On 25/04/14 06:55, Daniel Macks wrote:
> On Thu, 24 Apr 2014 19:53:26 +0200, Martin Costabel
> <[email protected]> wrote:
[]
>> I have now boiled it down to the mis-compilation of one file in
>> t1lib5, lib/type1/objects.c. If this is compiled with a low
>> optimization level such as -O1, xdvi works, if it is compiled with
>> the standard -O2, segmentation fault. This is very weird, because
>> this is C code, not C++. Plus, the crash doesn't even happen in
>> objects.c, but in some other modules. I haven't seen anything about
>> this in google either. Some more bug hunting in order, I guess.
>
> I don't know anything about this package or failure mode, but I did
> find a bunch of other-distro's patches, some of which sound like they
> can cause crashes and/or involve security advisories...
>
> http://patch-tracker.debian.org/package/t1lib/5.1.2-4
>
> If nothing else, may as well patch ours up to fix them, even if it
> doesn't solve the problem at hand.
I looked at these patches, but they don't seem to touch this problem,
they contain mainly additional checks that will cause additional crashes
in some situations (AKA security fixes).
I finally found the reason for the crash (don't ask me how...)
In my opinion it is a bug in clang, but of the kind that is unlikely to
get fixed. In objects.c, clang incorrectly thinks that the variable
r->flag is uninitialized; the static analyzer emits a warning:
objects.c:332:24: warning: The left expression of the compound
assignment is an uninitialized value. The computed value will also
be garbage
r->flag &= ~(ISPERMANENT(ON) | ISIMMORTAL(ON));
~~~~~~~ ^
Then, from a certain optimization level on (-Oz, -Os, -O2), it concludes
that since this is garbage anyway, it does not need to execute the
compound statement and may as well do nothing or put 0 into r->flag. The
result is that all the structures that use the function t1_Allocate will
then indeed have garbage in the corresponding field, with the segfault
as a final consequence.
The workaround is a simple patch of the disputed line.
I have checked t1lib5-nox-5.1.2-2 with this fix into cvs. The maintainer
will silently agree, I suppose.
--
Martin
------------------------------------------------------------------------------
Start Your Social Network Today - Download eXo Platform
Build your Enterprise Intranet with eXo Platform Software
Java Based Open Source Intranet - Social, Extensible, Cloud Ready
Get Started Now And Turn Your Intranet Into A Collaboration Platform
http://p.sf.net/sfu/ExoPlatform
_______________________________________________
Fink-users mailing list
[email protected]
List archive:
http://news.gmane.org/gmane.os.macosx.fink.user
Subscription management:
https://lists.sourceforge.net/lists/listinfo/fink-users
