[Bug libmudflap/41559] New: fgetc_unlocked fails with -fmudflap -O1
Martin dot vGagern at gmx dot net
gcc-bugzilla@gcc.gnu.org
Sat Oct 3 21:35:00 GMT 2009
The following simple cat clone fails with mudflap:
$ cat mudflap_unlocked.c
#include <stdio.h>
int main(int argc, char** argv) {
int chr;
while ((chr = fgetc_unlocked(stdin)) != EOF)
fputc_unlocked(chr, stdout);
return 0;
}
$ i686-pc-linux-gnu-gcc-4.4.1 -Wall -O1 -fmudflap \
-o mudflap_unlocked mudflap_unlocked.c -lmudflap
$ ./mudflap_unlocked <<< foo
*******
mudflap violation 1 (check/read): time=... ptr=0xb80b0001 size=1
pc=0xb7f826bc location=`/usr/include/bits/stdio.h:56:10 (main)'
/usr/lib/gcc/i686-pc-linux-gnu/4.4.1/libmudflap.so.0(__mf_check+0x3e)
./mudflap_unlocked(main+0x2d5)
/usr/lib/gcc/i686-pc-linux-gnu/4.4.1/libmudflap.so.0(__wrap_main+0x55)
number of nearby objects: 0
*******
mudflap violation 2 (check/read): time=... ptr=0xb80b0002 size=1
pc=0xb7f826bc location=`/usr/include/bits/stdio.h:56:10 (main)'
/usr/lib/gcc/i686-pc-linux-gnu/4.4.1/libmudflap.so.0(__mf_check+0x3e)
./mudflap_unlocked(main+0x2d5)
/usr/lib/gcc/i686-pc-linux-gnu/4.4.1/libmudflap.so.0(__wrap_main+0x55)
number of nearby objects: 0
*******
mudflap violation 3 (check/read): time=... ptr=0xb80b0003 size=1
pc=0xb7f826bc location=`/usr/include/bits/stdio.h:56:10 (main)'
/usr/lib/gcc/i686-pc-linux-gnu/4.4.1/libmudflap.so.0(__mf_check+0x3e)
./mudflap_unlocked(main+0x2d5)
/usr/lib/gcc/i686-pc-linux-gnu/4.4.1/libmudflap.so.0(__wrap_main+0x55)
number of nearby objects: 0
foo
$
I assume that -O1 and above inlines the fgetc_unlocked call, which then becomes
some kind of access to some static buffer which mudflap fails to recognize as
being readable. Unfortunately I could not reproduce this issue without at least
-O1, and selectively disabling some optimizations didn't render the backtraces
any more intellegible.
Debugging through __mfu_check, it seems that the pointer can be associated with
no memory block at all, neither valid nor invalid. Therefore the final
judgement becomes -1 in the following part:
/* If the judgment is still unknown at this stage, loop
around at most one more time. */
if (judgement == 0)
{
if (heuristics++ < 2) /* XXX parametrize this number? */
judgement = __mf_heuristic_check (ptr_low, ptr_high);
else
judgement = -1;
}
--
Summary: fgetc_unlocked fails with -fmudflap -O1
Product: gcc
Version: 4.4.1
Status: UNCONFIRMED
Severity: minor
Priority: P3
Component: libmudflap
AssignedTo: unassigned at gcc dot gnu dot org
ReportedBy: Martin dot vGagern at gmx dot net
GCC build triplet: i686-pc-linux-gnu
GCC host triplet: i686-pc-linux-gnu
GCC target triplet: i686-pc-linux-gnu
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=41559
More information about the Gcc-bugs
mailing list