[Bug 1089722] Re: wcslen reads beyond the end of the buffer
Dave Gilbert
ubuntu at treblig.org
Sun Dec 30 13:14:51 UTC 2012
Hmm my x86 is a bit rusty; have you got an actual test case that
triggers the warning?
It seems to be basically:
a) Do a bunch of individual character tests (32 bit at a time)
b) Do a bunch of tests of 64 bit words (pcmpeqd's) - i.e. 2 wchar's at a time
c) Get into an aligned loop doing 64 bytes at a time (using multiple pcmpeqd's)
a) looks safe
Before (b) there is the code:
lea 32(%rdi), %rax
lea 16(%rdi), %rcx
and $-16, %rax
So I think that's aligning rax to a 16 byte boundary, so I'd hope what's
after it is safe
and Before (c) there is :
and $-0x40, %rax
.p2align 4
L(aligned_64_loop):
so again before going into that loop it's aligned to a 64byte boundary
So that feels ok with out having worked every path - although I'd kind
of expected valgrind to follow it.
If you've got the example and it shows exactly which instruction it's
moaning about it might be able to spot something.
Dave
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to eglibc in Ubuntu.
https://bugs.launchpad.net/bugs/1089722
Title:
wcslen reads beyond the end of the buffer
Status in “eglibc” package in Ubuntu:
Incomplete
Bug description:
valgrind reports many errors of wcslen reading beyond the end of the
buffer. It appears that sysdeps/x86_64/wcslen.S tries do do 64 bit
reads which can result in reading beyond the end of the buffer if
there are less than 64 bits left.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/eglibc/+bug/1089722/+subscriptions
More information about the foundations-bugs
mailing list