You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@stdcxx.apache.org by "Eric Lemings (JIRA)" <ji...@apache.org> on 2008/05/13 04:14:55 UTC
[jira] Updated: (STDCXX-931) [gcc/Darwin] 0.printf test aborts with
bus error
[ https://issues.apache.org/jira/browse/STDCXX-931?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Eric Lemings updated STDCXX-931:
--------------------------------
Description:
The {{test_string()}} function in the {{0.printf}} test calls {{bad_address()}} to generate an invalid address. This address is eventually passed to the {{ __rw::__rw_memattr() }} function which uses the pointer value, specifically {{0x20}}, as the pointer value to the {{memchr()}} C library function which promptly aborts the program. The invalid pointer should be caught before calling such C library functions which usually expect valid pointers. Suspect the proliferous conditional code within the function or some other unaccounted platform dependency. The preprocessed Darwin source for {{__rw_memattr()}} is shown below.
{{noformat}}
# 97 "/stdcxx/branches/4.2.x/src/memattr.cpp"
namespace __rw {
long
__rw_memattr (const void *addr, unsigned long nbytes, int attr)
{
((void)&attr);
const int errno_save = (*__error());
static const unsigned long pgsz = size_t (sysconf (29));
caddr_t const page =
reinterpret_cast< caddr_t >(reinterpret_cast< unsigned long >(addr) & ~(pgsz - 1))
;
unsigned long npages = nbytes ? nbytes / pgsz + 1 : 0;
for (size_t i = 0; i < npages; ++i) {
const caddr_t next = reinterpret_cast< char* >(page) + i * pgsz;
# 177 "/stdcxx/branches/4.2.x/src/memattr.cpp"
const int advice = 3;
if (-1 == madvise (next, 1, advice)) {
const int err = (*__error());
(*__error()) = errno_save;
bool bad_address;
# 198 "/stdcxx/branches/4.2.x/src/memattr.cpp"
bad_address = !(0 == err || 22 == err);
if (bad_address) return next == page ? -1 : ( reinterpret_cast< const char* >(next) - reint
erpret_cast< const char* >(addr));
}
if (0xffffffffUL == nbytes) {
# 219 "/stdcxx/branches/4.2.x/src/memattr.cpp"
const unsigned long maxpage = next == page ? pgsz - ( reinterpret_cast< const char* >(addr) - reinterpre
t_cast< const char* >(next)) : pgsz;
const void* const pnul =
memchr (next == page ? addr : next, '\0', maxpage);
if (pnul) {
nbytes = ( reinterpret_cast< const char* >(pnul) - reinterpret_cast< const char* >(addr));
npages = nbytes / pgsz + 1;
break;
}
}
}
return static_cast< long >(nbytes);
# 262 "/stdcxx/branches/4.2.x/src/memattr.cpp"
{{noformat}}
was:
The {{test_string()}} function in the {{0.printf}} test calls {{bad_address()}} to generate an invalid address. This address is eventually passed to the {{__rw::__rw_memattr()}} function which uses the pointer value, specifically {{0x20}}, as the pointer value to the {{memchr()}} C library function which promptly aborts the program. The invalid pointer should be caught before calling such C library functions which usually expect valid pointers. Suspect the proliferous conditional code within the function or some other unaccounted platform dependency. The preprocessed Darwin source for {{__rw_memattr()}} is shown below.
{{noformat}}
# 97 "/stdcxx/branches/4.2.x/src/memattr.cpp"
namespace __rw {
long
__rw_memattr (const void *addr, unsigned long nbytes, int attr)
{
((void)&attr);
const int errno_save = (*__error());
static const unsigned long pgsz = size_t (sysconf (29));
caddr_t const page =
reinterpret_cast< caddr_t >(reinterpret_cast< unsigned long >(addr) & ~(pgsz - 1))
;
unsigned long npages = nbytes ? nbytes / pgsz + 1 : 0;
for (size_t i = 0; i < npages; ++i) {
const caddr_t next = reinterpret_cast< char* >(page) + i * pgsz;
# 177 "/stdcxx/branches/4.2.x/src/memattr.cpp"
const int advice = 3;
if (-1 == madvise (next, 1, advice)) {
const int err = (*__error());
(*__error()) = errno_save;
bool bad_address;
# 198 "/stdcxx/branches/4.2.x/src/memattr.cpp"
bad_address = !(0 == err || 22 == err);
if (bad_address) return next == page ? -1 : ( reinterpret_cast< const char* >(next) - reint
erpret_cast< const char* >(addr));
}
if (0xffffffffUL == nbytes) {
# 219 "/stdcxx/branches/4.2.x/src/memattr.cpp"
const unsigned long maxpage = next == page ? pgsz - ( reinterpret_cast< const char* >(addr) - reinterpre
t_cast< const char* >(next)) : pgsz;
const void* const pnul =
memchr (next == page ? addr : next, '\0', maxpage);
if (pnul) {
nbytes = ( reinterpret_cast< const char* >(pnul) - reinterpret_cast< const char* >(addr));
npages = nbytes / pgsz + 1;
break;
}
}
}
return static_cast< long >(nbytes);
# 262 "/stdcxx/branches/4.2.x/src/memattr.cpp"
{{noformat}}
> [gcc/Darwin] 0.printf test aborts with bus error
> ------------------------------------------------
>
> Key: STDCXX-931
> URL: https://issues.apache.org/jira/browse/STDCXX-931
> Project: C++ Standard Library
> Issue Type: Bug
> Components: Test Driver
> Affects Versions: 4.2.1
> Environment: Darwin host.local 9.2.2 Darwin Kernel Version 9.2.2: Tue Mar 4 21:17:34 PST 2008; root:xnu-1228.4.31~1/RELEASE_I386 i386
> Reporter: Eric Lemings
> Fix For: 4.2.x
>
> Original Estimate: 4h
> Remaining Estimate: 4h
>
> The {{test_string()}} function in the {{0.printf}} test calls {{bad_address()}} to generate an invalid address. This address is eventually passed to the {{ __rw::__rw_memattr() }} function which uses the pointer value, specifically {{0x20}}, as the pointer value to the {{memchr()}} C library function which promptly aborts the program. The invalid pointer should be caught before calling such C library functions which usually expect valid pointers. Suspect the proliferous conditional code within the function or some other unaccounted platform dependency. The preprocessed Darwin source for {{__rw_memattr()}} is shown below.
> {{noformat}}
> # 97 "/stdcxx/branches/4.2.x/src/memattr.cpp"
> namespace __rw {
> long
> __rw_memattr (const void *addr, unsigned long nbytes, int attr)
> {
> ((void)&attr);
> const int errno_save = (*__error());
> static const unsigned long pgsz = size_t (sysconf (29));
> caddr_t const page =
> reinterpret_cast< caddr_t >(reinterpret_cast< unsigned long >(addr) & ~(pgsz - 1))
> ;
> unsigned long npages = nbytes ? nbytes / pgsz + 1 : 0;
> for (size_t i = 0; i < npages; ++i) {
> const caddr_t next = reinterpret_cast< char* >(page) + i * pgsz;
> # 177 "/stdcxx/branches/4.2.x/src/memattr.cpp"
> const int advice = 3;
> if (-1 == madvise (next, 1, advice)) {
> const int err = (*__error());
> (*__error()) = errno_save;
> bool bad_address;
> # 198 "/stdcxx/branches/4.2.x/src/memattr.cpp"
> bad_address = !(0 == err || 22 == err);
> if (bad_address) return next == page ? -1 : ( reinterpret_cast< const char* >(next) - reint
> erpret_cast< const char* >(addr));
> }
> if (0xffffffffUL == nbytes) {
> # 219 "/stdcxx/branches/4.2.x/src/memattr.cpp"
> const unsigned long maxpage = next == page ? pgsz - ( reinterpret_cast< const char* >(addr) - reinterpre
> t_cast< const char* >(next)) : pgsz;
> const void* const pnul =
> memchr (next == page ? addr : next, '\0', maxpage);
> if (pnul) {
> nbytes = ( reinterpret_cast< const char* >(pnul) - reinterpret_cast< const char* >(addr));
> npages = nbytes / pgsz + 1;
> break;
> }
> }
> }
> return static_cast< long >(nbytes);
> # 262 "/stdcxx/branches/4.2.x/src/memattr.cpp"
> {{noformat}}
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.