
<html>

  <head>

    <meta content="text/html; charset=utf-8" http-equiv="Content-Type">

  </head>

  <body bgcolor="#FFFFFF" text="#000000">

    Hi everyone<br>

    <br>

    The issues mentioned by Manohar are fixed with the latest patch:<br>

<a class="moz-txt-link-freetext" href="https://github.com/LITMUS-RT/liblitmus/commit/cf1d1f6e4b1138a5a841a47a2cba4aacdcaf0d72">https://github.com/LITMUS-RT/liblitmus/commit/cf1d1f6e4b1138a5a841a47a2cba4aacdcaf0d72</a><br>

    <br>

    <i>liblitmus</i> should now be compiled without gcc's array-bounds

    warning.<br>

    <br>

    <br>

    Thanks<br>

    Mahir<br>

    <br>

    <div class="moz-cite-prefix">On 07/15/2016 12:47 PM, Manohar Vanga

      wrote:<br>

    </div>

    <blockquote

cite="mid:CAEktxaFkCippWcUWGYiU1OSEzUQbqPwMtLBFRVhg8v9u0f8yow@mail.gmail.com"

      type="cite">

      <div dir="ltr"><br>

        <div class="gmail_extra"><br>

          <div class="gmail_quote">On Fri, Jul 15, 2016 at 10:56 AM,

            Björn Brandenburg <span dir="ltr"><<a

                moz-do-not-send="true" href="mailto:bbb@mpi-sws.org"

                target="_blank"><a class="moz-txt-link-abbreviated" href="mailto:bbb@mpi-sws.org">bbb@mpi-sws.org</a></a>></span> wrote:<br>

            <blockquote class="gmail_quote" style="margin:0px 0px 0px

0.8ex;border-left-width:1px;border-left-style:solid;border-left-color:rgb(204,204,204);padding-left:1ex"><span><br>

                > On 15 Jul 2016, at 01:49, Roohollah <<a

                  moz-do-not-send="true"

                  href="mailto:roohollahamiri@u.boisestate.edu"

                  target="_blank"><a class="moz-txt-link-abbreviated" href="mailto:roohollahamiri@u.boisestate.edu">roohollahamiri@u.boisestate.edu</a></a>>

                wrote:<br>

                ><br>

                > I am trying to compile liblitmus, the latest

                version. But I am getting the following error:<br>

                ><br>

                > src/migration.c:83:27: error: array subscript is

                below array bounds [-Werror=array-bounds]<br>

                ><br>

                > I am using Fedora 24, gcc-6.1.1 . Is there any one

                know how to solve that problem?<br>

                <br>

                <br>

              </span>Looks like there’s an out-of-bounds access in

              Glenn’s domain parsing code.<br>

              <br>

                      <a moz-do-not-send="true"

href="https://github.com/LITMUS-RT/liblitmus/blob/master/src/migration.c#L83"

                rel="noreferrer" target="_blank">https://github.com/LITMUS-RT/liblitmus/blob/master/src/migration.c#L83</a><br>

              <br>

              However, Mahir recently patched that loop and changed one

              of the indices. Perhaps the patch was incomplete?<br>

              <br>

                      <a moz-do-not-send="true"

href="https://github.com/LITMUS-RT/liblitmus/commit/322eaadaa95b4f64f4102a9bc6aaa2237401ae41"

                rel="noreferrer" target="_blank">https://github.com/LITMUS-RT/liblitmus/commit/322eaadaa95b4f64f4102a9bc6aaa2237401ae41</a><br>

              <br>

              Mahir, can you please look into this?<br>

            </blockquote>

            <div><br>

            </div>

            <div>The change is incorrect. It should be 8 because the

              last chunk doesn't have a trailing comma. Consider the

              following example:</div>

            <div><br>

            </div>

            <div>buf="xxx,xxxxxxxx,xxxxxxxx"</div>

            <div>We want to parse it backwards starting with the last 8

              characters.</div>

            <div>At line 67, "chunk_str = buf + len - 8" gives the

              correct behavior (chunk_str = "xxxxxxxx").</div>

            <div>

              <div><span style="white-space:pre-wrap">"</span>chunk_str

                = buf + len - 9" ends up giving (chunk_str =

                ",xxxxxxxx").</div>

            </div>

            <div><br>

            </div>

            <div>On the other hand, the exit condition in the do-while

              loop is relying on out-of-bounds pointer arithmetic which

              is undefined in the C standard. I'm guessing the warning

              is something that was recently introduced in GCC.</div>

            <div><br>

            </div>

            <div>The loop can just be rewritten as follows to avoid the

              use of undefined behaviour (I leave the correct patching

              to Mahir). Hopefully this removes the issue:</div>

            <div><br>

            </div>

            <div>

              <div>    /* process LSB chunks first (at the end of the

                str) and move backward */</div>

              <div>    chunk_str = buf + len;</div>

              <div>    i = 0;</div>

              <div>    do</div>

              <div>    {</div>

              <div>        unsigned long chunk;</div>

              <div>        chunk_str -= 9;</div>

              <div>        if(chunk_str < buf)</div>

              <div>            chunk_str = buf; /* when MSB mask is less

                than 8 chars */</div>

              <div>        chunk = strtoul(chunk_str, NULL, 16);</div>

              <div>        while (chunk) {</div>

              <div>            int j = ffsl(chunk) - 1;</div>

              <div>            int x = i*32 + j;</div>

              <div>            CPU_SET_S(x, *sz, *set);</div>

              <div>            chunk &= ~(1ul << j);</div>

              <div>        }</div>

              <div>        i += 1;</div>

              <div>    } while(chunk_str > buf);</div>

            </div>

          </div>

          <div><br>

          </div>

          <div>(Please do review this carefully though.) Thanks!</div>

        </div>

      </div>

    </blockquote>

    <br>

  </body>

</html>