From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gcc-bugs-return-472099-listarch-gcc-bugs=gcc.gnu.org@gcc.gnu.org>
Received: (qmail 31861 invoked by alias); 3 Jan 2015 08:20:01 -0000
Mailing-List: contact gcc-bugs-help@gcc.gnu.org; run by ezmlm
Precedence: bulk
List-Id: <gcc-bugs.gcc.gnu.org>
List-Archive: <http://gcc.gnu.org/ml/gcc-bugs/>
List-Post: <mailto:gcc-bugs@gcc.gnu.org>
List-Help: <mailto:gcc-bugs-help@gcc.gnu.org>
Sender: gcc-bugs-owner@gcc.gnu.org
Received: (qmail 31840 invoked by uid 48); 3 Jan 2015 08:19:56 -0000
From: "bernd.edlinger at hotmail dot de" <gcc-bugzilla@gcc.gnu.org>
To: gcc-bugs@gcc.gnu.org
Subject: [Bug ada/64478] Ada Exception handlers call signal-unsafe malloc/free
Date: Sat, 03 Jan 2015 08:20:00 -0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: gcc
X-Bugzilla-Component: ada
X-Bugzilla-Version: 5.0
X-Bugzilla-Keywords:
X-Bugzilla-Severity: normal
X-Bugzilla-Who: bernd.edlinger at hotmail dot de
X-Bugzilla-Status: UNCONFIRMED
X-Bugzilla-Priority: P3
X-Bugzilla-Assigned-To: unassigned at gcc dot gnu.org
X-Bugzilla-Target-Milestone: ---
X-Bugzilla-Flags:
X-Bugzilla-Changed-Fields: bug_status resolution
Message-ID: <bug-64478-4-U060jLWjUM@http.gcc.gnu.org/bugzilla/>
In-Reply-To: <bug-64478-4@http.gcc.gnu.org/bugzilla/>
References: <bug-64478-4@http.gcc.gnu.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit
X-Bugzilla-URL: http://gcc.gnu.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-SW-Source: 2015-01/txt/msg00093.txt.bz2

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=64478

Bernd Edlinger <bernd.edlinger at hotmail dot de> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|RESOLVED                    |UNCONFIRMED
         Resolution|INVALID                     |---

--- Comment #7 from Bernd Edlinger <bernd.edlinger at hotmail dot de> ---
(In reply to Andrew Pinski from comment #6)
> Actually here is what glibc says about malloc:
> Function: void * malloc (size_t size)
> Preliminary: | MT-Safe | AS-Unsafe lock | AC-Unsafe lock fd mem | See POSIX
> Safety Concepts.
> 
> But this is a non-Async-Signal here we are talking about so this is safe and
> a bug in tsan for not realizing that.

Well, in this example the signal is synchonous,
but I see the same problem also when the stack overflows.

Ada installs a separate signal handler stack. So it is supposed to handle
that signal and do something about it, for instance re-boot the system or
something really security relevant.

That will not happen if the stack overflows inside malloc.

For instance this test case:

ulimit -s 1000
./c380004

,.,. C380004 ACATS 2.5 15-01-03 09:13:13
---- C380004 Check evaluation of discriminant expressions when the
                constraint depends on a discriminant, and the
                discriminants have defaults -
                discriminant-dependententry families and protected
                components.
   - C380004 Discriminant-dependent entry families for task types.
   - C380004 Discriminant-dependent entry families for protected types.
==================
WARNING: ThreadSanitizer: signal-unsafe call inside of a signal (pid=19947)
    #0 malloc ../../../../gcc-trunk/libsanitizer/tsan/tsan_interceptors.cc:491
(libtsan.so.0+0x000000025c33)
    #1 __gnat_malloc /home/ed/gnu/gcc-build/gcc/ada/rts/s-memory.adb:92
(c380004+0x0000004330c0)
    #2 _ada_c380004 /home/ed/gnu/gcc-test/c380004.adb:341
(c380004+0x000000406700)
    #3 main /home/ed/gnu/gcc-test/b~c380004.adb:301 (c380004+0x0000004040be)

SUMMARY: ThreadSanitizer: signal-unsafe call inside of a signal
/home/ed/gnu/gcc-build/gcc/ada/rts/s-memory.adb:92 __gnat_malloc
==================
==================
WARNING: ThreadSanitizer: signal-unsafe call inside of a signal (pid=19947)
    #0 malloc ../../../../gcc-trunk/libsanitizer/tsan/tsan_interceptors.cc:491
(libtsan.so.0+0x000000025c33)
    #1 __gnat_malloc /home/ed/gnu/gcc-build/gcc/ada/rts/s-memory.adb:92
(c380004+0x0000004330c0)
    #2 _ada_c380004 /home/ed/gnu/gcc-test/c380004.adb:341
(c380004+0x000000406700)
    #3 main /home/ed/gnu/gcc-test/b~c380004.adb:301 (c380004+0x0000004040be)

SUMMARY: ThreadSanitizer: signal-unsafe call inside of a signal
/home/ed/gnu/gcc-build/gcc/ada/rts/s-memory.adb:92 __gnat_malloc
==================
   * C380004 Unexpected exception.
**** C380004 FAILED ****************************.
==================
WARNING: ThreadSanitizer: signal-unsafe call inside of a signal (pid=19947)
    #0 free ../../../../gcc-trunk/libsanitizer/tsan/tsan_interceptors.cc:538
(libtsan.so.0+0x000000025f29)
    #1 __gnat_free /home/ed/gnu/gcc-build/gcc/ada/rts/s-memory.adb:113
(c380004+0x000000433111)
    #2 _ada_c380004 /home/ed/gnu/gcc-test/c380004.adb:341
(c380004+0x000000406700)
    #3 main /home/ed/gnu/gcc-test/b~c380004.adb:301 (c380004+0x0000004040be)

SUMMARY: ThreadSanitizer: signal-unsafe call inside of a signal
/home/ed/gnu/gcc-build/gcc/ada/rts/s-memory.adb:113 __gnat_free
==================
ThreadSanitizer: reported 3 warnings


see: the signal handler calls malloc and free, and apparently
evenreturns and prints "* C380004 Unexpected exception."