[Bug other/56245] -fsanitize=address miscompiles GCC
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=56245 --- Comment #12 from Jakub Jelinek jakub at gcc dot gnu.org 2013-02-19 17:27:06 UTC --- Author: jakub Date: Tue Feb 19 17:26:56 2013 New Revision: 196148 URL: http://gcc.gnu.org/viewcvs?root=gccview=revrev=196148 Log: Backported from mainline 2013-02-09 Jakub Jelinek ja...@redhat.com PR other/56245 * regex.c (PTR_INT_TYPE): Define. (EXTEND_BUFFER): Change incr type from int to PTR_INT_TYPE. Modified: branches/gcc-4_7-branch/libiberty/ChangeLog branches/gcc-4_7-branch/libiberty/regex.c
[Bug other/56245] -fsanitize=address miscompiles GCC
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=56245 --- Comment #10 from Jakub Jelinek jakub at gcc dot gnu.org 2013-02-09 18:41:05 UTC --- Author: jakub Date: Sat Feb 9 18:41:00 2013 New Revision: 195918 URL: http://gcc.gnu.org/viewcvs?root=gccview=revrev=195918 Log: PR other/56245 * regex.c (PTR_INT_TYPE): Define. (EXTEND_BUFFER): Change incr type from int to PTR_INT_TYPE. Modified: trunk/libiberty/ChangeLog trunk/libiberty/regex.c
[Bug other/56245] -fsanitize=address miscompiles GCC
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=56245 Jakub Jelinek jakub at gcc dot gnu.org changed: What|Removed |Added Status|ASSIGNED|RESOLVED Resolution||FIXED Target Milestone|--- |4.8.0 --- Comment #11 from Jakub Jelinek jakub at gcc dot gnu.org 2013-02-09 18:45:14 UTC --- Fixed.
[Bug other/56245] -fsanitize=address miscompiles GCC
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=56245 Jakub Jelinek jakub at gcc dot gnu.org changed: What|Removed |Added Component|sanitizer |other --- Comment #4 from Jakub Jelinek jakub at gcc dot gnu.org 2013-02-08 17:37:05 UTC --- Libiberty bug.
[Bug other/56245] -fsanitize=address miscompiles GCC
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=56245 Jakub Jelinek jakub at gcc dot gnu.org changed: What|Removed |Added Status|NEW |ASSIGNED AssignedTo|unassigned at gcc dot |jakub at gcc dot gnu.org |gnu.org | --- Comment #5 from Jakub Jelinek jakub at gcc dot gnu.org 2013-02-08 17:39:05 UTC --- Created attachment 29399 -- http://gcc.gnu.org/bugzilla/attachment.cgi?id=29399 gcc48-pr56245.patch Untested fix.
[Bug other/56245] -fsanitize=address miscompiles GCC
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=56245 Jakub Jelinek jakub at gcc dot gnu.org changed: What|Removed |Added Status|NEW |ASSIGNED Component|sanitizer |other --- Comment #7 from Jakub Jelinek jakub at gcc dot gnu.org 2013-02-08 17:51:08 UTC --- glibc doesn't use this regex code for many years.
[Bug other/56245] -fsanitize=address miscompiles GCC
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=56245 --- Comment #8 from Kostya Serebryany kcc at gcc dot gnu.org 2013-02-08 18:28:43 UTC --- Ah, so this *is* caused by the asan merge, although it's not an asan bug. The new asan allocator often returns pointers that are 4Gb apart from each other so that int is not working for pointer differences any more. BTW, I think that subtracting one pointer from another if they belong to different heap allocations is just plain wrong standard-wise.
[Bug other/56245] -fsanitize=address miscompiles GCC
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=56245 --- Comment #9 from Jakub Jelinek jakub at gcc dot gnu.org 2013-02-08 20:05:19 UTC --- (In reply to comment #8) Ah, so this *is* caused by the asan merge, although it's not an asan bug. The new asan allocator often returns pointers that are 4Gb apart from each other so that int is not working for pointer differences any more. BTW, I think that subtracting one pointer from another if they belong to different heap allocations is just plain wrong standard-wise. I guess for standard-wise correctness it would need to cast all the involved pointers to (uintptr_t) or similar and do arithmetic in integers. It is a general issue of having pointers pointing into the same heap object, when you need to realloc that heap object, you need to adjust it. In any case, for whatever reason libiberty contains the prehistoric GNU regex code rather than the far newer code that is included in glibc.
