Update.

2000-07-29  Greg McGary  <greg@mcgary.org>

	* Rules (test-bp-inputs, make-test-out): New variables.
	($(objpfx)%-bp.out): New rule.
	($(objpfx)%.out): Rewrite in terms of new variables.

	* libio/iovswscanf.c (vswscanf): Pass _IO_FILE_plus pointer to
	internal function that uses vtable.
	* libio/vsnprintf.c (_IO_vsnprintf): Likewise.
	* libio/vswprintf.c (_IO_vswprintf): Likewise.

	* malloc/malloc.c (mem2chunk): Define in terms of chunk_at_offset.
	(malloc_extend_top): Convert brk to chunk using chunk_at_offset.
	(chunk_align): Likewise.

	* time/asctime.c (ab_day_name, ab_month_name): Rewrite expression
	in a way that conforms to decl, and avoids spurious bounds violation.

	* sysdeps/arm/frame.h (struct layout): Make pointers __unbounded.
	* sysdeps/generic/frame.h: Likewise.
	* sysdeps/generic/backtrace.c (ADVANCE_STACK_FRAME): Wrap bounds
	around return value.
	(__backtrace): Qualify frame-pointer chain and return address
	pointers as __unbounded.  Wrap bounds around variable `current'.
	* sysdeps/generic/segfault.c (ADVANCE_STACK_FRAME): Wrap bounds
	around return value.
	(catch_segfault): Qualify frame-pointer chain and return address
	pointers as __unbounded.  Wrap bounds around variable `current'.
	* sysdeps/i386/backtrace.c (struct layout): Make pointers __unbounded.
	(ADVANCE_STACK_FRAME): Wrap bounds around return value.
	* sysdeps/powerpc/backtrace.c (struct layout): Make pointers __unbounded.
	(__backtrace): Qualify frame-pointer chain and return address
	pointers as __unbounded.  Wrap bounds around variable `current'.

	* sysdeps/i386/addmul_1.S: s2_limb is scalar so remove bounds check.
	* sysdeps/i386/mul_1.S: Likewise.
	* sysdeps/i386/submul_1.S: Likewise.
	* sysdeps/i386/i586/addmul_1.S: Likewise.
	* sysdeps/i386/i586/mul_1.S: Add bounds checks.
	* sysdeps/i386/i586/submul_1.S: Likewise.

ChangeLog

@@ -1,3 +1,44 @@
+2000-07-29  Greg McGary  <greg@mcgary.org>
+
+	* Rules (test-bp-inputs, make-test-out): New variables.
+	($(objpfx)%-bp.out): New rule.
+	($(objpfx)%.out): Rewrite in terms of new variables.
+
+	* libio/iovswscanf.c (vswscanf): Pass _IO_FILE_plus pointer to
+	internal function that uses vtable.
+	* libio/vsnprintf.c (_IO_vsnprintf): Likewise.
+	* libio/vswprintf.c (_IO_vswprintf): Likewise.
+
+	* malloc/malloc.c (mem2chunk): Define in terms of chunk_at_offset.
+	(malloc_extend_top): Convert brk to chunk using chunk_at_offset.
+	(chunk_align): Likewise.
+
+	* time/asctime.c (ab_day_name, ab_month_name): Rewrite expression
+	in a way that conforms to decl, and avoids spurious bounds violation.
+
+	* sysdeps/arm/frame.h (struct layout): Make pointers __unbounded.
+	* sysdeps/generic/frame.h: Likewise.
+	* sysdeps/generic/backtrace.c (ADVANCE_STACK_FRAME): Wrap bounds
+	around return value.
+	(__backtrace): Qualify frame-pointer chain and return address
+	pointers as __unbounded.  Wrap bounds around variable `current'.
+	* sysdeps/generic/segfault.c (ADVANCE_STACK_FRAME): Wrap bounds
+	around return value.
+	(catch_segfault): Qualify frame-pointer chain and return address
+	pointers as __unbounded.  Wrap bounds around variable `current'.
+	* sysdeps/i386/backtrace.c (struct layout): Make pointers __unbounded.
+	(ADVANCE_STACK_FRAME): Wrap bounds around return value.
+	* sysdeps/powerpc/backtrace.c (struct layout): Make pointers __unbounded.
+	(__backtrace): Qualify frame-pointer chain and return address
+	pointers as __unbounded.  Wrap bounds around variable `current'.
+
+	* sysdeps/i386/addmul_1.S: s2_limb is scalar so remove bounds check.
+	* sysdeps/i386/mul_1.S: Likewise.
+	* sysdeps/i386/submul_1.S: Likewise.
+	* sysdeps/i386/i586/addmul_1.S: Likewise.
+	* sysdeps/i386/i586/mul_1.S: Add bounds checks.
+	* sysdeps/i386/i586/submul_1.S: Likewise.
+
 2000-07-27  Andreas Jaeger  <aj@suse.de>
 
 	* libio/Depend: New file, libio needs localedata for tests.

Rules

@@ -129,12 +129,16 @@ endif
 ifneq "$(strip $(tests) $(test-srcs))" ""
 # These are the implicit rules for making test outputs
 # from the test programs and whatever input files are present.
+
+make-test-out = GCONV_PATH=$(common-objpfx)iconvdata LC_ALL=C \
+		$($*-ENV) $(built-program-cmd) $($*-ARGS)
+$(objpfx)%-bp.out: %.input $(objpfx)%-bp
+	$(make-test-out) > $@ < $(word 1,$^)
 $(objpfx)%.out: %.input $(objpfx)%
-	GCONV_PATH=$(common-objpfx)iconvdata LC_ALL=C \
-	  $($*-ENV) $(built-program-cmd) $($*-ARGS) < $(word 1,$^) > $@
+	$(make-test-out) > $@ < $(word 1,$^)
 $(objpfx)%.out: /dev/null $(objpfx)%	# Make it 2nd arg for canned sequence.
-	GCONV_PATH=$(common-objpfx)iconvdata LC_ALL=C \
-	  $($*-ENV) $(built-program-cmd) $($*-ARGS) > $@
+	$(make-test-out) > $@
+
 endif	# tests
 
 .PHONY: distclean realclean subdir_distclean subdir_realclean \

libio/iovswscanf.c

@@ -1,4 +1,4 @@
-/* Copyright (C) 1993, 1997, 1998, 1999 Free Software Foundation, Inc.
+/* Copyright (C) 1993, 1997, 1998, 1999, 2000 Free Software Foundation, Inc.
    This file is part of the GNU IO Library.
 
    This library is free software; you can redistribute it and/or
@@ -43,6 +43,6 @@ vswscanf (string, format, args)
   _IO_no_init (&sf._sbf._f, 0, 0, &wd, &_IO_wstr_jumps);
   _IO_fwide (&sf._sbf._f, 1);
   _IO_wstr_init_static (&sf._sbf._f, (wchar_t *)string, 0, NULL);
-  ret = _IO_vfwscanf (&sf._sbf._f, format, args, NULL);
+  ret = _IO_vfwscanf ((_IO_FILE *) &sf._sbf, format, args, NULL);
   return ret;
 }

libio/vsnprintf.c

@@ -126,7 +126,7 @@ _IO_vsnprintf (string, maxlen, format, args)
   _IO_JUMPS ((struct _IO_FILE_plus *) &sf.f._sbf) = &_IO_strn_jumps;
   string[0] = '\0';
   _IO_str_init_static (&sf.f, string, maxlen - 1, string);
-  ret = _IO_vfprintf (&sf.f._sbf._f, format, args);
+  ret = _IO_vfprintf ((_IO_FILE *) &sf.f._sbf, format, args);
 
   if (sf.f._sbf._f._IO_buf_base != sf.overflow_buf)
     *sf.f._sbf._f._IO_write_ptr = '\0';

libio/vswprintf.c

@@ -1,4 +1,4 @@
-/* Copyright (C) 1994, 1997, 1999 Free Software Foundation, Inc.
+/* Copyright (C) 1994, 1997, 1999, 2000 Free Software Foundation, Inc.
    This file is part of the GNU IO Library.
 
    This library is free software; you can redistribute it and/or
@@ -130,7 +130,7 @@ _IO_vswprintf (string, maxlen, format, args)
   _IO_fwide (&sf.f._sbf._f, 1);
   string[0] = L'\0';
   _IO_wstr_init_static (&sf.f._sbf._f, string, maxlen - 1, string);
-  ret = _IO_vfwprintf (&sf.f._sbf._f, format, args);
+  ret = _IO_vfwprintf ((_IO_FILE *) &sf.f._sbf, format, args);
 
   if (sf.f._sbf._f._wide_data->_IO_buf_base != sf.overflow_buf)
     *sf.f._sbf._f._wide_data->_IO_write_ptr = '\0';

malloc/malloc.c

@@ -1292,7 +1292,7 @@ static void      free_atfork();
 /* conversion from malloc headers to user pointers, and back */
 
 #define chunk2mem(p) ((Void_t*)((char*)(p) + 2*SIZE_SZ))
-#define mem2chunk(mem) BOUNDED_1((mchunkptr)((char*)(mem) - 2*SIZE_SZ))
+#define mem2chunk(mem) chunk_at_offset((mem), -2*SIZE_SZ)
 
 /* pad request bytes into a usable size, return non-zero on overflow */
 
@@ -2513,7 +2513,7 @@ malloc_extend_top(ar_ptr, nb) arena *ar_ptr; INTERNAL_SIZE_T nb;
 
       sbrked_mem += correction;
 
-      top(&main_arena) = (mchunkptr)brk;
+      top(&main_arena) = chunk_at_offset(brk, 0);
       top_size = new_brk - brk + correction;
       set_head(top(&main_arena), top_size | PREV_INUSE);
 
@@ -3574,7 +3574,7 @@ arena* ar_ptr; INTERNAL_SIZE_T nb; size_t alignment;
     brk = (char*)mem2chunk(((m + alignment - 1)) & -(long)alignment);
     if ((long)(brk - (char*)(p)) < (long)MINSIZE) brk += alignment;
 
-    newp = (mchunkptr)brk;
+    newp = chunk_at_offset(brk, 0);
     leadsize = brk - (char*)(p);
     newsize = chunksize(p) - leadsize;
 

sysdeps/arm/frame.h

@@ -20,7 +20,7 @@
 /* This is the APCS stack backtrace structure.  */
 struct layout
 {
-  struct layout *next;
-  void *sp;
-  void *return_address;
+  struct layout *__unbounded next;
+  void *__unbounded sp;
+  void *__unbounded return_address;
 };

sysdeps/generic/backtrace.c

@@ -1,5 +1,5 @@
 /* Return backtrace of current program state.  Generic version.
-   Copyright (C) 1998 Free Software Foundation, Inc.
+   Copyright (C) 1998, 2000 Free Software Foundation, Inc.
    This file is part of the GNU C Library.
    Contributed by Ulrich Drepper <drepper@cygnus.com>, 1998.
 
@@ -22,6 +22,7 @@
 #include <signal.h>
 #include <frame.h>
 #include <sigcontextinfo.h>
+#include <bp-checks.h>
 
 /* This is a global variable set at program start time.  It marks the
    highest used stack address.  */
@@ -54,7 +55,7 @@ extern void *__libc_stack_end;
 /* By default assume the `next' pointer in struct layout points to the
    next struct layout.  */
 #ifndef ADVANCE_STACK_FRAME
-# define ADVANCE_STACK_FRAME(next) ((struct layout *) (next))
+# define ADVANCE_STACK_FRAME(next) BOUNDED_1 ((struct layout *) (next))
 #endif
 
 int
@@ -63,15 +64,15 @@ __backtrace (array, size)
      int size;
 {
   struct layout *current;
-  void *top_frame;
-  void *top_stack;
+  void *__unbounded top_frame;
+  void *__unbounded top_stack;
   int cnt = 0;
 
   top_frame = __builtin_frame_address (0);
   top_stack = CURRENT_STACK_FRAME;
 
   /* We skip the call to this function, it makes no sense to record it.  */
-  current = (struct layout *) top_frame;
+  current = BOUNDED_1 ((struct layout *) top_frame);
   while (cnt < size)
     {
       if ((void *) current INNER_THAN top_stack

sysdeps/generic/frame.h

@@ -19,6 +19,6 @@
 
 struct layout
 {
-  void *next;
-  void *return_address;
+  void *__unbounded next;
+  void *__unbounded return_address;
 };

sysdeps/generic/segfault.c

@@ -1,5 +1,5 @@
 /* Catch segmentation faults and print backtrace.
-   Copyright (C) 1998, 1999 Free Software Foundation, Inc.
+   Copyright (C) 1998, 1999, 2000 Free Software Foundation, Inc.
    This file is part of the GNU C Library.
    Contributed by Ulrich Drepper <drepper@cygnus.com>, 1998.
 
@@ -28,6 +28,8 @@
 #include <unistd.h>
 #include <stdio-common/_itoa.h>
 
+#include <bp-checks.h>
+
 /* Get the definition of "struct layout".  */
 #include <frame.h>
 
@@ -69,7 +71,7 @@ extern void *__libc_stack_end;
 /* By default assume the `next' pointer in struct layout points to the
    next struct layout.  */
 #ifndef ADVANCE_STACK_FRAME
-# define ADVANCE_STACK_FRAME(next) ((struct layout *) (next))
+# define ADVANCE_STACK_FRAME(next) BOUNDED_1 ((struct layout *) (next))
 #endif
 
 /* We'll use tis a lot.  */
@@ -103,8 +105,8 @@ static void
 catch_segfault (int signal, SIGCONTEXT ctx)
 {
   struct layout *current;
-  void *top_frame;
-  void *top_stack;
+  void *__unbounded top_frame;
+  void *__unbounded top_stack;
   int fd;
   void **arr;
   size_t cnt;
@@ -135,7 +137,7 @@ catch_segfault (int signal, SIGCONTEXT ctx)
 
   /* First count how many entries we'll have.  */
   cnt = 1;
-  current = (struct layout *) top_frame;
+  current = BOUNDED_1 ((struct layout *) top_frame);
   while (!((void *) current INNER_THAN top_stack
 	   || !((void *) current INNER_THAN __libc_stack_end)))
     {
@@ -149,7 +151,7 @@ catch_segfault (int signal, SIGCONTEXT ctx)
   /* First handle the program counter from the structure.  */
   arr[0] = GET_PC (ctx);
 
-  current = (struct layout *) top_frame;
+  current = BOUNDED_1 ((struct layout *) top_frame);
   cnt = 1;
   while (!((void *) current INNER_THAN top_stack
 	   || !((void *) current INNER_THAN __libc_stack_end)))

sysdeps/i386/backtrace.c

@@ -1,5 +1,5 @@
 /* Return backtrace of current program state.
-   Copyright (C) 1998 Free Software Foundation, Inc.
+   Copyright (C) 1998, 2000 Free Software Foundation, Inc.
    This file is part of the GNU C Library.
    Contributed by Ulrich Drepper <drepper@cygnus.com>, 1998.
 
@@ -19,6 +19,7 @@
    Boston, MA 02111-1307, USA.  */
 
 #include <execinfo.h>
+#include <bp-checks.h>
 
 
 /* This is a global variable set at program start time.  It marks the
@@ -36,8 +37,8 @@ extern void *__libc_stack_end;
 */
 struct layout
 {
-  struct layout *next;
-  void *return_address;
+  struct layout *__unbounded next;
+  void *__unbounded return_address;
 };
 
 int
@@ -52,7 +53,7 @@ __backtrace (array, size)
   int cnt = 0;
 
   /* We skip the call to this function, it makes no sense to record it.  */
-  current = (struct layout *) ebp;
+  current = BOUNDED_1 ((struct layout *) ebp);
   while (cnt < size)
     {
       if ((void *) current < esp || (void *) current > __libc_stack_end)

sysdeps/powerpc/backtrace.c

@@ -1,5 +1,5 @@
 /* Return backtrace of current program state.
-   Copyright (C) 1998 Free Software Foundation, Inc.
+   Copyright (C) 1998, 2000 Free Software Foundation, Inc.
    This file is part of the GNU C Library.
 
    The GNU C Library is free software; you can redistribute it and/or
@@ -19,6 +19,7 @@
 
 #include <execinfo.h>
 #include <stddef.h>
+#include <bp-checks.h>
 
 /* This is the stack layout we see with every stack frame.
    Note that every routine is required by the ABI to lay out the stack
@@ -32,8 +33,8 @@
 */
 struct layout
 {
-  struct layout *next;
-  void *return_address;
+  struct layout *__unbounded next;
+  void *__unbounded return_address;
 };
 
 int
@@ -47,10 +48,11 @@ __backtrace (void **array, int size)
 
   /* Get the address on top-of-stack.  */
   asm volatile ("lwz %0,0(1)" : "=r"(current));
+  current = BOUNDED_1 (current);
 
   for (				count = 0;
        current != NULL && 	count < size;
-       current = current->next, count++)
+       current = BOUNDED_1 (current->next), count++)
     array[count] = current->return_address;
 
   /* It's possible the second-last stack frame can't return

time/asctime.c

@@ -1,4 +1,4 @@
-/* Copyright (C) 1991, 1993, 1995, 1996, 1997 Free Software Foundation, Inc.
+/* Copyright (C) 1991, 1993, 1995, 1996, 1997, 2000 Free Software Foundation, Inc.
    This file is part of the GNU C Library.
 
    The GNU C Library is free software; you can redistribute it and/or
@@ -23,8 +23,8 @@
 
 /* This is defined in locale/C-time.c in the GNU libc.  */
 extern const struct locale_data _nl_C_LC_TIME;
-#define ab_day_name (&_nl_C_LC_TIME.values[_NL_ITEM_INDEX (ABDAY_1)].string)
-#define ab_month_name (&_nl_C_LC_TIME.values[_NL_ITEM_INDEX (ABMON_1)].string)
+#define ab_day_name(DAY) (_nl_C_LC_TIME.values[_NL_ITEM_INDEX (ABDAY_1)+(DAY)].string)
+#define ab_month_name(MON) (_nl_C_LC_TIME.values[_NL_ITEM_INDEX (ABMON_1)+(MON)].string)
 
 static const char format[] = "%.3s %.3s%3d %.2d:%.2d:%.2d %d\n";
 static char result[	         3+1+ 3+1+20+1+20+1+20+1+20+1+20+1 + 1];
@@ -49,9 +49,9 @@ __asctime_r (const struct tm *tp, char *buf)
 
   if (sprintf (buf, format,
 	       (tp->tm_wday < 0 || tp->tm_wday >= 7 ?
-		"???" : ab_day_name[tp->tm_wday]),
+		"???" : ab_day_name (tp->tm_wday)),
 	       (tp->tm_mon < 0 || tp->tm_mon >= 12 ?
-		"???" : ab_month_name[tp->tm_mon]),
+		"???" : ab_month_name (tp->tm_mon)),
 	       tp->tm_mday, tp->tm_hour, tp->tm_min,
 	       tp->tm_sec, 1900 + tp->tm_year) < 0)
     return NULL;