bug-gnulib
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: results of gnulib tests with -fcheck-pointer-bounds


From: Paul Eggert
Subject: Re: results of gnulib tests with -fcheck-pointer-bounds
Date: Fri, 19 May 2017 15:48:51 -0700
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.1.0

On 05/19/2017 08:27 AM, Bruno Haible wrote:

The message "Saw a #BR!" is a bit cryptic

An understatement to be sure. In my experience, even when you know exactly which machine instruction is trapping and know which source-code statement it corresponds to, it's often tricky to puzzle out why an -fcheck-pointer-bounds failure occurred. So far I haven't been bold enough to give a tricky problem like that to my undergraduate students. Maybe in a year or two the debugging tools will be better. (Plus, I have to wait for our university to get teaching servers new enough to support MPX.)

Does someone understand this argp-help.c code?

I didn't, but after looking at the code for a bit I see a problem that could explain the symptoms you observe. hol_append subtracts pointers into different arrays, which has undefined behavior in C, and -fcheck-pointer-bounds can catch this after the resulting offset is used to calculate a pointer and the pointer is then later used. This is clearly a portability bug so I installed the first attached patch. Does it fix the problem on your platform?

I also tested argp under -fsanitize=undefined and found a different bug, fixed in the 2nd attached patch.

Attachment: 0001-argp-fix-pointer-subtraction-bug.patch
Description: Text Data

Attachment: 0002-argp-fix-shift-bug.patch
Description: Text Data


reply via email to

[Prev in Thread] Current Thread [Next in Thread]