public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug c/98070] New: errno is not re-evaluated after clearing errno and calling realloc(ptr, SIZE_MAX)
@ 2020-11-30 16:32 stli at linux dot ibm.com
2020-11-30 23:24 ` [Bug c/98070] " pinskia at gcc dot gnu.org
` (4 more replies)
0 siblings, 5 replies; 6+ messages in thread
From: stli at linux dot ibm.com @ 2020-11-30 16:32 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=98070
Bug ID: 98070
Summary: errno is not re-evaluated after clearing errno and
calling realloc(ptr, SIZE_MAX)
Product: gcc
Version: unknown
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: c
Assignee: unassigned at gcc dot gnu.org
Reporter: stli at linux dot ibm.com
Target Milestone: ---
Created attachment 49652
--> https://gcc.gnu.org/bugzilla/attachment.cgi?id=49652&action=edit
Testcase reproducing the issue with gcc-head
Hi,
After setting errno=0 and calling realloc with a too large size, which sets
errno to ENOMEM, a subsequent "if (errno == ENOMEM)" is not evaluated as true.
Instead gcc assumes that errno has not changed and is directly executing the
else-path without testing errno again.
This happens in the glibc-testcase:
<glibc>/malloc/tst-malloc-too-large.c test
(see
https://sourceware.org/git/?p=glibc.git;a=blob;f=malloc/tst-malloc-too-large.c;h=b5ad7eb7e7bf764fe57ceff5a810e3c211ca05e0;hb=refs/heads/master)
on at least x86_64 and s390x with gcc-head.
The attached small reproducer fails with gcc-head, but not with gcc 10, 9
(before):
/* Output with gcc 11:
$ ./tst-errno-realloc (build with >= -O1)
47: errno == 0 (Cannot allocate memory). We are in the else-part of 'if
(errno == ENOMEM)'. Does errno correspond to %m or the line below or to '(gdb)
p errno'?!
dump_errno(48, compare to line above!): errno == 12 (Cannot allocate memory)
vs main_errno=0
On s390x:
$ gcc -v
Using built-in specs.
COLLECT_GCC=./install-s390x-head/bin/gcc
COLLECT_LTO_WRAPPER=/home/stli/gccDir/install-s390x-head/libexec/gcc/s390x-ibm-linux-gnu/11.0.0/lto-wrapper
Target: s390x-ibm-linux-gnu
Configured with: /home/stli/gccDir/gcc-head/configure
--prefix=/home/stli/gccDir/install-s390x-head/ --enable-shared
--with-system-zlib --enable-threads=posix --enable-__cxa_atexit
--enable-checking --enable-gnu-indirect-function --enable-languages=c,c++
--with-arch=zEC12 --with-tune=z13 --disable-bootstrap --with-long-double-128
--enable-decimal-float
Thread model: posix
Supported LTO compression algorithms: zlib
gcc version 11.0.0 20201127 (experimental) (GCC)
$ git log --oneline
5e9f814d754 (HEAD -> master, origin/master, origin/HEAD) rs6000: Change
rs6000_expand_vector_set param
Also on x86_64:
$ gcc -v
Using built-in specs.
COLLECT_GCC=/home/stli/gccDir/install-x86_64-head/bin/gcc
COLLECT_LTO_WRAPPER=/home/stli/gccDir/install-x86_64-head/libexec/gcc/x86_64-pc-linux-gnu/11.0.0/lto-wrapper
Target: x86_64-pc-linux-gnu
Configured with: /home/stli/gccDir/gcc-head/configure
--prefix=/home/stli/gccDir/install-x86_64-head/ --enable-shared
--with-system-zlib --enable-threads=posix --enable-__cxa_atexit
--enable-checking --enable-gnu-indirect-function --enable-languages=c,c++
--with-tune=generic --with-arch_32=x86-64 --disable-bootstrap
--disable-libunwind-exceptions --enable-gnu-unique-object
--enable-linker-build-id --with-linker-hash-style=gnu --enable-plugin
--enable-initfini-array --disable-libgcj --disable-multilib
Thread model: posix
Supported LTO compression algorithms: zlib zstd
gcc version 11.0.0 20201130 (experimental) (GCC)
$ git log --oneline
a5ad5d5c478 (HEAD -> master, origin/master, origin/HEAD) RISC-V: Always
define MULTILIB_DEFAULTS
*/
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug c/98070] errno is not re-evaluated after clearing errno and calling realloc(ptr, SIZE_MAX)
2020-11-30 16:32 [Bug c/98070] New: errno is not re-evaluated after clearing errno and calling realloc(ptr, SIZE_MAX) stli at linux dot ibm.com
@ 2020-11-30 23:24 ` pinskia at gcc dot gnu.org
2020-12-01 8:15 ` [Bug middle-end/98070] [11 Regression] " rguenth at gcc dot gnu.org
` (3 subsequent siblings)
4 siblings, 0 replies; 6+ messages in thread
From: pinskia at gcc dot gnu.org @ 2020-11-30 23:24 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=98070
Andrew Pinski <pinskia at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
See Also| |https://gcc.gnu.org/bugzill
| |a/show_bug.cgi?id=88576
--- Comment #1 from Andrew Pinski <pinskia at gcc dot gnu.org> ---
Related to https://gcc.gnu.org/bugzilla/show_bug.cgi?id=88576 .
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug middle-end/98070] [11 Regression] errno is not re-evaluated after clearing errno and calling realloc(ptr, SIZE_MAX)
2020-11-30 16:32 [Bug c/98070] New: errno is not re-evaluated after clearing errno and calling realloc(ptr, SIZE_MAX) stli at linux dot ibm.com
2020-11-30 23:24 ` [Bug c/98070] " pinskia at gcc dot gnu.org
@ 2020-12-01 8:15 ` rguenth at gcc dot gnu.org
2020-12-01 9:43 ` cvs-commit at gcc dot gnu.org
` (2 subsequent siblings)
4 siblings, 0 replies; 6+ messages in thread
From: rguenth at gcc dot gnu.org @ 2020-12-01 8:15 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=98070
Richard Biener <rguenth at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|UNCONFIRMED |ASSIGNED
Assignee|unassigned at gcc dot gnu.org |rguenth at gcc dot gnu.org
Summary|errno is not re-evaluated |[11 Regression] errno is
|after clearing errno and |not re-evaluated after
|calling realloc(ptr, |clearing errno and calling
|SIZE_MAX) |realloc(ptr, SIZE_MAX)
Target Milestone|--- |11.0
CC| |hubicka at gcc dot gnu.org
Ever confirmed|0 |1
Last reconfirmed| |2020-12-01
Keywords| |wrong-code
--- Comment #2 from Richard Biener <rguenth at gcc dot gnu.org> ---
Likely caused by
/* Realloc serves both as allocation point and deallocation point. */
case BUILT_IN_REALLOC:
return ".cw ";
which should be ".Cw "
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug middle-end/98070] [11 Regression] errno is not re-evaluated after clearing errno and calling realloc(ptr, SIZE_MAX)
2020-11-30 16:32 [Bug c/98070] New: errno is not re-evaluated after clearing errno and calling realloc(ptr, SIZE_MAX) stli at linux dot ibm.com
2020-11-30 23:24 ` [Bug c/98070] " pinskia at gcc dot gnu.org
2020-12-01 8:15 ` [Bug middle-end/98070] [11 Regression] " rguenth at gcc dot gnu.org
@ 2020-12-01 9:43 ` cvs-commit at gcc dot gnu.org
2020-12-01 9:43 ` rguenth at gcc dot gnu.org
2020-12-01 12:23 ` stli at linux dot ibm.com
4 siblings, 0 replies; 6+ messages in thread
From: cvs-commit at gcc dot gnu.org @ 2020-12-01 9:43 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=98070
--- Comment #3 from CVS Commits <cvs-commit at gcc dot gnu.org> ---
The master branch has been updated by Richard Biener <rguenth@gcc.gnu.org>:
https://gcc.gnu.org/g:57fcbe579c2f2b0919486b658a5bec8f4e1ef42b
commit r11-5598-g57fcbe579c2f2b0919486b658a5bec8f4e1ef42b
Author: Richard Biener <rguenther@suse.de>
Date: Tue Dec 1 09:19:52 2020 +0100
middle-end/98070 - fix realloc builtin fnspec
realloc clobbers errno, note that.
2020-12-01 Richard Biener <rguenther@suse.de>
PR middle-end/98070
* builtins.c (builtin_fnspec): realloc is ".Cw ".
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug middle-end/98070] [11 Regression] errno is not re-evaluated after clearing errno and calling realloc(ptr, SIZE_MAX)
2020-11-30 16:32 [Bug c/98070] New: errno is not re-evaluated after clearing errno and calling realloc(ptr, SIZE_MAX) stli at linux dot ibm.com
` (2 preceding siblings ...)
2020-12-01 9:43 ` cvs-commit at gcc dot gnu.org
@ 2020-12-01 9:43 ` rguenth at gcc dot gnu.org
2020-12-01 12:23 ` stli at linux dot ibm.com
4 siblings, 0 replies; 6+ messages in thread
From: rguenth at gcc dot gnu.org @ 2020-12-01 9:43 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=98070
Richard Biener <rguenth at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Resolution|--- |FIXED
Status|ASSIGNED |RESOLVED
--- Comment #4 from Richard Biener <rguenth at gcc dot gnu.org> ---
Fixed.
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug middle-end/98070] [11 Regression] errno is not re-evaluated after clearing errno and calling realloc(ptr, SIZE_MAX)
2020-11-30 16:32 [Bug c/98070] New: errno is not re-evaluated after clearing errno and calling realloc(ptr, SIZE_MAX) stli at linux dot ibm.com
` (3 preceding siblings ...)
2020-12-01 9:43 ` rguenth at gcc dot gnu.org
@ 2020-12-01 12:23 ` stli at linux dot ibm.com
4 siblings, 0 replies; 6+ messages in thread
From: stli at linux dot ibm.com @ 2020-12-01 12:23 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=98070
--- Comment #5 from stli at linux dot ibm.com <stli at linux dot ibm.com> ---
I've just build and run the attached test on s390x/x86_64 with your fix.
Now errno is re-evaluated after realloc.
I've also rebuild glibc on s390x and the original glibc-test
<glibc>/malloc/tst-malloc-too-large.c is now also passing.
Many thanks.
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2020-12-01 12:23 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-11-30 16:32 [Bug c/98070] New: errno is not re-evaluated after clearing errno and calling realloc(ptr, SIZE_MAX) stli at linux dot ibm.com
2020-11-30 23:24 ` [Bug c/98070] " pinskia at gcc dot gnu.org
2020-12-01 8:15 ` [Bug middle-end/98070] [11 Regression] " rguenth at gcc dot gnu.org
2020-12-01 9:43 ` cvs-commit at gcc dot gnu.org
2020-12-01 9:43 ` rguenth at gcc dot gnu.org
2020-12-01 12:23 ` stli at linux dot ibm.com
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).