| Re: [hatari-devel] regression in debugger / disasm ? -> tricky out of limit memory access |
[ Thread Index |
Date Index
| More lists.tuxfamily.org/hatari-devel Archives
]
Hi,
On keskiviikko 25 joulukuu 2013, Nicolas Pomarède wrote:
> After a lot of printf to try to follow the instruction flow, I saw these
> lines around 2420 :
>
> // does another operand follow => add separator
> if(ots->op[i+1] != ofNone)
> *dbuf++ = ',';
>
> The problem is that when i=4, we test op[5], which is outside of the
> limit. In that case, a ',' is added to dbuf ; but dbuf is very large, we
> should not overwrite anything, so I don't see why it alter the
> processing of the for loop... (certainly the way gcc handles the stack
> for local variable or sthg like that)
>
> Still, by doing :
>
> if ( (i+1<5) && ( ots->op[i+1] != ofNone) )
> *dbuf++ = ',';
>
> Then everything works again as before ; so I will commit a patch to this
> later.
Accessing arrays outside of bounds is invalid C.
Compiler is free to do whatever it wants for code that
can do such things.
http://en.wikipedia.org/wiki/Undefined_behavior
http://blog.llvm.org/2011/05/what-every-c-programmer-should-know.html
> In the meantime, if someones wants to try with mudflap or similar tools
> to see if an access error is reported with proper debugging flags, it
> could be interesting to see (is this error really detected by mudflap or
> others ?)
- Eero