From mboxrd@z Thu Jan  1 00:00:00 1970
X-Msuck: nntp://news.gmane.org/gmane.linux.lib.musl.general/1738
Path: news.gmane.org!not-for-mail
From: Rich Felker <dalias@aerifal.cx>
Newsgroups: gmane.linux.lib.musl.general
Subject: Re: build musl with clang
Date: Fri, 24 Aug 2012 13:51:50 -0400
Message-ID: <20120824175150.GE27715@brightrain.aerifal.cx>
References: <5035E16E.50004@gmail.com>
 <20120823122414.GM27715@brightrain.aerifal.cx>
 <50362C19.5080509@gmail.com>
 <20120823175545.GQ27715@brightrain.aerifal.cx>
 <5037181B.9050508@gmail.com>
 <20120824060611.GX27715@brightrain.aerifal.cx>
 <5037596C.1030409@gmail.com>
 <20120824110153.GA23569@port70.net>
 <503771F3.2040204@gmail.com>
 <20120824145938.GA7705@port70.net>
Reply-To: musl@lists.openwall.com
NNTP-Posting-Host: plane.gmane.org
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Trace: ger.gmane.org 1345830615 15879 80.91.229.3 (24 Aug 2012 17:50:15 GMT)
X-Complaints-To: usenet@ger.gmane.org
NNTP-Posting-Date: Fri, 24 Aug 2012 17:50:15 +0000 (UTC)
To: musl@lists.openwall.com
Original-X-From: musl-return-1739-gllmg-musl=m.gmane.org@lists.openwall.com Fri Aug 24 19:50:16 2012
Return-path: <musl-return-1739-gllmg-musl=m.gmane.org@lists.openwall.com>
Envelope-to: gllmg-musl@plane.gmane.org
Original-Received: from mother.openwall.net ([195.42.179.200])
	by plane.gmane.org with smtp (Exim 4.69)
	(envelope-from <musl-return-1739-gllmg-musl=m.gmane.org@lists.openwall.com>)
	id 1T4y1O-0004ue-SV
	for gllmg-musl@plane.gmane.org; Fri, 24 Aug 2012 19:50:15 +0200
Original-Received: (qmail 3119 invoked by uid 550); 24 Aug 2012 17:50:13 -0000
Mailing-List: contact musl-help@lists.openwall.com; run by ezmlm
Precedence: bulk
List-Post: <mailto:musl@lists.openwall.com>
List-Help: <mailto:musl-help@lists.openwall.com>
List-Unsubscribe: <mailto:musl-unsubscribe@lists.openwall.com>
List-Subscribe: <mailto:musl-subscribe@lists.openwall.com>
Original-Received: (qmail 3111 invoked from network); 24 Aug 2012 17:50:12 -0000
Content-Disposition: inline
In-Reply-To: <20120824145938.GA7705@port70.net>
User-Agent: Mutt/1.5.21 (2010-09-15)
Xref: news.gmane.org gmane.linux.lib.musl.general:1738
Archived-At: <http://permalink.gmane.org/gmane.linux.lib.musl.general/1738>

On Fri, Aug 24, 2012 at 04:59:39PM +0200, Szabolcs Nagy wrote:
> * agent <agentprog@gmail.com> [2012-08-24 18:22:11 +0600]:
> > p with negative subscript and tried the following:
> > 
> > void *f1() {
> > char *p;
> > int i;
> > 
> > p = malloc(100);
> > if (p[-1])
> > p[0] = 0;
> > 
> > return p;
> > }
> > 
> > and that's i we get:
> > 
> > f1: # @f1
> > # BB#0: # %if.end
> > subl $12, %esp
> > movl $100, (%esp)
> > calll malloc
> > movb $0, (%eax)
> > addl $12, %esp
> > ret
> > 
> > but if we have if (p && p[-1]) -- 'if' is not optimized out.
> 
> now that seems wrong (if it was compiled with -ffreestanding)
> 
> 'if (p[-1])' is dropped even though malloc can put there anything
> 
> this should be reported to the clang list

Yes. To clarify, the issue is not that clang is assuming the object
obtained by malloc has indeterminate value. The issue is that clang is
assuming the pointer malloc returns points to an object of size N
beginning at the returned address, and thus that the [-1] index is
invalid pointer arithmetic. This is a malloc-specific assumption and
wrong for freestanding mode where malloc is just an ordinary function
(which is allowed to return a pointer into the middle of an array,
which is what it's doing).

Rich