[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [csmith-bugs] 2.0.0: read from and write to the same location within two sequence points

To: "'Pascal Cuoq'" <pascal.cuoq@gmail.com>, <csmith-bugs@flux.utah.edu>
Subject: Re: [csmith-bugs] 2.0.0: read from and write to the same location within two sequence points
From: "Xuejun Yang" <jxyang@cs.utah.edu>
Date: Wed, 18 May 2011 20:33:21 -0600
In-reply-to: <BANLkTin_ju9+XS2Rtzp6h9e6ZJsNR1OR_w@mail.gmail.com>
List-archive: </listarchives/csmith-bugs>
List-help: <mailto:csmith-bugs-request@flux.utah.edu?subject=help>
List-id: Csmith Bugs Mailing List <csmith-bugs.flux.utah.edu>
List-post: <mailto:csmith-bugs@flux.utah.edu>
List-subscribe: <http://www.flux.utah.edu/mailman/listinfo/csmith-bugs>, <mailto:csmith-bugs-request@flux.utah.edu?subject=subscribe>
List-unsubscribe: <http://www.flux.utah.edu/mailman/listinfo/csmith-bugs>, <mailto:csmith-bugs-request@flux.utah.edu?subject=unsubscribe>
References: <BANLkTin_ju9+XS2Rtzp6h9e6ZJsNR1OR_w@mail.gmail.com>
Thread-index: AcwVtTwwIfIC4VrcRoKWNP5SC7ZPcwAFgneg

In essence, line 61 is doing something like:

*p = func_10(g_2, g_2)

where p points to g_2 and func_10 modifies g_2.

I think the accesses to g_2 constitute no ambiguity: firstly function
parameters are evaluated before the function; secondly a function are
evaluated before its return value is used. In other words, the accesses to
g_2 follow the sequence:

read g_2
read g_2
sequence point
write g_2 (in func_10)
sequence point
write g_2 (through *p)

The first two reads can be re-arranged. But that doesn't introduce
ambiguity.

-Xuejun

> 
> Hello,
> 
> Csmith 2.0.0 generated the attached program.
> 
> If instrumented with a printf() statement before and after line 61, a
compilation
> on a 64-bit little-endian platform shows that line 61 is reached, and the
> functions called there all terminate.
> It only takes a cursory glance at func_10() to see that if it terminates,
it
> terminates having modified g_2.
> Therefore it seems to me that line 61 contains undefined behavior, as
> g_2 is accessed there multiple times for reading and for writing in
addition to
> the modification by func_10().

Follow-Ups:
- Re: [csmith-bugs] 2.0.0: read from and write to the same location within two sequence points
  - From: John Regehr <regehr@cs.utah.edu>
- Re: [csmith-bugs] 2.0.0: read from and write to the same location within two sequence points
  - From: Pascal Cuoq <pascal.cuoq@gmail.com>

References:
- [csmith-bugs] 2.0.0: read from and write to the same location within two sequence points
  - From: Pascal Cuoq <pascal.cuoq@gmail.com>

Prev by Date: [csmith-bugs] 2.0.0: read from and write to the same location within two sequence points
Next by Date: Re: [csmith-bugs] 2.0.0: read from and write to the same location within two sequence points
Previous by thread: [csmith-bugs] 2.0.0: read from and write to the same location within two sequence points
Next by thread: Re: [csmith-bugs] 2.0.0: read from and write to the same location within two sequence points
Index(es):
- Date
- Thread