stdcxx-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Eric Lemings (JIRA)" <j...@apache.org>
Subject [jira] Updated: (STDCXX-931) [gcc/Darwin] 0.printf test aborts with bus error
Date Tue, 13 May 2008 02:18:55 GMT

     [ https://issues.apache.org/jira/browse/STDCXX-931?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Eric Lemings updated STDCXX-931:
--------------------------------

    Description: 
The {{test_string()}} function in the {{0.printf}} test calls {{bad_address()}} to generate
an invalid address.  This address is eventually passed to the \_\_rw::\_\_rw_memattr() function
which uses the pointer value, specifically {{0x20}}, as the pointer value to the {{memchr()}}
C library function which promptly aborts the program.  The invalid pointer should be caught
before calling such C library functions which usually expect valid pointers.  Suspect the
proliferous conditional code within the function or some other unaccounted platform dependency.
 The preprocessed Darwin source for {{__rw_memattr()}} is shown below.
{{noformat}}
# 97 "/stdcxx/branches/4.2.x/src/memattr.cpp"
namespace __rw {

 long
__rw_memattr (const void *addr, unsigned long nbytes, int attr)
{
    ((void)&attr);
    const int errno_save = (*__error());
    static const unsigned long pgsz = size_t (sysconf (29));
    caddr_t const page =
        reinterpret_cast< caddr_t >(reinterpret_cast< unsigned long >(addr) &
~(pgsz - 1))
;
    unsigned long npages = nbytes ? nbytes / pgsz + 1 : 0;
    for (size_t i = 0; i < npages; ++i) {
        const caddr_t next = reinterpret_cast< char* >(page) + i * pgsz;
# 177 "/stdcxx/branches/4.2.x/src/memattr.cpp"
        const int advice = 3;
        if (-1 == madvise (next, 1, advice)) {
            const int err = (*__error());
            (*__error()) = errno_save;
            bool bad_address;
# 198 "/stdcxx/branches/4.2.x/src/memattr.cpp"
            bad_address = !(0 == err || 22 == err);
            if (bad_address)                return next == page ? -1 : ( reinterpret_cast<
const char* >(next) - reint
erpret_cast< const char* >(addr));
        }

        if (0xffffffffUL == nbytes) {
# 219 "/stdcxx/branches/4.2.x/src/memattr.cpp"
            const unsigned long maxpage =                next == page ? pgsz - ( reinterpret_cast<
const char* >(addr) - reinterpre
t_cast< const char* >(next)) : pgsz;

            const void* const pnul =
                memchr (next == page ? addr : next, '\0', maxpage);
            if (pnul) {
                nbytes = ( reinterpret_cast< const char* >(pnul) - reinterpret_cast<
const char* >(addr));
                npages = nbytes / pgsz + 1;
                break;
            }
        }
    }

    return static_cast< long >(nbytes);
# 262 "/stdcxx/branches/4.2.x/src/memattr.cpp"
{{noformat}}

  was:
The {{test_string()}} function in the {{0.printf}} test calls {{bad_address()}} to generate
an invalid address.  This address is eventually passed to the __rw::__rw_memattr() function
which uses the pointer value, specifically {{0x20}}, as the pointer value to the {{memchr()}}
C library function which promptly aborts the program.  The invalid pointer should be caught
before calling such C library functions which usually expect valid pointers.  Suspect the
proliferous conditional code within the function or some other unaccounted platform dependency.
 The preprocessed Darwin source for {{__rw_memattr()}} is shown below.
{{noformat}}
# 97 "/stdcxx/branches/4.2.x/src/memattr.cpp"
namespace __rw {

 long
__rw_memattr (const void *addr, unsigned long nbytes, int attr)
{
    ((void)&attr);
    const int errno_save = (*__error());
    static const unsigned long pgsz = size_t (sysconf (29));
    caddr_t const page =
        reinterpret_cast< caddr_t >(reinterpret_cast< unsigned long >(addr) &
~(pgsz - 1))
;
    unsigned long npages = nbytes ? nbytes / pgsz + 1 : 0;
    for (size_t i = 0; i < npages; ++i) {
        const caddr_t next = reinterpret_cast< char* >(page) + i * pgsz;
# 177 "/stdcxx/branches/4.2.x/src/memattr.cpp"
        const int advice = 3;
        if (-1 == madvise (next, 1, advice)) {
            const int err = (*__error());
            (*__error()) = errno_save;
            bool bad_address;
# 198 "/stdcxx/branches/4.2.x/src/memattr.cpp"
            bad_address = !(0 == err || 22 == err);
            if (bad_address)                return next == page ? -1 : ( reinterpret_cast<
const char* >(next) - reint
erpret_cast< const char* >(addr));
        }

        if (0xffffffffUL == nbytes) {
# 219 "/stdcxx/branches/4.2.x/src/memattr.cpp"
            const unsigned long maxpage =                next == page ? pgsz - ( reinterpret_cast<
const char* >(addr) - reinterpre
t_cast< const char* >(next)) : pgsz;

            const void* const pnul =
                memchr (next == page ? addr : next, '\0', maxpage);
            if (pnul) {
                nbytes = ( reinterpret_cast< const char* >(pnul) - reinterpret_cast<
const char* >(addr));
                npages = nbytes / pgsz + 1;
                break;
            }
        }
    }

    return static_cast< long >(nbytes);
# 262 "/stdcxx/branches/4.2.x/src/memattr.cpp"
{{noformat}}


> [gcc/Darwin] 0.printf test aborts with bus error
> ------------------------------------------------
>
>                 Key: STDCXX-931
>                 URL: https://issues.apache.org/jira/browse/STDCXX-931
>             Project: C++ Standard Library
>          Issue Type: Bug
>          Components: Test Driver
>    Affects Versions: 4.2.1
>         Environment: Darwin host.local 9.2.2 Darwin Kernel Version 9.2.2: Tue Mar  4
21:17:34 PST 2008; root:xnu-1228.4.31~1/RELEASE_I386 i386
>            Reporter: Eric Lemings
>             Fix For: 4.2.x
>
>   Original Estimate: 4h
>  Remaining Estimate: 4h
>
> The {{test_string()}} function in the {{0.printf}} test calls {{bad_address()}} to generate
an invalid address.  This address is eventually passed to the \_\_rw::\_\_rw_memattr() function
which uses the pointer value, specifically {{0x20}}, as the pointer value to the {{memchr()}}
C library function which promptly aborts the program.  The invalid pointer should be caught
before calling such C library functions which usually expect valid pointers.  Suspect the
proliferous conditional code within the function or some other unaccounted platform dependency.
 The preprocessed Darwin source for {{__rw_memattr()}} is shown below.
> {{noformat}}
> # 97 "/stdcxx/branches/4.2.x/src/memattr.cpp"
> namespace __rw {
>  long
> __rw_memattr (const void *addr, unsigned long nbytes, int attr)
> {
>     ((void)&attr);
>     const int errno_save = (*__error());
>     static const unsigned long pgsz = size_t (sysconf (29));
>     caddr_t const page =
>         reinterpret_cast< caddr_t >(reinterpret_cast< unsigned long >(addr)
& ~(pgsz - 1))
> ;
>     unsigned long npages = nbytes ? nbytes / pgsz + 1 : 0;
>     for (size_t i = 0; i < npages; ++i) {
>         const caddr_t next = reinterpret_cast< char* >(page) + i * pgsz;
> # 177 "/stdcxx/branches/4.2.x/src/memattr.cpp"
>         const int advice = 3;
>         if (-1 == madvise (next, 1, advice)) {
>             const int err = (*__error());
>             (*__error()) = errno_save;
>             bool bad_address;
> # 198 "/stdcxx/branches/4.2.x/src/memattr.cpp"
>             bad_address = !(0 == err || 22 == err);
>             if (bad_address)                return next == page ? -1 : ( reinterpret_cast<
const char* >(next) - reint
> erpret_cast< const char* >(addr));
>         }
>         if (0xffffffffUL == nbytes) {
> # 219 "/stdcxx/branches/4.2.x/src/memattr.cpp"
>             const unsigned long maxpage =                next == page ? pgsz - ( reinterpret_cast<
const char* >(addr) - reinterpre
> t_cast< const char* >(next)) : pgsz;
>             const void* const pnul =
>                 memchr (next == page ? addr : next, '\0', maxpage);
>             if (pnul) {
>                 nbytes = ( reinterpret_cast< const char* >(pnul) - reinterpret_cast<
const char* >(addr));
>                 npages = nbytes / pgsz + 1;
>                 break;
>             }
>         }
>     }
>     return static_cast< long >(nbytes);
> # 262 "/stdcxx/branches/4.2.x/src/memattr.cpp"
> {{noformat}}

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message