==131269==    by 0x401C8B: rawNewString(long) (@psystem.nim.cpp:2221)
==131269==    by 0x409944: logWarning__crashtest_u2(NimStringV2) (@mcrashtest.nim.cpp:237)
==131269==    by 0x409D3B: NimMainModule() (@mcrashtest.nim.cpp:321)
==131269==    by 0x409D77: NimMainInner (@mcrashtest.nim.cpp:297)
==131269==    by 0x409D77: NimMain() (@mcrashtest.nim.cpp:303)
==131269==    by 0x409D94: main (@mcrashtest.nim.cpp:311)
==131269== 
==131269== Conditional jump or move depends on uninitialised value(s)
==131269==    at 0x409686: logWarning__crashtest_u2(NimStringV2) (@mcrashtest.nim.cpp:270)
==131269==    by 0x409D3B: NimMainModule() (@mcrashtest.nim.cpp:321)
==131269==    by 0x409D77: NimMainInner (@mcrashtest.nim.cpp:297)
==131269==    by 0x409D77: NimMain() (@mcrashtest.nim.cpp:303)
==131269==    by 0x409D94: main (@mcrashtest.nim.cpp:311)
==131269== 
==131269== Conditional jump or move depends on uninitialised value(s)
==131269==    at 0x405B83: prepareAdd(NimStringV2&, long) (@psystem.nim.cpp:2080)
==131269==    by 0x40942C: formatValue__crashtest_u18(NimStringV2&, NimStringV2) (@pstrformat.nim.cpp:313)
==131269==    by 0x409AF0: logWarning__crashtest_u2(NimStringV2) (@mcrashtest.nim.cpp:252)
==131269==    by 0x409D3B: NimMainModule() (@mcrashtest.nim.cpp:321)
==131269==    by 0x409D77: NimMainInner (@mcrashtest.nim.cpp:297)
==131269==    by 0x409D77: NimMain() (@mcrashtest.nim.cpp:303)
==131269==    by 0x409D94: main (@mcrashtest.nim.cpp:311)
==131269== 
==131269== Conditional jump or move depends on uninitialised value(s)
==131269==    at 0x405C04: prepareAdd(NimStringV2&, long) (@psystem.nim.cpp:2130)
==131269==    by 0x40942C: formatValue__crashtest_u18(NimStringV2&, NimStringV2) (@pstrformat.nim.cpp:313)
==131269==    by 0x409AF0: logWarning__crashtest_u2(NimStringV2) (@mcrashtest.nim.cpp:252)
==131269==    by 0x409D3B: NimMainModule() (@mcrashtest.nim.cpp:321)
==131269==    by 0x409D77: NimMainInner (@mcrashtest.nim.cpp:297)
==131269==    by 0x409D77: NimMain() (@mcrashtest.nim.cpp:303)
==131269==    by 0x409D94: main (@mcrashtest.nim.cpp:311)
==131269== 
==131269== Invalid write of size 2
==131269==    at 0x484CE43: memmove (vg_replace_strmem.c:1415)
==131269==    by 0x40944A: nimCopyMem (@pstrformat.nim.cpp:118)
==131269==    by 0x40944A: copyMem__system_u1737 (@pstrformat.nim.cpp:122)
==131269==    by 0x40944A: appendString (@pstrformat.nim.cpp:135)
==131269==    by 0x40944A: formatValue__crashtest_u18(NimStringV2&, NimStringV2) (@pstrformat.nim.cpp:314)
==131269==    by 0x409AF0: logWarning__crashtest_u2(NimStringV2) (@mcrashtest.nim.cpp:252)
==131269==    by 0x409D3B: NimMainModule() (@mcrashtest.nim.cpp:321)
==131269==    by 0x409D77: NimMainInner (@mcrashtest.nim.cpp:297)
==131269==    by 0x409D77: NimMain() (@mcrashtest.nim.cpp:303)
==131269==    by 0x409D94: main (@mcrashtest.nim.cpp:311)
==131269==  Address 0x4e1d916 is 0 bytes after a block of size 38 alloc'd
==131269==    at 0x483EB26: malloc (vg_replace_malloc.c:446)
==131269==    by 0x401C8B: allocImpl__system_u1753 (@psystem.nim.cpp:576)
==131269==    by 0x401C8B: allocSharedImpl (@psystem.nim.cpp:582)
==131269==    by 0x401C8B: rawNewString(long) (@psystem.nim.cpp:2221)
==131269==    by 0x409A6C: logWarning__crashtest_u2(NimStringV2) (@mcrashtest.nim.cpp:249)
==131269==    by 0x409D3B: NimMainModule() (@mcrashtest.nim.cpp:321)
==131269==    by 0x409D77: NimMainInner (@mcrashtest.nim.cpp:297)
==131269==    by 0x409D77: NimMain() (@mcrashtest.nim.cpp:303)
==131269==    by 0x409D94: main (@mcrashtest.nim.cpp:311)
==131269== 
==131269== Invalid write of size 1
==131269==    at 0x484CE73: memmove (vg_replace_strmem.c:1415)
==131269==    by 0x40944A: nimCopyMem (@pstrformat.nim.cpp:118)
==131269==    by 0x40944A: copyMem__system_u1737 (@pstrformat.nim.cpp:122)
==131269==    by 0x40944A: appendString (@pstrformat.nim.cpp:135)
==131269==    by 0x40944A: formatValue__crashtest_u18(NimStringV2&, NimStringV2) (@pstrformat.nim.cpp:314)
==131269==    by 0x409AF0: logWarning__crashtest_u2(NimStringV2) (@mcrashtest.nim.cpp:252)
==131269==    by 0x409D3B: NimMainModule() (@mcrashtest.nim.cpp:321)
==131269==    by 0x409D77: NimMainInner (@mcrashtest.nim.cpp:297)
==131269==    by 0x409D77: NimMain() (@mcrashtest.nim.cpp:303)
==131269==    by 0x409D94: main (@mcrashtest.nim.cpp:311)
==131269==  Address 0x4e1d93c is 76 bytes inside a block of size 80 in arena "client"
==131269== 
==131269== Invalid write of size 1
==131269==    at 0x40945A: appendString (@pstrformat.nim.cpp:140)
==131269==    by 0x40945A: formatValue__crashtest_u18(NimStringV2&, NimStringV2) (@pstrformat.nim.cpp:314)
==131269==    by 0x409AF0: logWarning__crashtest_u2(NimStringV2) (@mcrashtest.nim.cpp:252)
==131269==    by 0x409D3B: NimMainModule() (@mcrashtest.nim.cpp:321)
==131269==    by 0x409D77: NimMainInner (@mcrashtest.nim.cpp:297)
==131269==    by 0x409D77: NimMain() (@mcrashtest.nim.cpp:303)
==131269==    by 0x409D94: main (@mcrashtest.nim.cpp:311)
==131269==  Address 0x4e1d93d is 77 bytes inside a block of size 80 in arena "client"
==131269== 
==131269== Conditional jump or move depends on uninitialised value(s)
==131269==    at 0x409676: logWarning__crashtest_u2(NimStringV2) (@mcrashtest.nim.cpp:267)
==131269==    by 0x409D3B: NimMainModule() (@mcrashtest.nim.cpp:321)
==131269==    by 0x409D77: NimMainInner (@mcrashtest.nim.cpp:297)
==131269==    by 0x409D77: NimMain() (@mcrashtest.nim.cpp:303)
==131269==    by 0x409D94: main (@mcrashtest.nim.cpp:311)
==131269== 
==131269== Conditional jump or move depends on uninitialised value(s)
==131269==    at 0x405C09: resize__system_u2268 (@psystem.nim.cpp:1020)
==131269==    by 0x405C09: prepareAdd(NimStringV2&, long) (@psystem.nim.cpp:2134)
==131269==    by 0x40942C: formatValue__crashtest_u18(NimStringV2&, NimStringV2) (@pstrformat.nim.cpp:313)
==131269==    by 0x4099D4: logWarning__crashtest_u2(NimStringV2) (@mcrashtest.nim.cpp:240)
==131269==    by 0x409D3B: NimMainModule() (@mcrashtest.nim.cpp:321)
==131269==    by 0x409D77: NimMainInner (@mcrashtest.nim.cpp:297)
==131269==    by 0x409D77: NimMain() (@mcrashtest.nim.cpp:303)
==131269==    by 0x409D94: main (@mcrashtest.nim.cpp:311)
==131269== 
==131269== Conditional jump or move depends on uninitialised value(s)
==131269==    at 0x405C15: resize__system_u2268 (@psystem.nim.cpp:1031)
==131269==    by 0x405C15: prepareAdd(NimStringV2&, long) (@psystem.nim.cpp:2134)
==131269==    by 0x40942C: formatValue__crashtest_u18(NimStringV2&, NimStringV2) (@pstrformat.nim.cpp:313)
==131269==    by 0x4099D4: logWarning__crashtest_u2(NimStringV2) (@mcrashtest.nim.cpp:240)
==131269==    by 0x409D3B: NimMainModule() (@mcrashtest.nim.cpp:321)
==131269==    by 0x409D77: NimMainInner (@mcrashtest.nim.cpp:297)
==131269==    by 0x409D77: NimMain() (@mcrashtest.nim.cpp:303)
==131269==    by 0x409D94: main (@mcrashtest.nim.cpp:311)
==131269== 
==131269== Conditional jump or move depends on uninitialised value(s)
==131269==    at 0x405C1F: resize__system_u2268 (@psystem.nim.cpp:1035)
==131269==    by 0x405C1F: prepareAdd(NimStringV2&, long) (@psystem.nim.cpp:2134)
==131269==    by 0x40942C: formatValue__crashtest_u18(NimStringV2&, NimStringV2) (@pstrformat.nim.cpp:313)
==131269==    by 0x4099D4: logWarning__crashtest_u2(NimStringV2) (@mcrashtest.nim.cpp:240)
==131269==    by 0x409D3B: NimMainModule() (@mcrashtest.nim.cpp:321)
==131269==    by 0x409D77: NimMainInner (@mcrashtest.nim.cpp:297)
==131269==    by 0x409D77: NimMain() (@mcrashtest.nim.cpp:303)
==131269==    by 0x409D94: main (@mcrashtest.nim.cpp:311)
==131269== 
==131269== Conditional jump or move depends on uninitialised value(s)
==131269==    at 0x405C39: prepareAdd(NimStringV2&, long) (@psystem.nim.cpp:2136)
==131269==    by 0x40942C: formatValue__crashtest_u18(NimStringV2&, NimStringV2) (@pstrformat.nim.cpp:313)
==131269==    by 0x4099D4: logWarning__crashtest_u2(NimStringV2) (@mcrashtest.nim.cpp:240)
==131269==    by 0x409D3B: NimMainModule() (@mcrashtest.nim.cpp:321)
==131269==    by 0x409D77: NimMainInner (@mcrashtest.nim.cpp:297)
==131269==    by 0x409D77: NimMain() (@mcrashtest.nim.cpp:303)
==131269==    by 0x409D94: main (@mcrashtest.nim.cpp:311)
==131269== 
==131269== Conditional jump or move depends on uninitialised value(s)
==131269==    at 0x405C43: prepareAdd(NimStringV2&, long) (@psystem.nim.cpp:2139)
==131269==    by 0x40942C: formatValue__crashtest_u18(NimStringV2&, NimStringV2) (@pstrformat.nim.cpp:313)
==131269==    by 0x4099D4: logWarning__crashtest_u2(NimStringV2) (@mcrashtest.nim.cpp:240)
==131269==    by 0x409D3B: NimMainModule() (@mcrashtest.nim.cpp:321)
==131269==    by 0x409D77: NimMainInner (@mcrashtest.nim.cpp:297)
==131269==    by 0x409D77: NimMain() (@mcrashtest.nim.cpp:303)
==131269==    by 0x409D94: main (@mcrashtest.nim.cpp:311)
==131269== 
==131269== Conditional jump or move depends on uninitialised value(s)
==131269==    at 0x405C4C: prepareAdd(NimStringV2&, long) (@psystem.nim.cpp:2142)
==131269==    by 0x40942C: formatValue__crashtest_u18(NimStringV2&, NimStringV2) (@pstrformat.nim.cpp:313)
==131269==    by 0x4099D4: logWarning__crashtest_u2(NimStringV2) (@mcrashtest.nim.cpp:240)
==131269==    by 0x409D3B: NimMainModule() (@mcrashtest.nim.cpp:321)
==131269==    by 0x409D77: NimMainInner (@mcrashtest.nim.cpp:297)
==131269==    by 0x409D77: NimMain() (@mcrashtest.nim.cpp:303)
==131269==    by 0x409D94: main (@mcrashtest.nim.cpp:311)
==131269== 
==131269== Conditional jump or move depends on uninitialised value(s)
==131269==    at 0x48465B1: realloc (vg_replace_malloc.c:1801)
==131269==    by 0x405C5C: reallocImpl__system_u1759 (@psystem.nim.cpp:606)
==131269==    by 0x405C5C: reallocSharedImpl__system_u1772 (@psystem.nim.cpp:612)
==131269==    by 0x405C5C: prepareAdd(NimStringV2&, long) (@psystem.nim.cpp:2145)
==131269==    by 0x40942C: formatValue__crashtest_u18(NimStringV2&, NimStringV2) (@pstrformat.nim.cpp:313)
==131269==    by 0x4099D4: logWarning__crashtest_u2(NimStringV2) (@mcrashtest.nim.cpp:240)
==131269==    by 0x409D3B: NimMainModule() (@mcrashtest.nim.cpp:321)
==131269==    by 0x409D77: NimMainInner (@mcrashtest.nim.cpp:297)
==131269==    by 0x409D77: NimMain() (@mcrashtest.nim.cpp:303)
==131269==    by 0x409D94: main (@mcrashtest.nim.cpp:311)
==131269== 
==131269== Conditional jump or move depends on uninitialised value(s)
==131269==    at 0x405C67: prepareAdd(NimStringV2&, long) (@psystem.nim.cpp:2151)
==131269==    by 0x40942C: formatValue__crashtest_u18(NimStringV2&, NimStringV2) (@pstrformat.nim.cpp:313)
==131269==    by 0x4099D4: logWarning__crashtest_u2(NimStringV2) (@mcrashtest.nim.cpp:240)
==131269==    by 0x409D3B: NimMainModule() (@mcrashtest.nim.cpp:321)
==131269==    by 0x409D77: NimMainInner (@mcrashtest.nim.cpp:297)
==131269==    by 0x409D77: NimMain() (@mcrashtest.nim.cpp:303)
==131269==    by 0x409D94: main (@mcrashtest.nim.cpp:311)
==131269== 
==131269== Conditional jump or move depends on uninitialised value(s)
==131269==    at 0x405B83: prepareAdd(NimStringV2&, long) (@psystem.nim.cpp:2080)
==131269==    by 0x40942C: formatValue__crashtest_u18(NimStringV2&, NimStringV2) (@pstrformat.nim.cpp:313)
==131269==    by 0x409751: logWarning__crashtest_u2(NimStringV2) (@mcrashtest.nim.cpp:216)
==131269==    by 0x409D3B: NimMainModule() (@mcrashtest.nim.cpp:321)
==131269==    by 0x409D77: NimMainInner (@mcrashtest.nim.cpp:297)
==131269==    by 0x409D77: NimMain() (@mcrashtest.nim.cpp:303)
==131269==    by 0x409D94: main (@mcrashtest.nim.cpp:311)
==131269== 
==131269== Conditional jump or move depends on uninitialised value(s)
==131269==    at 0x405C04: prepareAdd(NimStringV2&, long) (@psystem.nim.cpp:2130)
==131269==    by 0x40942C: formatValue__crashtest_u18(NimStringV2&, NimStringV2) (@pstrformat.nim.cpp:313)
==131269==    by 0x409751: logWarning__crashtest_u2(NimStringV2) (@mcrashtest.nim.cpp:216)
==131269==    by 0x409D3B: NimMainModule() (@mcrashtest.nim.cpp:321)
==131269==    by 0x409D77: NimMainInner (@mcrashtest.nim.cpp:297)
==131269==    by 0x409D77: NimMain() (@mcrashtest.nim.cpp:303)
==131269==    by 0x409D94: main (@mcrashtest.nim.cpp:311)
==131269== 
==131269== Conditional jump or move depends on uninitialised value(s)
==131269==    at 0x405C09: resize__system_u2268 (@psystem.nim.cpp:1020)
==131269==    by 0x405C09: prepareAdd(NimStringV2&, long) (@psystem.nim.cpp:2134)
==131269==    by 0x40942C: formatValue__crashtest_u18(NimStringV2&, NimStringV2) (@pstrformat.nim.cpp:313)
==131269==    by 0x409751: logWarning__crashtest_u2(NimStringV2) (@mcrashtest.nim.cpp:216)
==131269==    by 0x409D3B: NimMainModule() (@mcrashtest.nim.cpp:321)
==131269==    by 0x409D77: NimMainInner (@mcrashtest.nim.cpp:297)
==131269==    by 0x409D77: NimMain() (@mcrashtest.nim.cpp:303)
==131269==    by 0x409D94: main (@mcrashtest.nim.cpp:311)
==131269== 
==131269== Conditional jump or move depends on uninitialised value(s)
==131269==    at 0x405C15: resize__system_u2268 (@psystem.nim.cpp:1031)
==131269==    by 0x405C15: prepareAdd(NimStringV2&, long) (@psystem.nim.cpp:2134)
==131269==    by 0x40942C: formatValue__crashtest_u18(NimStringV2&, NimStringV2) (@pstrformat.nim.cpp:313)
==131269==    by 0x409751: logWarning__crashtest_u2(NimStringV2) (@mcrashtest.nim.cpp:216)
==131269==    by 0x409D3B: NimMainModule() (@mcrashtest.nim.cpp:321)
==131269==    by 0x409D77: NimMainInner (@mcrashtest.nim.cpp:297)
==131269==    by 0x409D77: NimMain() (@mcrashtest.nim.cpp:303)
==131269==    by 0x409D94: main (@mcrashtest.nim.cpp:311)
==131269== 
==131269== Conditional jump or move depends on uninitialised value(s)
==131269==    at 0x405C1F: resize__system_u2268 (@psystem.nim.cpp:1035)
==131269==    by 0x405C1F: prepareAdd(NimStringV2&, long) (@psystem.nim.cpp:2134)
==131269==    by 0x40942C: formatValue__crashtest_u18(NimStringV2&, NimStringV2) (@pstrformat.nim.cpp:313)
==131269==    by 0x409751: logWarning__crashtest_u2(NimStringV2) (@mcrashtest.nim.cpp:216)
==131269==    by 0x409D3B: NimMainModule() (@mcrashtest.nim.cpp:321)
==131269==    by 0x409D77: NimMainInner (@mcrashtest.nim.cpp:297)
==131269==    by 0x409D77: NimMain() (@mcrashtest.nim.cpp:303)
==131269==    by 0x409D94: main (@mcrashtest.nim.cpp:311)
==131269== 
==131269== Conditional jump or move depends on uninitialised value(s)
==131269==    at 0x405C39: prepareAdd(NimStringV2&, long) (@psystem.nim.cpp:2136)
==131269==    by 0x40942C: formatValue__crashtest_u18(NimStringV2&, NimStringV2) (@pstrformat.nim.cpp:313)
==131269==    by 0x409751: logWarning__crashtest_u2(NimStringV2) (@mcrashtest.nim.cpp:216)
==131269==    by 0x409D3B: NimMainModule() (@mcrashtest.nim.cpp:321)
==131269==    by 0x409D77: NimMainInner (@mcrashtest.nim.cpp:297)
==131269==    by 0x409D77: NimMain() (@mcrashtest.nim.cpp:303)
==131269==    by 0x409D94: main (@mcrashtest.nim.cpp:311)
==131269== 
==131269== Conditional jump or move depends on uninitialised value(s)
==131269==    at 0x405C43: prepareAdd(NimStringV2&, long) (@psystem.nim.cpp:2139)
==131269==    by 0x40942C: formatValue__crashtest_u18(NimStringV2&, NimStringV2) (@pstrformat.nim.cpp:313)
==131269==    by 0x409751: logWarning__crashtest_u2(NimStringV2) (@mcrashtest.nim.cpp:216)
==131269==    by 0x409D3B: NimMainModule() (@mcrashtest.nim.cpp:321)
==131269==    by 0x409D77: NimMainInner (@mcrashtest.nim.cpp:297)
==131269==    by 0x409D77: NimMain() (@mcrashtest.nim.cpp:303)
==131269==    by 0x409D94: main (@mcrashtest.nim.cpp:311)
==131269== 
==131269== Conditional jump or move depends on uninitialised value(s)
==131269==    at 0x405C4C: prepareAdd(NimStringV2&, long) (@psystem.nim.cpp:2142)
==131269==    by 0x40942C: formatValue__crashtest_u18(NimStringV2&, NimStringV2) (@pstrformat.nim.cpp:313)
==131269==    by 0x409751: logWarning__crashtest_u2(NimStringV2) (@mcrashtest.nim.cpp:216)
==131269==    by 0x409D3B: NimMainModule() (@mcrashtest.nim.cpp:321)
==131269==    by 0x409D77: NimMainInner (@mcrashtest.nim.cpp:297)
==131269==    by 0x409D77: NimMain() (@mcrashtest.nim.cpp:303)
==131269==    by 0x409D94: main (@mcrashtest.nim.cpp:311)
==131269== 
==131269== Conditional jump or move depends on uninitialised value(s)
==131269==    at 0x48465B1: realloc (vg_replace_malloc.c:1801)
==131269==    by 0x405C5C: reallocImpl__system_u1759 (@psystem.nim.cpp:606)
==131269==    by 0x405C5C: reallocSharedImpl__system_u1772 (@psystem.nim.cpp:612)
==131269==    by 0x405C5C: prepareAdd(NimStringV2&, long) (@psystem.nim.cpp:2145)
==131269==    by 0x40942C: formatValue__crashtest_u18(NimStringV2&, NimStringV2) (@pstrformat.nim.cpp:313)
==131269==    by 0x409751: logWarning__crashtest_u2(NimStringV2) (@mcrashtest.nim.cpp:216)
==131269==    by 0x409D3B: NimMainModule() (@mcrashtest.nim.cpp:321)
==131269==    by 0x409D77: NimMainInner (@mcrashtest.nim.cpp:297)
==131269==    by 0x409D77: NimMain() (@mcrashtest.nim.cpp:303)
==131269==    by 0x409D94: main (@mcrashtest.nim.cpp:311)
==131269== 
==131269== Conditional jump or move depends on uninitialised value(s)
==131269==    at 0x405C67: prepareAdd(NimStringV2&, long) (@psystem.nim.cpp:2151)
==131269==    by 0x40942C: formatValue__crashtest_u18(NimStringV2&, NimStringV2) (@pstrformat.nim.cpp:313)
==131269==    by 0x409751: logWarning__crashtest_u2(NimStringV2) (@mcrashtest.nim.cpp:216)
==131269==    by 0x409D3B: NimMainModule() (@mcrashtest.nim.cpp:321)
==131269==    by 0x409D77: NimMainInner (@mcrashtest.nim.cpp:297)
==131269==    by 0x409D77: NimMain() (@mcrashtest.nim.cpp:303)
==131269==    by 0x409D94: main (@mcrashtest.nim.cpp:311)
==131269== 
==131269== Conditional jump or move depends on uninitialised value(s)
==131269==    at 0x405B83: prepareAdd(NimStringV2&, long) (@psystem.nim.cpp:2080)
==131269==    by 0x40942C: formatValue__crashtest_u18(NimStringV2&, NimStringV2) (@pstrformat.nim.cpp:313)
==131269==    by 0x40989A: logWarning__crashtest_u2(NimStringV2) (@mcrashtest.nim.cpp:228)
==131269==    by 0x409D3B: NimMainModule() (@mcrashtest.nim.cpp:321)
==131269==    by 0x409D77: NimMainInner (@mcrashtest.nim.cpp:297)
==131269==    by 0x409D77: NimMain() (@mcrashtest.nim.cpp:303)
==131269==    by 0x409D94: main (@mcrashtest.nim.cpp:311)
==131269== 
==131269== Conditional jump or move depends on uninitialised value(s)
==131269==    at 0x405C04: prepareAdd(NimStringV2&, long) (@psystem.nim.cpp:2130)
==131269==    by 0x40942C: formatValue__crashtest_u18(NimStringV2&, NimStringV2) (@pstrformat.nim.cpp:313)
==131269==    by 0x40989A: logWarning__crashtest_u2(NimStringV2) (@mcrashtest.nim.cpp:228)
==131269==    by 0x409D3B: NimMainModule() (@mcrashtest.nim.cpp:321)
==131269==    by 0x409D77: NimMainInner (@mcrashtest.nim.cpp:297)
==131269==    by 0x409D77: NimMain() (@mcrashtest.nim.cpp:303)
==131269==    by 0x409D94: main (@mcrashtest.nim.cpp:311)
==131269== 
==131269== Invalid write of size 2
==131269==    at 0x484CE43: memmove (vg_replace_strmem.c:1415)
==131269==    by 0x40944A: nimCopyMem (@pstrformat.nim.cpp:118)
==131269==    by 0x40944A: copyMem__system_u1737 (@pstrformat.nim.cpp:122)
==131269==    by 0x40944A: appendString (@pstrformat.nim.cpp:135)
==131269==    by 0x40944A: formatValue__crashtest_u18(NimStringV2&, NimStringV2) (@pstrformat.nim.cpp:314)
==131269==    by 0x40989A: logWarning__crashtest_u2(NimStringV2) (@mcrashtest.nim.cpp:228)
==131269==    by 0x409D3B: NimMainModule() (@mcrashtest.nim.cpp:321)
==131269==    by 0x409D77: NimMainInner (@mcrashtest.nim.cpp:297)
==131269==    by 0x409D77: NimMain() (@mcrashtest.nim.cpp:303)
==131269==    by 0x409D94: main (@mcrashtest.nim.cpp:311)
==131269==  Address 0x4e1e2b6 is 0 bytes after a block of size 38 alloc'd
==131269==    at 0x483EB26: malloc (vg_replace_malloc.c:446)
==131269==    by 0x401C8B: allocImpl__system_u1753 (@psystem.nim.cpp:576)
==131269==    by 0x401C8B: allocSharedImpl (@psystem.nim.cpp:582)
==131269==    by 0x401C8B: rawNewString(long) (@psystem.nim.cpp:2221)
==131269==    by 0x4097FE: logWarning__crashtest_u2(NimStringV2) (@mcrashtest.nim.cpp:225)
==131269==    by 0x409D3B: NimMainModule() (@mcrashtest.nim.cpp:321)
==131269==    by 0x409D77: NimMainInner (@mcrashtest.nim.cpp:297)
==131269==    by 0x409D77: NimMain() (@mcrashtest.nim.cpp:303)
==131269==    by 0x409D94: main (@mcrashtest.nim.cpp:311)
==131269== 
==131269== Invalid write of size 1
==131269==    at 0x484CE73: memmove (vg_replace_strmem.c:1415)
==131269==    by 0x40944A: nimCopyMem (@pstrformat.nim.cpp:118)
==131269==    by 0x40944A: copyMem__system_u1737 (@pstrformat.nim.cpp:122)
==131269==    by 0x40944A: appendString (@pstrformat.nim.cpp:135)
==131269==    by 0x40944A: formatValue__crashtest_u18(NimStringV2&, NimStringV2) (@pstrformat.nim.cpp:314)
==131269==    by 0x40989A: logWarning__crashtest_u2(NimStringV2) (@mcrashtest.nim.cpp:228)
==131269==    by 0x409D3B: NimMainModule() (@mcrashtest.nim.cpp:321)
==131269==    by 0x409D77: NimMainInner (@mcrashtest.nim.cpp:297)
==131269==    by 0x409D77: NimMain() (@mcrashtest.nim.cpp:303)
==131269==    by 0x409D94: main (@mcrashtest.nim.cpp:311)
==131269==  Address 0x4e1e2dc is 76 bytes inside a block of size 80 in arena "client"
==131269== 
==131269== Invalid write of size 1
==131269==    at 0x40945A: appendString (@pstrformat.nim.cpp:140)
==131269==    by 0x40945A: formatValue__crashtest_u18(NimStringV2&, NimStringV2) (@pstrformat.nim.cpp:314)
==131269==    by 0x40989A: logWarning__crashtest_u2(NimStringV2) (@mcrashtest.nim.cpp:228)
==131269==    by 0x409D3B: NimMainModule() (@mcrashtest.nim.cpp:321)
==131269==    by 0x409D77: NimMainInner (@mcrashtest.nim.cpp:297)
==131269==    by 0x409D77: NimMain() (@mcrashtest.nim.cpp:303)
==131269==    by 0x409D94: main (@mcrashtest.nim.cpp:311)
==131269==  Address 0x4e1e2dd is 77 bytes inside a block of size 80 in arena "client"
==131269== 
==131269== Conditional jump or move depends on uninitialised value(s)
==131269==    at 0x409696: logWarning__crashtest_u2(NimStringV2) (@mcrashtest.nim.cpp:273)
==131269==    by 0x409D3B: NimMainModule() (@mcrashtest.nim.cpp:321)
==131269==    by 0x409D77: NimMainInner (@mcrashtest.nim.cpp:297)
==131269==    by 0x409D77: NimMain() (@mcrashtest.nim.cpp:303)
==131269==    by 0x409D94: main (@mcrashtest.nim.cpp:311)
==131269== 
==131269== Conditional jump or move depends on uninitialised value(s)
==131269==    at 0x4096A6: logWarning__crashtest_u2(NimStringV2) (@mcrashtest.nim.cpp:276)
==131269==    by 0x409D3B: NimMainModule() (@mcrashtest.nim.cpp:321)
==131269==    by 0x409D77: NimMainInner (@mcrashtest.nim.cpp:297)
==131269==    by 0x409D77: NimMain() (@mcrashtest.nim.cpp:303)
==131269==    by 0x409D94: main (@mcrashtest.nim.cpp:311)
==131269== 
==131269== Conditional jump or move depends on uninitialised value(s)
==131269==    at 0x405C09: resize__system_u2268 (@psystem.nim.cpp:1020)
==131269==    by 0x405C09: prepareAdd(NimStringV2&, long) (@psystem.nim.cpp:2134)
==131269==    by 0x40942C: formatValue__crashtest_u18(NimStringV2&, NimStringV2) (@pstrformat.nim.cpp:313)
==131269==    by 0x40989A: logWarning__crashtest_u2(NimStringV2) (@mcrashtest.nim.cpp:228)
==131269==    by 0x409D3B: NimMainModule() (@mcrashtest.nim.cpp:321)
==131269==    by 0x409D77: NimMainInner (@mcrashtest.nim.cpp:297)
==131269==    by 0x409D77: NimMain() (@mcrashtest.nim.cpp:303)
==131269==    by 0x409D94: main (@mcrashtest.nim.cpp:311)
==131269== 
==131269== Conditional jump or move depends on uninitialised value(s)
==131269==    at 0x405C15: resize__system_u2268 (@psystem.nim.cpp:1031)
==131269==    by 0x405C15: prepareAdd(NimStringV2&, long) (@psystem.nim.cpp:2134)
==131269==    by 0x40942C: formatValue__crashtest_u18(NimStringV2&, NimStringV2) (@pstrformat.nim.cpp:313)
==131269==    by 0x40989A: logWarning__crashtest_u2(NimStringV2) (@mcrashtest.nim.cpp:228)
==131269==    by 0x409D3B: NimMainModule() (@mcrashtest.nim.cpp:321)
==131269==    by 0x409D77: NimMainInner (@mcrashtest.nim.cpp:297)
==131269==    by 0x409D77: NimMain() (@mcrashtest.nim.cpp:303)
==131269==    by 0x409D94: main (@mcrashtest.nim.cpp:311)
==131269== 
==131269== Conditional jump or move depends on uninitialised value(s)
==131269==    at 0x405C1F: resize__system_u2268 (@psystem.nim.cpp:1035)
==131269==    by 0x405C1F: prepareAdd(NimStringV2&, long) (@psystem.nim.cpp:2134)
==131269==    by 0x40942C: formatValue__crashtest_u18(NimStringV2&, NimStringV2) (@pstrformat.nim.cpp:313)
==131269==    by 0x40989A: logWarning__crashtest_u2(NimStringV2) (@mcrashtest.nim.cpp:228)
==131269==    by 0x409D3B: NimMainModule() (@mcrashtest.nim.cpp:321)
==131269==    by 0x409D77: NimMainInner (@mcrashtest.nim.cpp:297)
==131269==    by 0x409D77: NimMain() (@mcrashtest.nim.cpp:303)
==131269==    by 0x409D94: main (@mcrashtest.nim.cpp:311)
==131269== 
==131269== Conditional jump or move depends on uninitialised value(s)
==131269==    at 0x405C39: prepareAdd(NimStringV2&, long) (@psystem.nim.cpp:2136)
==131269==    by 0x40942C: formatValue__crashtest_u18(NimStringV2&, NimStringV2) (@pstrformat.nim.cpp:313)
==131269==    by 0x40989A: logWarning__crashtest_u2(NimStringV2) (@mcrashtest.nim.cpp:228)
==131269==    by 0x409D3B: NimMainModule() (@mcrashtest.nim.cpp:321)
==131269==    by 0x409D77: NimMainInner (@mcrashtest.nim.cpp:297)
==131269==    by 0x409D77: NimMain() (@mcrashtest.nim.cpp:303)
==131269==    by 0x409D94: main (@mcrashtest.nim.cpp:311)
==131269== 
==131269== Conditional jump or move depends on uninitialised value(s)
==131269==    at 0x405C43: prepareAdd(NimStringV2&, long) (@psystem.nim.cpp:2139)
==131269==    by 0x40942C: formatValue__crashtest_u18(NimStringV2&, NimStringV2) (@pstrformat.nim.cpp:313)
==131269==    by 0x40989A: logWarning__crashtest_u2(NimStringV2) (@mcrashtest.nim.cpp:228)
==131269==    by 0x409D3B: NimMainModule() (@mcrashtest.nim.cpp:321)
==131269==    by 0x409D77: NimMainInner (@mcrashtest.nim.cpp:297)
==131269==    by 0x409D77: NimMain() (@mcrashtest.nim.cpp:303)
==131269==    by 0x409D94: main (@mcrashtest.nim.cpp:311)
==131269== 
==131269== Conditional jump or move depends on uninitialised value(s)
==131269==    at 0x405C4C: prepareAdd(NimStringV2&, long) (@psystem.nim.cpp:2142)
==131269==    by 0x40942C: formatValue__crashtest_u18(NimStringV2&, NimStringV2) (@pstrformat.nim.cpp:313)
==131269==    by 0x40989A: logWarning__crashtest_u2(NimStringV2) (@mcrashtest.nim.cpp:228)
==131269==    by 0x409D3B: NimMainModule() (@mcrashtest.nim.cpp:321)
==131269==    by 0x409D77: NimMainInner (@mcrashtest.nim.cpp:297)
==131269==    by 0x409D77: NimMain() (@mcrashtest.nim.cpp:303)
==131269==    by 0x409D94: main (@mcrashtest.nim.cpp:311)
==131269== 
==131269== Conditional jump or move depends on uninitialised value(s)
==131269==    at 0x48465B1: realloc (vg_replace_malloc.c:1801)
==131269==    by 0x405C5C: reallocImpl__system_u1759 (@psystem.nim.cpp:606)
==131269==    by 0x405C5C: reallocSharedImpl__system_u1772 (@psystem.nim.cpp:612)
==131269==    by 0x405C5C: prepareAdd(NimStringV2&, long) (@psystem.nim.cpp:2145)
==131269==    by 0x40942C: formatValue__crashtest_u18(NimStringV2&, NimStringV2) (@pstrformat.nim.cpp:313)
==131269==    by 0x40989A: logWarning__crashtest_u2(NimStringV2) (@mcrashtest.nim.cpp:228)
==131269==    by 0x409D3B: NimMainModule() (@mcrashtest.nim.cpp:321)
==131269==    by 0x409D77: NimMainInner (@mcrashtest.nim.cpp:297)
==131269==    by 0x409D77: NimMain() (@mcrashtest.nim.cpp:303)
==131269==    by 0x409D94: main (@mcrashtest.nim.cpp:311)
==131269== 
==131269== Conditional jump or move depends on uninitialised value(s)
==131269==    at 0x405C67: prepareAdd(NimStringV2&, long) (@psystem.nim.cpp:2151)
==131269==    by 0x40942C: formatValue__crashtest_u18(NimStringV2&, NimStringV2) (@pstrformat.nim.cpp:313)
==131269==    by 0x40989A: logWarning__crashtest_u2(NimStringV2) (@mcrashtest.nim.cpp:228)
==131269==    by 0x409D3B: NimMainModule() (@mcrashtest.nim.cpp:321)
==131269==    by 0x409D77: NimMainInner (@mcrashtest.nim.cpp:297)
==131269==    by 0x409D77: NimMain() (@mcrashtest.nim.cpp:303)
==131269==    by 0x409D94: main (@mcrashtest.nim.cpp:311)
==131269== 
==131269== Invalid write of size 2
==131269==    at 0x484CE43: memmove (vg_replace_strmem.c:1415)
==131269==    by 0x40944A: nimCopyMem (@pstrformat.nim.cpp:118)
==131269==    by 0x40944A: copyMem__system_u1737 (@pstrformat.nim.cpp:122)
==131269==    by 0x40944A: appendString (@pstrformat.nim.cpp:135)
==131269==    by 0x40944A: formatValue__crashtest_u18(NimStringV2&, NimStringV2) (@pstrformat.nim.cpp:314)
==131269==    by 0x409751: logWarning__crashtest_u2(NimStringV2) (@mcrashtest.nim.cpp:216)
==131269==    by 0x409D3B: NimMainModule() (@mcrashtest.nim.cpp:321)
==131269==    by 0x409D77: NimMainInner (@mcrashtest.nim.cpp:297)
==131269==    by 0x409D77: NimMain() (@mcrashtest.nim.cpp:303)
==131269==    by 0x409D94: main (@mcrashtest.nim.cpp:311)
==131269==  Address 0x5a0bc06 is 0 bytes after a block of size 38 alloc'd
==131269==    at 0x483EB26: malloc (vg_replace_malloc.c:446)
==131269==    by 0x401C8B: allocImpl__system_u1753 (@psystem.nim.cpp:576)
==131269==    by 0x401C8B: allocSharedImpl (@psystem.nim.cpp:582)
==131269==    by 0x401C8B: rawNewString(long) (@psystem.nim.cpp:2221)
==131269==    by 0x409592: logWarning__crashtest_u2(NimStringV2) (@mcrashtest.nim.cpp:213)
==131269==    by 0x409D3B: NimMainModule() (@mcrashtest.nim.cpp:321)
==131269==    by 0x409D77: NimMainInner (@mcrashtest.nim.cpp:297)
==131269==    by 0x409D77: NimMain() (@mcrashtest.nim.cpp:303)
==131269==    by 0x409D94: main (@mcrashtest.nim.cpp:311)
==131269== 
==131269== Invalid write of size 1
==131269==    at 0x484CE73: memmove (vg_replace_strmem.c:1415)
==131269==    by 0x40944A: nimCopyMem (@pstrformat.nim.cpp:118)
==131269==    by 0x40944A: copyMem__system_u1737 (@pstrformat.nim.cpp:122)
==131269==    by 0x40944A: appendString (@pstrformat.nim.cpp:135)
==131269==    by 0x40944A: formatValue__crashtest_u18(NimStringV2&, NimStringV2) (@pstrformat.nim.cpp:314)
==131269==    by 0x409751: logWarning__crashtest_u2(NimStringV2) (@mcrashtest.nim.cpp:216)
==131269==    by 0x409D3B: NimMainModule() (@mcrashtest.nim.cpp:321)
==131269==    by 0x409D77: NimMainInner (@mcrashtest.nim.cpp:297)
==131269==    by 0x409D77: NimMain() (@mcrashtest.nim.cpp:303)
==131269==    by 0x409D94: main (@mcrashtest.nim.cpp:311)
==131269==  Address 0x5a0bc2c is 76 bytes inside a block of size 80 in arena "client"
==131269== 
==131269== Invalid write of size 1
==131269==    at 0x40945A: appendString (@pstrformat.nim.cpp:140)
==131269==    by 0x40945A: formatValue__crashtest_u18(NimStringV2&, NimStringV2) (@pstrformat.nim.cpp:314)
==131269==    by 0x409751: logWarning__crashtest_u2(NimStringV2) (@mcrashtest.nim.cpp:216)
==131269==    by 0x409D3B: NimMainModule() (@mcrashtest.nim.cpp:321)
==131269==    by 0x409D77: NimMainInner (@mcrashtest.nim.cpp:297)
==131269==    by 0x409D77: NimMain() (@mcrashtest.nim.cpp:303)
==131269==    by 0x409D94: main (@mcrashtest.nim.cpp:311)
==131269==  Address 0x5a0bc2d is 77 bytes inside a block of size 80 in arena "client"
==131269== 
==131269== Conditional jump or move depends on uninitialised value(s)
==131269==    at 0x405C09: resize__system_u2268 (@psystem.nim.cpp:1020)
==131269==    by 0x405C09: prepareAdd(NimStringV2&, long) (@psystem.nim.cpp:2134)
==131269==    by 0x40942C: formatValue__crashtest_u18(NimStringV2&, NimStringV2) (@pstrformat.nim.cpp:313)
==131269==    by 0x409AF0: logWarning__crashtest_u2(NimStringV2) (@mcrashtest.nim.cpp:252)
==131269==    by 0x409D3B: NimMainModule() (@mcrashtest.nim.cpp:321)
==131269==    by 0x409D77: NimMainInner (@mcrashtest.nim.cpp:297)
==131269==    by 0x409D77: NimMain() (@mcrashtest.nim.cpp:303)
==131269==    by 0x409D94: main (@mcrashtest.nim.cpp:311)
==131269== 
==131269== Conditional jump or move depends on uninitialised value(s)
==131269==    at 0x405C15: resize__system_u2268 (@psystem.nim.cpp:1031)
==131269==    by 0x405C15: prepareAdd(NimStringV2&, long) (@psystem.nim.cpp:2134)
==131269==    by 0x40942C: formatValue__crashtest_u18(NimStringV2&, NimStringV2) (@pstrformat.nim.cpp:313)
==131269==    by 0x409AF0: logWarning__crashtest_u2(NimStringV2) (@mcrashtest.nim.cpp:252)
==131269==    by 0x409D3B: NimMainModule() (@mcrashtest.nim.cpp:321)
==131269==    by 0x409D77: NimMainInner (@mcrashtest.nim.cpp:297)
==131269==    by 0x409D77: NimMain() (@mcrashtest.nim.cpp:303)
==131269==    by 0x409D94: main (@mcrashtest.nim.cpp:311)
==131269== 
==131269== Conditional jump or move depends on uninitialised value(s)
==131269==    at 0x405C1F: resize__system_u2268 (@psystem.nim.cpp:1035)
==131269==    by 0x405C1F: prepareAdd(NimStringV2&, long) (@psystem.nim.cpp:2134)
==131269==    by 0x40942C: formatValue__crashtest_u18(NimStringV2&, NimStringV2) (@pstrformat.nim.cpp:313)
==131269==    by 0x409AF0: logWarning__crashtest_u2(NimStringV2) (@mcrashtest.nim.cpp:252)
==131269==    by 0x409D3B: NimMainModule() (@mcrashtest.nim.cpp:321)
==131269==    by 0x409D77: NimMainInner (@mcrashtest.nim.cpp:297)
==131269==    by 0x409D77: NimMain() (@mcrashtest.nim.cpp:303)
==131269==    by 0x409D94: main (@mcrashtest.nim.cpp:311)
==131269== 
==131269== Conditional jump or move depends on uninitialised value(s)
==131269==    at 0x405C39: prepareAdd(NimStringV2&, long) (@psystem.nim.cpp:2136)
==131269==    by 0x40942C: formatValue__crashtest_u18(NimStringV2&, NimStringV2) (@pstrformat.nim.cpp:313)
==131269==    by 0x409AF0: logWarning__crashtest_u2(NimStringV2) (@mcrashtest.nim.cpp:252)
==131269==    by 0x409D3B: NimMainModule() (@mcrashtest.nim.cpp:321)
==131269==    by 0x409D77: NimMainInner (@mcrashtest.nim.cpp:297)
==131269==    by 0x409D77: NimMain() (@mcrashtest.nim.cpp:303)
==131269==    by 0x409D94: main (@mcrashtest.nim.cpp:311)
==131269== 
==131269== Conditional jump or move depends on uninitialised value(s)
==131269==    at 0x405C43: prepareAdd(NimStringV2&, long) (@psystem.nim.cpp:2139)
==131269==    by 0x40942C: formatValue__crashtest_u18(NimStringV2&, NimStringV2) (@pstrformat.nim.cpp:313)
==131269==    by 0x409AF0: logWarning__crashtest_u2(NimStringV2) (@mcrashtest.nim.cpp:252)
==131269==    by 0x409D3B: NimMainModule() (@mcrashtest.nim.cpp:321)
==131269==    by 0x409D77: NimMainInner (@mcrashtest.nim.cpp:297)
==131269==    by 0x409D77: NimMain() (@mcrashtest.nim.cpp:303)
==131269==    by 0x409D94: main (@mcrashtest.nim.cpp:311)
==131269== 
==131269== Conditional jump or move depends on uninitialised value(s)
==131269==    at 0x405C4C: prepareAdd(NimStringV2&, long) (@psystem.nim.cpp:2142)
==131269==    by 0x40942C: formatValue__crashtest_u18(NimStringV2&, NimStringV2) (@pstrformat.nim.cpp:313)
==131269==    by 0x409AF0: logWarning__crashtest_u2(NimStringV2) (@mcrashtest.nim.cpp:252)
==131269==    by 0x409D3B: NimMainModule() (@mcrashtest.nim.cpp:321)
==131269==    by 0x409D77: NimMainInner (@mcrashtest.nim.cpp:297)
==131269==    by 0x409D77: NimMain() (@mcrashtest.nim.cpp:303)
==131269==    by 0x409D94: main (@mcrashtest.nim.cpp:311)
==131269== 
==131269== Conditional jump or move depends on uninitialised value(s)
==131269==    at 0x48465B1: realloc (vg_replace_malloc.c:1801)
==131269==    by 0x405C5C: reallocImpl__system_u1759 (@psystem.nim.cpp:606)
==131269==    by 0x405C5C: reallocSharedImpl__system_u1772 (@psystem.nim.cpp:612)
==131269==    by 0x405C5C: prepareAdd(NimStringV2&, long) (@psystem.nim.cpp:2145)
==131269==    by 0x40942C: formatValue__crashtest_u18(NimStringV2&, NimStringV2) (@pstrformat.nim.cpp:313)
==131269==    by 0x409AF0: logWarning__crashtest_u2(NimStringV2) (@mcrashtest.nim.cpp:252)
==131269==    by 0x409D3B: NimMainModule() (@mcrashtest.nim.cpp:321)
==131269==    by 0x409D77: NimMainInner (@mcrashtest.nim.cpp:297)
==131269==    by 0x409D77: NimMain() (@mcrashtest.nim.cpp:303)
==131269==    by 0x409D94: main (@mcrashtest.nim.cpp:311)
==131269== 
==131269== Conditional jump or move depends on uninitialised value(s)
==131269==    at 0x405C67: prepareAdd(NimStringV2&, long) (@psystem.nim.cpp:2151)
==131269==    by 0x40942C: formatValue__crashtest_u18(NimStringV2&, NimStringV2) (@pstrformat.nim.cpp:313)
==131269==    by 0x409AF0: logWarning__crashtest_u2(NimStringV2) (@mcrashtest.nim.cpp:252)
==131269==    by 0x409D3B: NimMainModule() (@mcrashtest.nim.cpp:321)
==131269==    by 0x409D77: NimMainInner (@mcrashtest.nim.cpp:297)
==131269==    by 0x409D77: NimMain() (@mcrashtest.nim.cpp:303)
==131269==    by 0x409D94: main (@mcrashtest.nim.cpp:311)
==131269== 

valgrind: m_mallocfree.c:304 (get_bszB_as_is): Assertion 'bszB_lo == bszB_hi' failed.
valgrind: Heap block lo/hi size mismatch: lo = 112, hi = 435526136691.
This is probably caused by your program erroneously writing past the
end of a heap block and corrupting heap metadata.  If you fix any
invalid writes reported by Memcheck, this assertion failure will
probably go away.  Please try that before reporting this as a bug.


host stacktrace:
==131269==    at 0x5804B4CF: show_sched_status_wrk.lto_priv.0 (m_libcassert.c:426)
==131269==    by 0x5804B50F: report_and_quit (m_libcassert.c:497)
==131269==    by 0x5804B68A: vgPlain_assert_fail (m_libcassert.c:563)
==131269==    by 0x5805A8FB: UnknownInlinedFun (m_mallocfree.c:304)
==131269==    by 0x5805A8FB: UnknownInlinedFun (m_mallocfree.c:314)
==131269==    by 0x5805A8FB: mergeWithFreeNeighbours (m_mallocfree.c:2082)
==131269==    by 0x580018AF: UnknownInlinedFun (replacemalloc_core.c:121)
==131269==    by 0x580018AF: UnknownInlinedFun (mc_malloc_wrappers.c:168)
==131269==    by 0x580018AF: create_MC_Chunk (mc_malloc_wrappers.c:213)
==131269==    by 0x580071B0: vgMemCheck_new_block (mc_malloc_wrappers.c:390)
==131269==    by 0x58007442: UnknownInlinedFun (mc_malloc_wrappers.c:409)
==131269==    by 0x58007442: vgMemCheck_malloc (mc_malloc_wrappers.c:404)
==131269==    by 0x580B3FB8: UnknownInlinedFun (scheduler.c:2018)
==131269==    by 0x580B3FB8: vgPlain_scheduler (scheduler.c:1573)
==131269==    by 0x58110927: UnknownInlinedFun (syswrap-linux.c:102)
==131269==    by 0x58110927: run_a_thread_NORETURN.lto_priv.0 (syswrap-linux.c:155)

sched status:
  running_tid=1

Thread 1: status = VgTs_Runnable (lwpid 131269)
==131269==    at 0x483EB26: malloc (vg_replace_malloc.c:446)
==131269==    by 0x401C8B: allocImpl__system_u1753 (@psystem.nim.cpp:576)
==131269==    by 0x401C8B: allocSharedImpl (@psystem.nim.cpp:582)
==131269==    by 0x401C8B: rawNewString(long) (@psystem.nim.cpp:2221)
==131269==    by 0x4097FE: logWarning__crashtest_u2(NimStringV2) (@mcrashtest.nim.cpp:225)
==131269==    by 0x409D3B: NimMainModule() (@mcrashtest.nim.cpp:321)
==131269==    by 0x409D77: NimMainInner (@mcrashtest.nim.cpp:297)
==131269==    by 0x409D77: NimMain() (@mcrashtest.nim.cpp:303)
==131269==    by 0x409D94: main (@mcrashtest.nim.cpp:311)
client stack range: [0x1FFEFFD000 0x1FFF000FFF] client SP: 0x1FFEFFF420
valgrind stack range: [0x1002BA6000 0x1002CA5FFF] top usage: 14128 of 1048576


Note: see also the FAQ in the source distribution.
It contains workarounds to several common problems.
In particular, if Valgrind aborted or crashed after
identifying problems in your program, there's a good chance
that fixing those problems will prevent Valgrind aborting or
crashing, especially if it happened in m_mallocfree.c.

If that doesn't help, please report this bug to: www.valgrind.org

In the bug report, send all the above text, the valgrind
version, and what OS and version you are using.  Thanks.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions