Message ID | Y1o+hfO6L6AGXcE4@tucnak |
---|---|
State | Unresolved |
Headers |
Return-Path: <gcc-patches-bounces+ouuuleilei=gmail.com@gcc.gnu.org> Delivered-To: ouuuleilei@gmail.com Received: by 2002:a5d:6687:0:0:0:0:0 with SMTP id l7csp99184wru; Thu, 27 Oct 2022 01:18:15 -0700 (PDT) X-Google-Smtp-Source: AMsMyM5RPg2BnD0cBwrMtnEmfjtRujdh2u4kC9VNeEeCUYBfHYrstNKgZSr/djmDH8hO9uGCupej X-Received: by 2002:a17:906:ef8c:b0:7a4:a4b4:9fcf with SMTP id ze12-20020a170906ef8c00b007a4a4b49fcfmr20890281ejb.727.1666858694907; Thu, 27 Oct 2022 01:18:14 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1666858694; cv=none; d=google.com; s=arc-20160816; b=H/3YqH6ZWUqQHqmZan9FO462vzfvxN0y7DcleycCJEScGgFnYplFctnsjb9Ns2uxIP xHS9525EqaPkuNDw6kUWFRv7hoxrnwZ8BWJnFOCsIqAn325YexBhpzAypBR/J8iT4Ott W1fu/jprmBsBs6rWJlS/zsY9vdlT4h4ktbsbZxWYwfoPLbJ5D+kK81EQLz2TCKJdP6zA +t2JV2EXNwBciPTYNolcM8je00QF7SrVWcsbn2kYJel888grftel6zRZUvKWb8TxI6/X bfnkuiXJQAcPR048lGKIefWUJITelAA8cKjkBki0YjCg1l6oe0yfO7QCu9/Eoe3fTJpr lUbA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:cc:reply-to:from:list-subscribe:list-help :list-post:list-archive:list-unsubscribe:list-id:precedence :content-disposition:mime-version:message-id:subject:to:date :dmarc-filter:delivered-to:dkim-signature:dkim-filter; bh=XVXuLXk03KbxNmqVYKDMCTQdgn321t9SjNck9b5y9I0=; b=YaAADsRZh50IoNIlt9aOgc1WpIWb3QIwvg2vnonRFMy9/uGF0mMJJ8JfK8IXhmV5TG ykIId6r+94Bck3l9f517lrn9v1xOj8zQQBQOA/UleIMo0xISzNjeRGYYeq+COXP4Jf6/ +PpilOt/Mw1P/FR0U+iDMAEvrcKzk8/5fpEjk/aIrBfKJ1FiojU4zAzrQxMHrO8oAAk0 SU3d+pzZNUyJdrkBpCu6I4jie0i3kgwQlkY0GfYYh6Ft3pji0InnZImoALad09Xx/oiy rX6Swvx/vHH2PS/HHHKanudalaICwWN7bd+q4Q0w9LsmmRRP1XXdMm82Z2pbcKulXzGr bmgA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gcc.gnu.org header.s=default header.b=W8KbzKiu; spf=pass (google.com: domain of gcc-patches-bounces+ouuuleilei=gmail.com@gcc.gnu.org designates 2620:52:3:1:0:246e:9693:128c as permitted sender) smtp.mailfrom="gcc-patches-bounces+ouuuleilei=gmail.com@gcc.gnu.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=gnu.org Received: from sourceware.org (server2.sourceware.org. [2620:52:3:1:0:246e:9693:128c]) by mx.google.com with ESMTPS id go43-20020a1709070dab00b00781599eb7dbsi968263ejc.573.2022.10.27.01.18.14 for <ouuuleilei@gmail.com> (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 27 Oct 2022 01:18:14 -0700 (PDT) Received-SPF: pass (google.com: domain of gcc-patches-bounces+ouuuleilei=gmail.com@gcc.gnu.org designates 2620:52:3:1:0:246e:9693:128c as permitted sender) client-ip=2620:52:3:1:0:246e:9693:128c; Authentication-Results: mx.google.com; dkim=pass header.i=@gcc.gnu.org header.s=default header.b=W8KbzKiu; spf=pass (google.com: domain of gcc-patches-bounces+ouuuleilei=gmail.com@gcc.gnu.org designates 2620:52:3:1:0:246e:9693:128c as permitted sender) smtp.mailfrom="gcc-patches-bounces+ouuuleilei=gmail.com@gcc.gnu.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=gnu.org Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id B5382382DE25 for <ouuuleilei@gmail.com>; Thu, 27 Oct 2022 08:18:13 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org B5382382DE25 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gcc.gnu.org; s=default; t=1666858693; bh=XVXuLXk03KbxNmqVYKDMCTQdgn321t9SjNck9b5y9I0=; h=Date:To:Subject:List-Id:List-Unsubscribe:List-Archive:List-Post: List-Help:List-Subscribe:From:Reply-To:Cc:From; b=W8KbzKiunu5knGH2T90lGHg27KTgxxK2IA0gFQu1LnwXAwo3tL6s3pvYTyNWkkPQ3 KG4pYYDU4EYhpLVs16KxgfPUyX+cTt2IOioLLQv32qUsAvnmd+QZvXNApDp9+heYA2 aB29V+t/nEJt10Vz01VGfDcBa0AEgqz+IgLQbfqc= X-Original-To: gcc-patches@gcc.gnu.org Delivered-To: gcc-patches@gcc.gnu.org Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by sourceware.org (Postfix) with ESMTPS id A33383857C7E for <gcc-patches@gcc.gnu.org>; Thu, 27 Oct 2022 08:17:18 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org A33383857C7E Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-644-6Jx-2UYrP8u4O2uRSB4isQ-1; Thu, 27 Oct 2022 04:17:14 -0400 X-MC-Unique: 6Jx-2UYrP8u4O2uRSB4isQ-1 Received: from smtp.corp.redhat.com (int-mx09.intmail.prod.int.rdu2.redhat.com [10.11.54.9]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 47BDC1C0896D; Thu, 27 Oct 2022 08:17:14 +0000 (UTC) Received: from tucnak.zalov.cz (unknown [10.39.193.252]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 003D44A9265; Thu, 27 Oct 2022 08:17:13 +0000 (UTC) Received: from tucnak.zalov.cz (localhost [127.0.0.1]) by tucnak.zalov.cz (8.17.1/8.17.1) with ESMTPS id 29R8HAn7271195 (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NOT); Thu, 27 Oct 2022 10:17:11 +0200 Received: (from jakub@localhost) by tucnak.zalov.cz (8.17.1/8.17.1/Submit) id 29R8H9sP271194; Thu, 27 Oct 2022 10:17:09 +0200 Date: Thu, 27 Oct 2022 10:17:09 +0200 To: Nathan Sidwell <nathan@acm.org>, Jason Merrill <jason@redhat.com> Subject: [PATCH] c++: Fix ICE on g++.dg/modules/adl-3_c.C [PR107379] Message-ID: <Y1o+hfO6L6AGXcE4@tucnak> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.9 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset=us-ascii Content-Disposition: inline X-Spam-Status: No, score=-4.2 required=5.0 tests=BAYES_00, DKIMWL_WL_HIGH, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H2, SPF_HELO_NONE, SPF_NONE, TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: gcc-patches@gcc.gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Gcc-patches mailing list <gcc-patches.gcc.gnu.org> List-Unsubscribe: <https://gcc.gnu.org/mailman/options/gcc-patches>, <mailto:gcc-patches-request@gcc.gnu.org?subject=unsubscribe> List-Archive: <https://gcc.gnu.org/pipermail/gcc-patches/> List-Post: <mailto:gcc-patches@gcc.gnu.org> List-Help: <mailto:gcc-patches-request@gcc.gnu.org?subject=help> List-Subscribe: <https://gcc.gnu.org/mailman/listinfo/gcc-patches>, <mailto:gcc-patches-request@gcc.gnu.org?subject=subscribe> From: Jakub Jelinek via Gcc-patches <gcc-patches@gcc.gnu.org> Reply-To: Jakub Jelinek <jakub@redhat.com> Cc: gcc-patches@gcc.gnu.org Errors-To: gcc-patches-bounces+ouuuleilei=gmail.com@gcc.gnu.org Sender: "Gcc-patches" <gcc-patches-bounces+ouuuleilei=gmail.com@gcc.gnu.org> X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1747828022980554039?= X-GMAIL-MSGID: =?utf-8?q?1747828022980554039?= |
Series |
c++: Fix ICE on g++.dg/modules/adl-3_c.C [PR107379]
|
|
Checks
Context | Check | Description |
---|---|---|
snail/gcc-patch-check | warning | Git am fail log |
Commit Message
Jakub Jelinek
Oct. 27, 2022, 8:17 a.m. UTC
Hi! As mentioned in the PR, apparently my r13-2887 P1467R9 changes regressed these tests on powerpc64le-linux with IEEE quad by default. I believe my changes just uncovered a latent bug. The problem is that push_namespace calls find_namespace_slot, which does: tree *slot = DECL_NAMESPACE_BINDINGS (ns) ->find_slot_with_hash (name, name ? IDENTIFIER_HASH_VALUE (name) : 0, create_p ? INSERT : NO_INSERT); In the <identifier_node 0x7fffe9f55ac0 details> ns case, slot is non-NULL above with a binding_vector in it. Then pushdecl is called and this does: slot = find_namespace_slot (ns, name, ns == current_namespace); where ns == current_namespace (ns is :: and name is details) is true. So this again calls tree *slot = DECL_NAMESPACE_BINDINGS (ns) ->find_slot_with_hash (name, name ? IDENTIFIER_HASH_VALUE (name) : 0, create_p ? INSERT : NO_INSERT); but this time with create_p and so INSERT. At this point we reach if (insert == INSERT && m_size * 3 <= m_n_elements * 4) expand (); and when we are unlucky and the occupancy of the hash table just reached 3/4, expand () is called and the hash table is reallocated. But when that happens, it means the slot pointer in the pushdecl caller (push_namespace) points to freed memory and so any accesses to it in make_namespace_finish will be UB. The following patch fixes it by calling find_namespace_slot again even if it was non-NULL, just doesn't assert it is *slot == ns in that case (because it often is not). Bootstrapped/regtested on x86_64-linux and i686-linux, ok for trunk? 2022-10-27 Jakub Jelinek <jakub@redhat.com> PR c++/107379 * name-lookup.cc (push_namespace): Call find_namespace_slot again after pushdecl as the hash table might be expanded during pushdecl. Jakub
Comments
On 10/27/22 04:17, Jakub Jelinek wrote: > Hi! > > As mentioned in the PR, apparently my r13-2887 P1467R9 changes > regressed these tests on powerpc64le-linux with IEEE quad by default. > > I believe my changes just uncovered a latent bug. > The problem is that push_namespace calls find_namespace_slot, > which does: > tree *slot = DECL_NAMESPACE_BINDINGS (ns) > ->find_slot_with_hash (name, name ? IDENTIFIER_HASH_VALUE (name) : 0, > create_p ? INSERT : NO_INSERT); > In the <identifier_node 0x7fffe9f55ac0 details> ns case, slot is non-NULL > above with a binding_vector in it. > Then pushdecl is called and this does: > slot = find_namespace_slot (ns, name, ns == current_namespace); > where ns == current_namespace (ns is :: and name is details) is true. > So this again calls > tree *slot = DECL_NAMESPACE_BINDINGS (ns) > ->find_slot_with_hash (name, name ? IDENTIFIER_HASH_VALUE (name) : 0, > create_p ? INSERT : NO_INSERT); > but this time with create_p and so INSERT. > At this point we reach > if (insert == INSERT && m_size * 3 <= m_n_elements * 4) > expand (); > and when we are unlucky and the occupancy of the hash table just reached 3/4, > expand () is called and the hash table is reallocated. But when that happens, > it means the slot pointer in the pushdecl caller (push_namespace) points to > freed memory and so any accesses to it in make_namespace_finish will be UB. that's unfortunate, oh well. > The following patch fixes it by calling find_namespace_slot again even if it > was non-NULL, just doesn't assert it is *slot == ns in that case (because > it often is not). > > Bootstrapped/regtested on x86_64-linux and i686-linux, ok for trunk? ok. thanks nathan
--- gcc/cp/name-lookup.cc.jj 2022-10-12 17:51:00.912944731 +0200 +++ gcc/cp/name-lookup.cc 2022-10-26 12:06:38.177590655 +0200 @@ -8596,6 +8596,13 @@ push_namespace (tree name, bool make_inl /* This should find the slot created by pushdecl. */ gcc_checking_assert (slot && *slot == ns); } + else + { + /* pushdecl could have expanded the hash table, so + slot might be invalid. */ + slot = find_namespace_slot (current_namespace, name); + gcc_checking_assert (slot); + } make_namespace_finish (ns, slot); /* Add the anon using-directive here, we don't do it in