public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed
From: "manu at gcc dot gnu.org" <gcc-bugzilla@gcc.gnu.org>
To: gcc-bugs@gcc.gnu.org
Subject: [Bug c/67580] Improve error message on missing "struct" tag
Date: Tue, 15 Sep 2015 00:17:00 -0000 [thread overview]
Message-ID: <bug-67580-4-YJHK6GgLqn@http.gcc.gnu.org/bugzilla/> (raw)
In-Reply-To: <bug-67580-4@http.gcc.gnu.org/bugzilla/>
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #1: Type: text/plain; charset="UTF-8", Size: 12564 bytes --]
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=67580
Manuel López-Ibáñez <manu at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Keywords| |diagnostic
Status|UNCONFIRMED |NEW
Last reconfirmed| |2015-09-15
CC| |manu at gcc dot gnu.org
Ever confirmed|0 |1
--- Comment #1 from Manuel López-Ibáñez <manu at gcc dot gnu.org> ---
Perhaps after failing to find type 'S' and before giving the error, it could
try to find 'struct S' and 'union S' (perhaps even enum S) using lookup_tag()
in c-decl.c.
>From gcc-bugs-return-497217-listarch-gcc-bugs=gcc.gnu.org@gcc.gnu.org Tue Sep 15 05:07:35 2015
Return-Path: <gcc-bugs-return-497217-listarch-gcc-bugs=gcc.gnu.org@gcc.gnu.org>
Delivered-To: listarch-gcc-bugs@gcc.gnu.org
Received: (qmail 73759 invoked by alias); 15 Sep 2015 05:07:34 -0000
Mailing-List: contact gcc-bugs-help@gcc.gnu.org; run by ezmlm
Precedence: bulk
List-Id: <gcc-bugs.gcc.gnu.org>
List-Archive: <http://gcc.gnu.org/ml/gcc-bugs/>
List-Post: <mailto:gcc-bugs@gcc.gnu.org>
List-Help: <mailto:gcc-bugs-help@gcc.gnu.org>
Sender: gcc-bugs-owner@gcc.gnu.org
Delivered-To: mailing list gcc-bugs@gcc.gnu.org
Received: (qmail 71443 invoked by uid 48); 15 Sep 2015 05:07:27 -0000
From: "zeccav at gmail dot com" <gcc-bugzilla@gcc.gnu.org>
To: gcc-bugs@gcc.gnu.org
Subject: [Bug target/67484] options-save.c sanitizer asan detects freed storage referenced heap-use-after-free
Date: Tue, 15 Sep 2015 05:07:00 -0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: gcc
X-Bugzilla-Component: target
X-Bugzilla-Version: 6.0
X-Bugzilla-Keywords:
X-Bugzilla-Severity: normal
X-Bugzilla-Who: zeccav at gmail dot com
X-Bugzilla-Status: UNCONFIRMED
X-Bugzilla-Resolution:
X-Bugzilla-Priority: P3
X-Bugzilla-Assigned-To: unassigned at gcc dot gnu.org
X-Bugzilla-Target-Milestone: ---
X-Bugzilla-Flags:
X-Bugzilla-Changed-Fields: version
Message-ID: <bug-67484-4-vMY5d8riI1@http.gcc.gnu.org/bugzilla/>
In-Reply-To: <bug-67484-4@http.gcc.gnu.org/bugzilla/>
References: <bug-67484-4@http.gcc.gnu.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit
X-Bugzilla-URL: http://gcc.gnu.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-SW-Source: 2015-09/txt/msg01195.txt.bz2
Content-length: 9763
https://gcc.gnu.org/bugzilla/show_bug.cgi?idg484
Vittorio Zecca <zeccav at gmail dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Version|5.2.0 |6.0
--- Comment #1 from Vittorio Zecca <zeccav at gmail dot com> ---
Same bug on the trunk.
The following is the sanitizer output:
~/1tb/vitti/local/gcc-trunk-sanitized/bin/g++ -S gccerr26.C
=================================================================%114==ERROR: AddressSanitizer: heap-use-after-free on address 0x602000005850
at pc 0x2b7d193c94a5 bp 0x7ffe44d41860 sp 0x7ffe44d41010
READ of size 1 at 0x602000005850 thread T0
#0 0x2b7d193c94a4 in __interceptor_strcmp
../../../../gcc-5.2.0/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:178
#1 0x170f87f in cl_target_option_eq(cl_target_option const*,
cl_target_option const*) /home/vitti/test/gcc-sanitized/gcc/options-save.c:3491
#2 0x202ee44 in cl_option_hasher::equal(tree_node*, tree_node*)
../../gcc/gcc/tree.c:11866
#3 0x204559b in hash_table<cl_option_hasher,
xcallocator>::find_slot_with_hash(tree_node* const&, unsigned int,
insert_option) ../../gcc/gcc/hash-table.h:838
#4 0x2042095 in hash_table<cl_option_hasher,
xcallocator>::find_slot(tree_node* const&, insert_option)
../../gcc/gcc/hash-table.h:408
#5 0x202efc4 in build_target_option_node(gcc_options*)
../../gcc/gcc/tree.c:11914
#6 0x21218b0 in ix86_valid_target_attribute_tree(tree_node*, gcc_options*,
gcc_options*) ../../gcc/gcc/config/i386/i386.c:5110
#7 0x21af79c in get_builtin_code_for_version
../../gcc/gcc/config/i386/i386.c:34678
#8 0x21b00b2 in ix86_compare_version_priority
../../gcc/gcc/config/i386/i386.c:34846
#9 0x780078 in joust ../../gcc/gcc/cp/call.c:9234
#10 0x781a8e in tourney ../../gcc/gcc/cp/call.c:9361
#11 0x7544bf in perform_overload_resolution ../../gcc/gcc/cp/call.c:4016
#12 0x754942 in build_new_function_call(tree_node*, vec<tree_node*, va_gc,
vl_embed>**, bool, int) ../../gcc/gcc/cp/call.c:4089
#13 0xb66c40 in finish_call_expr(tree_node*, vec<tree_node*, va_gc,
vl_embed>**, bool, bool, int) ../../gcc/gcc/cp/semantics.c:2391
#14 0xa0b32a in cp_parser_postfix_expression ../../gcc/gcc/cp/parser.c:6422
#15 0xa0fec8 in cp_parser_unary_expression ../../gcc/gcc/cp/parser.c:7486
#16 0xa11a49 in cp_parser_cast_expression ../../gcc/gcc/cp/parser.c:8122
#17 0xa11bb4 in cp_parser_binary_expression ../../gcc/gcc/cp/parser.c:8223
#18 0xa13696 in cp_parser_assignment_expression
../../gcc/gcc/cp/parser.c:8481
#19 0xa14197 in cp_parser_constant_expression
../../gcc/gcc/cp/parser.c:8727
#20 0xa42158 in cp_parser_initializer_clause
../../gcc/gcc/cp/parser.c:19925
#21 0xa41e9b in cp_parser_initializer ../../gcc/gcc/cp/parser.c:19866
#22 0xa3813e in cp_parser_init_declarator ../../gcc/gcc/cp/parser.c:17793
#23 0xa215bc in cp_parser_simple_declaration
../../gcc/gcc/cp/parser.c:11681
#24 0xa210aa in cp_parser_block_declaration ../../gcc/gcc/cp/parser.c:11555
#25 0xa208bb in cp_parser_declaration ../../gcc/gcc/cp/parser.c:11452
#26 0xa1fe63 in cp_parser_declaration_seq_opt
../../gcc/gcc/cp/parser.c:11334
#27 0xa0181d in cp_parser_translation_unit ../../gcc/gcc/cp/parser.c:4154
#28 0xa843f8 in c_parse_file() ../../gcc/gcc/cp/parser.c:34273
#29 0xdb2e46 in c_common_parse_file() ../../gcc/gcc/c-family/c-opts.c:1058
#30 0x19b8f12 in compile_file ../../gcc/gcc/toplev.c:544
#31 0x19bf8f0 in do_compile ../../gcc/gcc/toplev.c:2034
#32 0x19bff60 in toplev::main(int, char**) ../../gcc/gcc/toplev.c:2141
#33 0x2d332c0 in main ../../gcc/gcc/main.c:39
#34 0x390da1ffdf in __libc_start_main (/lib64/libc.so.6+0x390da1ffdf)
#35 0x737768
(/home/vitti/1tb/vitti/local/gcc-trunk-sanitized/libexec/gcc/x86_64-pc-linux-gnu/6.0.0/cc1plus+0x737768)
0x602000005850 is located 0 bytes inside of 6-byte region
[0x602000005850,0x602000005856)
freed by thread T0 here:
#0 0x2b7d194171dd in __interceptor_free
../../../../gcc-5.2.0/libsanitizer/asan/asan_malloc_linux.cc:28
#1 0x21219df in ix86_valid_target_attribute_tree(tree_node*, gcc_options*,
gcc_options*) ../../gcc/gcc/config/i386/i386.c:5118
#2 0x2121e77 in ix86_valid_target_attribute_p
../../gcc/gcc/config/i386/i386.c:5166
#3 0xd5e237 in handle_target_attribute
../../gcc/gcc/c-family/c-common.c:9777
#4 0xce2e48 in decl_attributes(tree_node**, tree_node*, int)
../../gcc/gcc/attribs.c:557
#5 0x9a5e3a in cplus_decl_attributes(tree_node**, tree_node*, int)
../../gcc/gcc/cp/decl2.c:1493
#6 0x7d65a7 in grokfndecl ../../gcc/gcc/cp/decl.c:8100
#7 0x7ea399 in grokdeclarator(cp_declarator const*, cp_decl_specifier_seq*,
decl_context, int, tree_node**) ../../gcc/gcc/cp/decl.c:11265
#8 0x7bcb26 in start_decl(cp_declarator const*, cp_decl_specifier_seq*,
int, tree_node*, tree_node*, tree_node**) ../../gcc/gcc/cp/decl.c:4740
#9 0xa37c1f in cp_parser_init_declarator ../../gcc/gcc/cp/parser.c:17717
#10 0xa215bc in cp_parser_simple_declaration
../../gcc/gcc/cp/parser.c:11681
#11 0xa210aa in cp_parser_block_declaration ../../gcc/gcc/cp/parser.c:11555
#12 0xa208bb in cp_parser_declaration ../../gcc/gcc/cp/parser.c:11452
#13 0xa1fe63 in cp_parser_declaration_seq_opt
../../gcc/gcc/cp/parser.c:11334
#14 0xa0181d in cp_parser_translation_unit ../../gcc/gcc/cp/parser.c:4154
#15 0xa843f8 in c_parse_file() ../../gcc/gcc/cp/parser.c:34273
#16 0xdb2e46 in c_common_parse_file() ../../gcc/gcc/c-family/c-opts.c:1058
#17 0x19b8f12 in compile_file ../../gcc/gcc/toplev.c:544
#18 0x19bf8f0 in do_compile ../../gcc/gcc/toplev.c:2034
#19 0x19bff60 in toplev::main(int, char**) ../../gcc/gcc/toplev.c:2141
#20 0x2d332c0 in main ../../gcc/gcc/main.c:39
#21 0x390da1ffdf in __libc_start_main (/lib64/libc.so.6+0x390da1ffdf)
previously allocated by thread T0 here:
#0 0x2b7d19417509 in __interceptor_malloc
../../../../gcc-5.2.0/libsanitizer/asan/asan_malloc_linux.cc:38
#1 0x2e6d27c in xmalloc ../../gcc/libiberty/xmalloc.c:147
#2 0x2e6d41f in xstrdup ../../gcc/libiberty/xstrdup.c:34
#3 0x2121028 in ix86_valid_target_attribute_inner_p
../../gcc/gcc/config/i386/i386.c:5017
#4 0x21206da in ix86_valid_target_attribute_inner_p
../../gcc/gcc/config/i386/i386.c:4909
#5 0x2121474 in ix86_valid_target_attribute_tree(tree_node*, gcc_options*,
gcc_options*) ../../gcc/gcc/config/i386/i386.c:5066
#6 0x2121e77 in ix86_valid_target_attribute_p
../../gcc/gcc/config/i386/i386.c:5166
#7 0xd5e237 in handle_target_attribute
../../gcc/gcc/c-family/c-common.c:9777
#8 0xce2e48 in decl_attributes(tree_node**, tree_node*, int)
../../gcc/gcc/attribs.c:557
#9 0x9a5e3a in cplus_decl_attributes(tree_node**, tree_node*, int)
../../gcc/gcc/cp/decl2.c:1493
#10 0x7d65a7 in grokfndecl ../../gcc/gcc/cp/decl.c:8100
#11 0x7ea399 in grokdeclarator(cp_declarator const*,
cp_decl_specifier_seq*, decl_context, int, tree_node**)
../../gcc/gcc/cp/decl.c:11265
#12 0x7bcb26 in start_decl(cp_declarator const*, cp_decl_specifier_seq*,
int, tree_node*, tree_node*, tree_node**) ../../gcc/gcc/cp/decl.c:4740
#13 0xa37c1f in cp_parser_init_declarator ../../gcc/gcc/cp/parser.c:17717
#14 0xa215bc in cp_parser_simple_declaration
../../gcc/gcc/cp/parser.c:11681
#15 0xa210aa in cp_parser_block_declaration ../../gcc/gcc/cp/parser.c:11555
#16 0xa208bb in cp_parser_declaration ../../gcc/gcc/cp/parser.c:11452
#17 0xa1fe63 in cp_parser_declaration_seq_opt
../../gcc/gcc/cp/parser.c:11334
#18 0xa0181d in cp_parser_translation_unit ../../gcc/gcc/cp/parser.c:4154
#19 0xa843f8 in c_parse_file() ../../gcc/gcc/cp/parser.c:34273
#20 0xdb2e46 in c_common_parse_file() ../../gcc/gcc/c-family/c-opts.c:1058
#21 0x19b8f12 in compile_file ../../gcc/gcc/toplev.c:544
#22 0x19bf8f0 in do_compile ../../gcc/gcc/toplev.c:2034
#23 0x19bff60 in toplev::main(int, char**) ../../gcc/gcc/toplev.c:2141
#24 0x2d332c0 in main ../../gcc/gcc/main.c:39
#25 0x390da1ffdf in __libc_start_main (/lib64/libc.so.6+0x390da1ffdf)
SUMMARY: AddressSanitizer: heap-use-after-free
../../../../gcc-5.2.0/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:178
__interceptor_strcmp
Shadow bytes around the buggy address:
0x0c047fff8ab0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c047fff8ac0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c047fff8ad0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c047fff8ae0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c047fff8af0: fa fa fa fa fa fa 06 fa fa fa fd fa fa fa fd fd
=>0x0c047fff8b00: fa fa fd fa fa fa fd fd fa fa[fd]fa fa fa fd fd
0x0c047fff8b10: fa fa fd fa fa fa fd fd fa fa fd fd fa fa 00 06
0x0c047fff8b20: fa fa 00 00 fa fa 00 01 fa fa 00 01 fa fa 00 01
0x0c047fff8b30: fa fa 00 01 fa fa 00 01 fa fa 00 01 fa fa 00 01
0x0c047fff8b40: fa fa 00 01 fa fa 00 fa fa fa 00 07 fa fa fd fd
0x0c047fff8b50: fa fa 00 07 fa fa 00 07 fa fa 00 04 fa fa fd fd
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Heap right redzone: fb
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack partial redzone: f4
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Container overflow: fc
Array cookie: ac
Intra object redzone: bb
ASan internal: fe
=%114=«ORTING
next prev parent reply other threads:[~2015-09-15 0:17 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-09-14 22:41 [Bug c/67580] New: " chengniansun at gmail dot com
2015-09-15 0:17 ` manu at gcc dot gnu.org [this message]
2015-09-15 17:19 ` [Bug c/67580] " mpolacek at gcc dot gnu.org
2015-09-15 17:20 ` mpolacek at gcc dot gnu.org
2015-09-17 23:34 ` manu at gcc dot gnu.org
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=bug-67580-4-YJHK6GgLqn@http.gcc.gnu.org/bugzilla/ \
--to=gcc-bugzilla@gcc.gnu.org \
--cc=gcc-bugs@gcc.gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).