bug-bash
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

miscompilation at gcc -O2


From: Eric Blake
Subject: miscompilation at gcc -O2
Date: Wed, 09 Feb 2011 12:06:45 -0700
User-agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.13) Gecko/20101209 Fedora/3.1.7-0.35.b3pre.fc14 Lightning/1.0b3pre Mnenhy/0.8.3 Thunderbird/3.1.7

Configuration Information [Automatically generated, do not change]:
Machine: x86_64
OS: linux-gnu
Compiler: gcc
Compilation CFLAGS:  -DPROGRAM='bash' -DCONF_HOSTTYPE='x86_64'
-DCONF_OSTYPE='linux-gnu' -DCONF_MACHTYPE='x86_64-redhat-linux-gnu'
-DCONF_VENDOR='redhat' -DLOCALEDIR='/usr/share/locale' -DPACKAGE='bash'
-DSHELL -DHAVE_CONFIG_H   -I.  -I. -I./include -I./lib  -D_GNU_SOURCE
-DRECYCLES_PIDS  -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions
-fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic
uname output: Linux office 2.6.35.10-74.fc14.x86_64 #1 SMP Thu Dec 23
16:04:50 UTC 2010 x86_64 x86_64 x86_64 GNU/Linux
Machine Type: x86_64-redhat-linux-gnu


Bash Version: 4.1
Patch Level: 7
Release Status: release

Description:
There is a report of bash being miscompiled for cygwin when using gcc
4.3.4 -O2, but succeeding when compiled with -O1:
http://cygwin.com/ml/cygwin/2011-02/msg00230.html

Compiling with -Wextra reveals the culprit:
execute_cmd.c: In function ‘execute_function.clone.2’:
execute_cmd.c:4007:23: warning: variable ‘bash_source_a’ might be
clobbered by ‘longjmp’ or ‘vfork’
execute_cmd.c:4007:39: warning: variable ‘bash_lineno_a’ might be
clobbered by ‘longjmp’ or ‘vfork’
execute_cmd.c: In function ‘execute_in_subshell’:
execute_cmd.c:1296:12: warning: variable ‘tcom’ might be clobbered by
‘longjmp’ or ‘vfork’

POSIX is clear that the value of an automatic variable changed between
setjmp() and the subsequent longjmp() is unspecified unless the variable
is marked volatile, but bash is violating this constraint and modifying
several variables that cannot reliably be restored.  Depending on what
code transformations the compiler makes, this can lead to crashes; in
cygwin's case, it appears that mere execution of a trap return handler
can cause bash to corrupt its own stack.

Repeat-By:
make
rm execute_cmd.o
make CFLAGS='-Wextra -O2'

Fix:
--- execute_cmd.c.orig  2011-02-09 11:53:13.470850670 -0700
+++ execute_cmd.c       2011-02-09 11:53:48.422939088 -0700
@@ -1293,7 +1293,7 @@
   int user_subshell, return_code, function_value, should_redir_stdin,
invert;
   int ois, user_coproc;
   int result;
-  COMMAND *tcom;
+  COMMAND *volatile tcom;

   USE_VAR(user_subshell);
   USE_VAR(user_coproc);
@@ -4004,7 +4004,7 @@
   char *debug_trap, *error_trap, *return_trap;
 #if defined (ARRAY_VARS)
   SHELL_VAR *funcname_v, *nfv, *bash_source_v, *bash_lineno_v;
-  ARRAY *funcname_a, *bash_source_a, *bash_lineno_a;
+  ARRAY *funcname_a, *volatile bash_source_a, *volatile bash_lineno_a;
 #endif
   FUNCTION_DEF *shell_fn;
   char *sfile, *t;


-- 
Eric Blake   address@hidden    +1-801-349-2682
Libvirt virtualization library http://libvirt.org

Attachment: signature.asc
Description: OpenPGP digital signature


reply via email to

[Prev in Thread] Current Thread [Next in Thread]