NetBSD-Bugs archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: standards/47119: putc_unlocked(3) is found even with -std=c89



christos%zoulas.com@localhost (Christos Zoulas) wrote:

 |On Oct 24,  2:10pm, sdaoden%gmail.com@localhost (Steffen "Daode" Nurpmeso) 
wrote:
 |-- Subject: Re: standards/47119: putc_unlocked(3) is found even with \
 |-std=c89
 |
 || The following reply was made to PR standards/47119; it has been noted by \
 |. GNATS.
 || 
 || From: Steffen "Daode" Nurpmeso <sdaoden%gmail.com@localhost>
 || To: Martin Husemann <martin%duskware.de@localhost>
 || Cc: gnats-bugs%NetBSD.org@localhost
 || Subject: Re: standards/47119: putc_unlocked(3) is found even with \
 |. -std=c89
 || Date: Wed, 24 Oct 2012 16:05:07 +0200
 || 
 ||  Martin Husemann <martin%duskware.de@localhost> wrote:
 ||  
 |||On Wed, Oct 24, 2012 at 03:11:03PM +0200, Steffen Daode Nurpmeso wrote:
 |||> Because it is not part of C89/C99?
 |||
 |||You are misunderstanding the compiler option - it has no influence on the
 |||symbols visible in libraries nor system headers (at least in general).
 |||There are a few defines you can add via -D to make the headers pollute \
 |.. less
 ||  
 ||  Hmm.  I think you're right.
 ||  Well i'm not really working with those headers, and i still see
 ||  a '#define _GNU_SOURCE' on top of the one that's really important
 ||  for me.
 ||  
 |||namespace, but since this is a posix blessed function, it is better
 |||to avoid a name clash in application code.
 |||Martin
 ||  
 ||  Yes, a lot of conditions and a lot of what standards produce most
 ||  of the time, so thanks for all those work on standard compliance.
 ||  
 ||  Nonetheless - the bug is triggered only with -std=c89, and only on
 ||  NetBSD 6.0.  And in the meanwhile i've found it.
 ||  In fact it has nothing to do with putc_unlocked() (i was so clumsy
 ||  that i even tried to compile with -pthread and -D_REENTRANT, and
 ||  it was still expanded to __sputc() or so - amazing!), but it is in
 ||  fact alloca(3) that returns an invalid buffer:
 ||  
 ||    %fwrite_td() calls ac_alloc for 29
 ||    fwrite_td() calls memcpy (From: <XXXXXXXXXXX%YYYY.com@localhost>
 ||    )29
 ||    fwrite_td() before delctrl (^])29
 ||    fwrite_td() calls prefixwrite (^])29
 ||    *29 (0xbfbf9254)()*^@^@^@^@^@^@^@^@XXXXXXXXXX%YYYY.com@localhost>
 ||  
 ||  From the alloca(3) manual i see nothing special to adhere to,
 ||  i would not describe 29 bytes as a "large unbounded allocation".
 ||  The CFLAGS are simply '-std=c89 -O2', so nothing special at all.
  i361    {
 ||  I think this is worth another PR?
 |
 |You are probably missing some include header (stdlib.h) and there
 |is no prototype for alloca()? Post the code...
 |
 |christos

gdb(1) with -std=c89:

  Breakpoint 1, fwrite_td (ptr=0xbb60c520, nmemb=29, f=0xbb9afea0, 
flags=TD_NONE, prefix=0x0, prefixlen=0, size=1) at mime.c:1479
  1494            mptr = xmptr = ac_alloc(mptrsz + 1);
  0x0804b1ac in alloca@plt ()
  (gdb) print mptr
  $9 = 0xbfbf91f4 "p
=0r\277\277"
  (gdb) info registers esp
  esp            0xbfbf91e4       0xbfbf91e4
  (gdb) print (char*)ptr
  $10 = 0xbb60c520 "From: <XXXXXXXXXXX%YYYY.com@localhost>\n"

  1517                    memcpy(mptr, ptr, csize);
  0x0804acac in memcpy@plt ()
  (gdb) print (char*)ptr
  $11 = 0xbb60c520 "From: <XXXXXXXXXXX%YYYY.com@localhost>\n"
  (gdb) print (char*)mptr
  $12 = 0xbfbf91f4 "From: <XXXXXXXXXXX%YYYY.com@localhost>\n"
  (gdb) print csize
  $13 = 29

  prefixwrite (ptr=0xbfbf91f4, size=1, nmemb=29, f=0xbb9afea0, prefix=0x0, 
prefixlen=0) at mime.c:1361
  (gdb) print rsz
  $14 = <optimized out>
  (gdb) print (char*)ptr
  $17 = 0xbfbf91f4 ""

and without:

  Breakpoint 1, fwrite_td (ptr=0xbb60c520, nmemb=29, f=0xbb9afea0, 
flags=TD_NONE, prefix=0x0, prefixlen=0, size=1) at mime.c:1479
  1494            mptr = xmptr = ac_alloc(mptrsz + 1);
  (gdb) print mptr
  $2 = 0xbfbf91f0 ""
  (gdb) info registers esp
  esp            0xbfbf91d0       0xbfbf91d0
  (gdb) print (char*)ptr
  $1 = 0xbb60c520 "From: <XXXXXXXXXXX%YYYY.com@localhost>\n"

  0x0804ac8c in memcpy@plt ()
  (gdb) print (char*)ptr
  $1 = 0xbb60c520 "From: <XXXXXXXXXXX%YYYY.com@localhost>\n"
  (gdb) print mptr
  $2 = 0xbfbf91f0 "From: <XXXXXXXXXXX%YYYY.com@localhost>\n"
  (gdb) print csize
  $3 = 29

  prefixwrite (ptr=0xbfbf91f0, size=1, nmemb=29, f=0xbb9afea0, prefix=0x0, 
prefixlen=0) at mime.c:1361
  (gdb) print rsz
  $5 = 29
  (gdb) print (char*)ptr
  $4 = 0xbfbf91f0 "From: <XXXXXXXXXXX%YYYY.com@localhost>\n"

Well and i think you're right about the builtin_alloca/libc one.
With -std=c89:

  1479    fwrite_td(void *ptr, size_t size, size_t nmemb, FILE *f, enum tdflags 
flags,
  (gdb) step
  1494            mptr = xmptr = ac_alloc(mptrsz + 1);
  (gdb) stepi
  0x0807689c      1494            mptr = xmptr = ac_alloc(mptrsz + 1);
  (gdb) 
  0x0807689f      1494            mptr = xmptr = ac_alloc(mptrsz + 1);
  (gdb) 
  0x0804b1ac in alloca@plt ()
  (gdb) 
  0xbb8f0b10 in alloca () from /lib/libc.so.12
  (gdb) 
  0xbb8f0b11 in alloca () from /lib/libc.so.12
  (gdb) 
  0xbb8f0b12 in alloca () from /lib/libc.so.12
  (gdb) 
  0xbb8f0b14 in alloca () from /lib/libc.so.12
  (gdb) 
  0xbb8f0b17 in alloca () from /lib/libc.so.12
  (gdb) 
  0xbb8f0b1a in alloca () from /lib/libc.so.12
  (gdb) 
  0xbb8f0b1c in alloca () from /lib/libc.so.12
  (gdb) 
  0xbb8f0b1e in alloca () from /lib/libc.so.12
  (gdb) 
  0xbb8f0b21 in alloca () from /lib/libc.so.12
  (gdb) 
  0xbb8f0b24 in alloca () from /lib/libc.so.12
  (gdb) 
  0xbb8f0b26 in alloca () from /lib/libc.so.12
  (gdb) 
  0xbb8f0b27 in alloca () from /lib/libc.so.12
  (gdb) 
  0x080768a4 in fwrite_td (ptr=0xbb60c520, nmemb=29, f=0xbb9afea0, 
flags=TD_NONE, prefix=0x0, prefixlen=0, size=1) at mime.c:1494
  1494            mptr = xmptr = ac_alloc(mptrsz + 1);

and without:

  1479    fwrite_td(void *ptr, size_t size, size_t nmemb, FILE *f, enum tdflags 
flags,
  (gdb) step
  1494            mptr = xmptr = ac_alloc(mptrsz + 1);
  (gdb) stepi
  0x080768ac      1494            mptr = xmptr = ac_alloc(mptrsz + 1);
  (gdb) 
  0x080768af      1494            mptr = xmptr = ac_alloc(mptrsz + 1);
  (gdb) 
  0x080768b1      1494            mptr = xmptr = ac_alloc(mptrsz + 1);
  (gdb) 
  0x080768b5      1494            mptr = xmptr = ac_alloc(mptrsz + 1);
  (gdb) 
  0x080768b8      1494            mptr = xmptr = ac_alloc(mptrsz + 1);
  (gdb) 
  1496            if ((flags & TD_ICONV) && iconvd != (iconv_t)-1) {

So no bug report..

--steffen


Home | Main Index | Thread Index | Old Index