Hi Antoine,
 
The Py_INIT_BOUNDS calls were used because MPX generated a very large number of error messages about pointer bounds violations at compile or run time, that made Python unusable. The approach was to analyze the errors and ignore checking if no obvious violation took place, in the hope to find the root cause.
 
The problem is that the errors can come from an actual bug or from a false positive that can be propagated throughout the code. While we could not find evidence of actual bugs, we found 2 examples of the latter, in listobject.c (line 1100, in the binarysort function) and dictobject.c (line 1797 in dict_keys function and line 1892 in dict_items).
 
The problem is caused by this coding pattern that is used in the two instances mentioned above: a pointer to an allocated memory zone is used to access a different allocated memory zone by adding the difference between their start addresses to that pointer. Although this newly formed address is valid, in the context of the pointer used for this operation it is outside its bounds so it’s signaled as a bounds violation.
 
p *----------------*                      q *-------------------------------*
   <-------------------------------------->
                     offset

p and q point to valid memory zones, being separated by an offset. If we do something like 
               new_pointer = q – offset; // which is actually equal to p
               value = *new_pointer;      // dereferencing will generate an MPX bounds violation, because
                                          // new_pointer will keep q’s original bounds
 
I will rewrite the code for these cases and provide the new patch as soon as I have it.

Regards,
Florin