* [Bug ada/99624] Address sanitizer detects heap-buffer-overflow in namet.adb
2021-03-17 12:14 [Bug ada/99624] New: Address sanitizer detects heap-buffer-overflow in namet.adb zeccav at gmail dot com
@ 2021-03-17 13:18 ` marxin at gcc dot gnu.org
2021-03-17 14:33 ` ebotcazou at gcc dot gnu.org
` (8 subsequent siblings)
9 siblings, 0 replies; 11+ messages in thread
From: marxin at gcc dot gnu.org @ 2021-03-17 13:18 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=99624
Martin Liška <marxin at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Blocks| |86656
CC| |ebotcazou at gcc dot gnu.org,
| |marxin at gcc dot gnu.org
Ever confirmed|0 |1
Last reconfirmed| |2021-03-17
Status|UNCONFIRMED |NEW
Referenced Bugs:
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=86656
[Bug 86656] [meta-bug] Issues found with -fsanitize=address
^ permalink raw reply [flat|nested] 11+ messages in thread
* [Bug ada/99624] Address sanitizer detects heap-buffer-overflow in namet.adb
2021-03-17 12:14 [Bug ada/99624] New: Address sanitizer detects heap-buffer-overflow in namet.adb zeccav at gmail dot com
2021-03-17 13:18 ` [Bug ada/99624] " marxin at gcc dot gnu.org
@ 2021-03-17 14:33 ` ebotcazou at gcc dot gnu.org
2021-03-17 15:12 ` zeccav at gmail dot com
` (7 subsequent siblings)
9 siblings, 0 replies; 11+ messages in thread
From: ebotcazou at gcc dot gnu.org @ 2021-03-17 14:33 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=99624
Eric Botcazou <ebotcazou at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |WAITING
--- Comment #1 from Eric Botcazou <ebotcazou at gcc dot gnu.org> ---
> While building the ada compiler the address sanitizer detecst an
> heap-buffer-overflow in namet.adb line 157:
>
> Index : constant Int := Name_Entries.Table (Id).Name_Chars_Index;
>
> because Id=-399990000
The table is declared like this though:
package Name_Entries is new Table.Table (
Table_Component_Type => Name_Entry,
Table_Index_Type => Valid_Name_Id'Base,
Table_Low_Bound => First_Name_Id,
Table_Initial => Alloc.Names_Initial,
Table_Increment => Alloc.Names_Increment,
Table_Name => "Name_Entries");
with:
First_Name_Id : constant Name_Id := Names_Low_Bound + 2;
-- Subscript of first entry in names table
subtype Valid_Name_Id is Name_Id range First_Name_Id .. Name_Id'Last;
-- All but No_Name and Error_Name
and:
Names_Low_Bound : constant := -399999999;
so Id = -399990000 is well within the allowed range (9997 0-based index).
Are you sure that Id is not equal to Names_Low_Bound, which would be the -2
0-based index and, therefore, -32 bytes since the size of Name_Entry is 16?
On the other hand, this would mean that:
pragma Assert (Is_Valid_Name (Id));
would have triggered because the compiler is supposed to be configured with
assertions enabled on the mainline, so I'm quite at a loss here.
It looks like the address sanitizer is miscompiling the Ada compiler?
^ permalink raw reply [flat|nested] 11+ messages in thread
* [Bug ada/99624] Address sanitizer detects heap-buffer-overflow in namet.adb
2021-03-17 12:14 [Bug ada/99624] New: Address sanitizer detects heap-buffer-overflow in namet.adb zeccav at gmail dot com
2021-03-17 13:18 ` [Bug ada/99624] " marxin at gcc dot gnu.org
2021-03-17 14:33 ` ebotcazou at gcc dot gnu.org
@ 2021-03-17 15:12 ` zeccav at gmail dot com
2021-03-17 16:36 ` ebotcazou at gcc dot gnu.org
` (6 subsequent siblings)
9 siblings, 0 replies; 11+ messages in thread
From: zeccav at gmail dot com @ 2021-03-17 15:12 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=99624
--- Comment #2 from Vittorio Zecca <zeccav at gmail dot com> ---
Yes, probably gcc -fsanitize=address is miscompiling the Ada compiler.
I had to take out the -gnata option to disable pragma assert that was failing.
So I do not know if this is a genuine compiler bug or it is due to
miscompilation.
The Ada compiler compiled with the undefined behavior sanitizer
compiles and works fine
with a successful run of the testsuite.
^ permalink raw reply [flat|nested] 11+ messages in thread
* [Bug ada/99624] Address sanitizer detects heap-buffer-overflow in namet.adb
2021-03-17 12:14 [Bug ada/99624] New: Address sanitizer detects heap-buffer-overflow in namet.adb zeccav at gmail dot com
` (2 preceding siblings ...)
2021-03-17 15:12 ` zeccav at gmail dot com
@ 2021-03-17 16:36 ` ebotcazou at gcc dot gnu.org
2021-03-17 16:42 ` zeccav at gmail dot com
` (5 subsequent siblings)
9 siblings, 0 replies; 11+ messages in thread
From: ebotcazou at gcc dot gnu.org @ 2021-03-17 16:36 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=99624
Eric Botcazou <ebotcazou at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|WAITING |SUSPENDED
--- Comment #3 from Eric Botcazou <ebotcazou at gcc dot gnu.org> ---
> Yes, probably gcc -fsanitize=address is miscompiling the Ada compiler.
> I had to take out the -gnata option to disable pragma assert that was
> failing.
OK, thanks for the confirmation.
> So I do not know if this is a genuine compiler bug or it is due to
> miscompilation.
Most probably -fsanitize=address does not work correctly on Ada code.
> The Ada compiler compiled with the undefined behavior sanitizer
> compiles and works fine with a successful run of the testsuite.
Interesting data point, thanks.
^ permalink raw reply [flat|nested] 11+ messages in thread
* [Bug ada/99624] Address sanitizer detects heap-buffer-overflow in namet.adb
2021-03-17 12:14 [Bug ada/99624] New: Address sanitizer detects heap-buffer-overflow in namet.adb zeccav at gmail dot com
` (3 preceding siblings ...)
2021-03-17 16:36 ` ebotcazou at gcc dot gnu.org
@ 2021-03-17 16:42 ` zeccav at gmail dot com
2021-03-17 16:47 ` ebotcazou at gcc dot gnu.org
` (4 subsequent siblings)
9 siblings, 0 replies; 11+ messages in thread
From: zeccav at gmail dot com @ 2021-03-17 16:42 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=99624
--- Comment #4 from Vittorio Zecca <zeccav at gmail dot com> ---
I added
pragma Assert (Id in Name_Entries.Table'Range);
at namet.adb:156, but then I get at compile time
namet.adb:156:25: warning: condition can only be False if invalid values
present
and the build stops.
I am very very rusty on Ada, what should I do to check that Id is good?
^ permalink raw reply [flat|nested] 11+ messages in thread
* [Bug ada/99624] Address sanitizer detects heap-buffer-overflow in namet.adb
2021-03-17 12:14 [Bug ada/99624] New: Address sanitizer detects heap-buffer-overflow in namet.adb zeccav at gmail dot com
` (4 preceding siblings ...)
2021-03-17 16:42 ` zeccav at gmail dot com
@ 2021-03-17 16:47 ` ebotcazou at gcc dot gnu.org
2021-03-18 7:56 ` zeccav at gmail dot com
` (3 subsequent siblings)
9 siblings, 0 replies; 11+ messages in thread
From: ebotcazou at gcc dot gnu.org @ 2021-03-17 16:47 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=99624
--- Comment #5 from Eric Botcazou <ebotcazou at gcc dot gnu.org> ---
> I am very very rusty on Ada, what should I do to check that Id is good?
Probably put back the original assert on line 155.
^ permalink raw reply [flat|nested] 11+ messages in thread
* [Bug ada/99624] Address sanitizer detects heap-buffer-overflow in namet.adb
2021-03-17 12:14 [Bug ada/99624] New: Address sanitizer detects heap-buffer-overflow in namet.adb zeccav at gmail dot com
` (5 preceding siblings ...)
2021-03-17 16:47 ` ebotcazou at gcc dot gnu.org
@ 2021-03-18 7:56 ` zeccav at gmail dot com
2021-03-18 8:33 ` ebotcazou at gcc dot gnu.org
` (2 subsequent siblings)
9 siblings, 0 replies; 11+ messages in thread
From: zeccav at gmail dot com @ 2021-03-18 7:56 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=99624
--- Comment #6 from Vittorio Zecca <zeccav at gmail dot com> ---
It is not that easy, unfortunately.
If I compile the build with -gnata, thereby arming the pragma assert,
the build fails.
So I had to build without -gnata.
Now trying to build Ada with gcc 9.1.0
Earlier versions do not work.
Did you try building Ada with address sanitation?
^ permalink raw reply [flat|nested] 11+ messages in thread
* [Bug ada/99624] Address sanitizer detects heap-buffer-overflow in namet.adb
2021-03-17 12:14 [Bug ada/99624] New: Address sanitizer detects heap-buffer-overflow in namet.adb zeccav at gmail dot com
` (6 preceding siblings ...)
2021-03-18 7:56 ` zeccav at gmail dot com
@ 2021-03-18 8:33 ` ebotcazou at gcc dot gnu.org
2021-03-18 8:40 ` zeccav at gmail dot com
2021-03-19 9:09 ` zeccav at gmail dot com
9 siblings, 0 replies; 11+ messages in thread
From: ebotcazou at gcc dot gnu.org @ 2021-03-18 8:33 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=99624
--- Comment #7 from Eric Botcazou <ebotcazou at gcc dot gnu.org> ---
> If I compile the build with -gnata, thereby arming the pragma assert,
> the build fails.
Then this proves that the sanitizer does not work since the assertion does not
trigger in a regular build, so there is no need to dig deeper.
> Did you try building Ada with address sanitation?
No, I don't think so.
^ permalink raw reply [flat|nested] 11+ messages in thread
* [Bug ada/99624] Address sanitizer detects heap-buffer-overflow in namet.adb
2021-03-17 12:14 [Bug ada/99624] New: Address sanitizer detects heap-buffer-overflow in namet.adb zeccav at gmail dot com
` (7 preceding siblings ...)
2021-03-18 8:33 ` ebotcazou at gcc dot gnu.org
@ 2021-03-18 8:40 ` zeccav at gmail dot com
2021-03-19 9:09 ` zeccav at gmail dot com
9 siblings, 0 replies; 11+ messages in thread
From: zeccav at gmail dot com @ 2021-03-18 8:40 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=99624
--- Comment #8 from Vittorio Zecca <zeccav at gmail dot com> ---
Address sanitizer of Version 11.0.1 current trunk miscompiles the Ada
compiler, maybe a previous version would work.
Undefined behavior sanitizer works.
I am now trying to build the Ada compiler with gcc 9.1.0.
^ permalink raw reply [flat|nested] 11+ messages in thread
* [Bug ada/99624] Address sanitizer detects heap-buffer-overflow in namet.adb
2021-03-17 12:14 [Bug ada/99624] New: Address sanitizer detects heap-buffer-overflow in namet.adb zeccav at gmail dot com
` (8 preceding siblings ...)
2021-03-18 8:40 ` zeccav at gmail dot com
@ 2021-03-19 9:09 ` zeccav at gmail dot com
9 siblings, 0 replies; 11+ messages in thread
From: zeccav at gmail dot com @ 2021-03-19 9:09 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=99624
Vittorio Zecca <zeccav at gmail dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|SUSPENDED |RESOLVED
Resolution|--- |INVALID
--- Comment #9 from Vittorio Zecca <zeccav at gmail dot com> ---
I believe this is invalid issue, the real issue is that gcc miscompiles
the Ada compiler with the option -fsanitize=address.
I am opening a new issue with the GNAT BUG DETECTED message.
^ permalink raw reply [flat|nested] 11+ messages in thread