Error on setenv(..., NULL, ...)

Message ID	55062712.4040104@cs.ucla.edu
State	Superseded
Headers	Received: (qmail 90966 invoked by alias); 16 Mar 2015 00:43:06 -0000 Mailing-List: contact libc-alpha-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: <libc-alpha.sourceware.org> List-Unsubscribe: <mailto:libc-alpha-unsubscribe-##L=##H@sourceware.org> List-Subscribe: <mailto:libc-alpha-subscribe@sourceware.org> List-Archive: <http://sourceware.org/ml/libc-alpha/> List-Post: <mailto:libc-alpha@sourceware.org> List-Help: <mailto:libc-alpha-help@sourceware.org>, <http://sourceware.org/ml/#faqs> Sender: libc-alpha-owner@sourceware.org Delivered-To: mailing list libc-alpha@sourceware.org Received: (qmail 90952 invoked by uid 89); 16 Mar 2015 00:43:05 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-1.5 required=5.0 tests=AWL, BAYES_00, SPF_PASS, T_RP_MATCHES_RCVD autolearn=ham version=3.3.2 X-HELO: smtp.cs.ucla.edu Message-ID: <55062712.4040104@cs.ucla.edu> Date: Sun, 15 Mar 2015 17:42:58 -0700 From: Paul Eggert <eggert@cs.ucla.edu> User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.5.0 MIME-Version: 1.0 To: Paul Pluzhnikov <ppluzhnikov@google.com> CC: Roland McGrath <roland@hack.frob.com>, Szabolcs Nagy <szabolcs.nagy@arm.com>, Joseph Myers <joseph@codesourcery.com>, GLIBC Devel <libc-alpha@sourceware.org>, "mtk@man7.org" <mtk@man7.org> Subject: Re: [patch] Error on setenv(..., NULL, ...) References: <CALoOobNSbWUkd_i-L6U0ovbqPYnJY-h=ftX1K61yb19pmJj6aw@mail.gmail.com> <alpine.DEB.2.10.1503111712240.30954@digraph.polyomino.org.uk> <CALoOobPKxfJfnbcUKH8osgCZMeSiD83K1OiF+_vSeAy0ewe1Jw@mail.gmail.com> <55008721.1090200@arm.com> <CALoOobNbOgm5=oFbEUmTbca3M-KqSUgGmTeWYOt1zTN-CTLoog@mail.gmail.com> <55008DE0.8050805@cs.ucla.edu> <20150312215314.1B7CC2C3B8E@topped-with-meat.com> <55021AB7.1060905@cs.ucla.edu> <20150313170436.BF4C92C3B3B@topped-with-meat.com> <55031BC3.6070709@cs.ucla.edu> <CALoOobMF_eRjg93DDfkTtcyrvCrHBYX8w3CaPU-R62cpOqbiMg@mail.gmail.com> <CALoOobO79BAzDZuq3=KJ=DnhVeu7np=W5kthdZrHEG5U1f2k4A@mail.gmail.com> <CALoOobNJ2wGtAn=LRwfLFR7o8idxg4+Lgz=jWo08Dxdj_BOHvA@mail.gmail.com> In-Reply-To: <CALoOobNJ2wGtAn=LRwfLFR7o8idxg4+Lgz=jWo08Dxdj_BOHvA@mail.gmail.com> Content-Type: multipart/mixed; boundary="------------060702030500040208020802"

Message ID

55062712.4040104@cs.ucla.edu

State

Superseded

Headers

Mailing-List: contact libc-alpha-help@sourceware.org; run by ezmlm
Precedence: bulk
Sender: libc-alpha-owner@sourceware.org
Message-ID: <55062712.4040104@cs.ucla.edu>
Date: Sun, 15 Mar 2015 17:42:58 -0700
From: Paul Eggert <eggert@cs.ucla.edu>
User-Agent: Mozilla/5.0 (X11; Linux x86_64;
	rv:31.0) Gecko/20100101 Thunderbird/31.5.0
MIME-Version: 1.0
To: Paul Pluzhnikov <ppluzhnikov@google.com>
CC: Roland McGrath <roland@hack.frob.com>, 
	Szabolcs Nagy <szabolcs.nagy@arm.com>,
	Joseph Myers <joseph@codesourcery.com>, 
	GLIBC Devel <libc-alpha@sourceware.org>, "mtk@man7.org" <mtk@man7.org>
Subject: Re: [patch] Error on setenv(..., NULL, ...)
References: <CALoOobNSbWUkd_i-L6U0ovbqPYnJY-h=ftX1K61yb19pmJj6aw@mail.gmail.com>
	<alpine.DEB.2.10.1503111712240.30954@digraph.polyomino.org.uk>
	<CALoOobPKxfJfnbcUKH8osgCZMeSiD83K1OiF+_vSeAy0ewe1Jw@mail.gmail.com>
	<55008721.1090200@arm.com>
	<CALoOobNbOgm5=oFbEUmTbca3M-KqSUgGmTeWYOt1zTN-CTLoog@mail.gmail.com>
	<55008DE0.8050805@cs.ucla.edu>
	<20150312215314.1B7CC2C3B8E@topped-with-meat.com>
	<55021AB7.1060905@cs.ucla.edu>
	<20150313170436.BF4C92C3B3B@topped-with-meat.com>
	<55031BC3.6070709@cs.ucla.edu>
	<CALoOobMF_eRjg93DDfkTtcyrvCrHBYX8w3CaPU-R62cpOqbiMg@mail.gmail.com>
	<CALoOobO79BAzDZuq3=KJ=DnhVeu7np=W5kthdZrHEG5U1f2k4A@mail.gmail.com>
	<CALoOobNJ2wGtAn=LRwfLFR7o8idxg4+Lgz=jWo08Dxdj_BOHvA@mail.gmail.com>
In-Reply-To: <CALoOobNJ2wGtAn=LRwfLFR7o8idxg4+Lgz=jWo08Dxdj_BOHvA@mail.gmail.com>
Content-Type: multipart/mixed;
	boundary="------------060702030500040208020802"

Commit Message

Paul Eggert March 16, 2015, 12:42 a.m. UTC

  Paul Pluzhnikov wrote:
> So it looks to me like the 2ecccaede9097f867284d352a881d8f226ba4fb7 is
> quite broken, and should be reverted.

I reverted it.  Sorry about that; it had a horrible typo (!= vs ==).  Does the 
attached (untested) patch work for you instead?  It fixes the typo, and also 
pacifies GCC so that GCC does not issue the bogus warning.

Comments

Paul Pluzhnikov March 16, 2015, 1:10 a.m. UTC | #1

On Sun, Mar 15, 2015 at 5:42 PM, Paul Eggert <eggert@cs.ucla.edu> wrote:

> I reverted it.

Thanks,

> Sorry about that; it had a horrible typo (!= vs ==).

Oh, right. I should have noticed.

> Does
> the attached (untested) patch work for you instead?  It fixes the typo, and
> also pacifies GCC so that GCC does not issue the bogus warning.

I've tested the patch on Linux/x86_64. Looks good.

+/* Pacify GCC; see the commentary about VALLEN below.  This is needed
+   at least through GCC 4.9.2.  Pacify GCC for the entire file, as
+   there seems to be no way to pacify GCC selectively, only for the
+   place where it's needed.  Do not use DIAG_IGNORE_NEEDS_COMMENT
+   here, as it's not defined yet.  */
+#pragma GCC diagnostic ignored "-Wmaybe-uninitialized"

You can be more selective with '#pragma GCC diagnostic push/pop'
around the function.

Clearly you know about DIAG_IGNORE_NEEDS_COMMENT (I didn't), so I
assume you also know about DIAG_PUSH_NEEDS_COMMENT /
DIAG_POP_NEEDS_COMMENT, which then makes me not understand your
comment about selective pacification.

Paul Eggert March 16, 2015, 4:11 a.m. UTC | #2

Paul Pluzhnikov wrote:
> I assume you also know about DIAG_PUSH_NEEDS_COMMENT /
> DIAG_POP_NEEDS_COMMENT, which then makes me not understand your
> comment about selective pacification.

When I tried to use those macros, I still got the warning and the build still 
failed.  Part of the problem is that 'vallen' gets used as part of an argument 
to the __mempcpy/memcpy macros, and GCC decides that since 'vallen' is used in 
the macro body, it'll issue a warning since the macro body is outside the 
"scope" of the DIAG_PUSH* and DIAG_POP* brackets.  It's the classic problem of 
macro capture.

I couldn't even use plain DIAG_IGNORE_NEEDS_COMMENT (i.e., without 
DIAG_PUSH_NEEDS_COMMENT), because I needed to put the #pragma before including 
<errno.h> (the first standard include) -- otherwise I got the warning -- and 
DIAG_IGNORE_NEEDS_COMMENT isn't defined until after <errno.h> is included.

I was using GCC 4.9.2 20150212 (Red Hat 4.9.2-6), for what that's worth.

Paul Pluzhnikov March 16, 2015, 4:33 a.m. UTC | #3

On Sun, Mar 15, 2015 at 9:11 PM, Paul Eggert <eggert@cs.ucla.edu> wrote:

> When I tried to use those macros, I still got the warning and the build
> still failed.
...
> I was using GCC 4.9.2 20150212 (Red Hat 4.9.2-6), for what that's worth.

I see. I reproduced that "bad behavior" using GCC trunk @r221169, but
it works as I expected using GCC 4.8.2-19ubuntu1. That seems like a
GCC mis-feature.

Joseph Myers March 16, 2015, 11:48 p.m. UTC | #4

On Sun, 15 Mar 2015, Paul Eggert wrote:

> I couldn't even use plain DIAG_IGNORE_NEEDS_COMMENT (i.e., without
> DIAG_PUSH_NEEDS_COMMENT), because I needed to put the #pragma before including
> <errno.h> (the first standard include) -- otherwise I got the warning -- and
> DIAG_IGNORE_NEEDS_COMMENT isn't defined until after <errno.h> is included.

Any file using those macros should explicitly include <libc-internal.h> to 
get their definitions.  Are you saying that if you include 
<libc-internal.h>, then use the macros, then include other headers, that 
it doesn't work?

Paul Pluzhnikov April 5, 2015, 11:40 p.m. UTC | #5

On Sun, Mar 15, 2015 at 6:10 PM, Paul Pluzhnikov <ppluzhnikov@google.com> wrote:
>
> On Sun, Mar 15, 2015 at 5:42 PM, Paul Eggert <eggert@cs.ucla.edu> wrote:

> I've tested the patch on Linux/x86_64. Looks good.

The patch appears to have stalled.
I believe we still want it: the current situation is really not good.

Thanks,

Paul Eggert April 6, 2015, 2:43 a.m. UTC | #6

Paul Pluzhnikov wrote:

> The patch appears to have stalled.
> I believe we still want it: the current situation is really not good.

Yes.  Since that patch 
<https://sourceware.org/ml/libc-alpha/2015-03/msg00527.html> fixes a bug and has 
been reviewed and tested, I would like to install it now.  We can install any 
further improvements to libc-internal.h later.

Paul Eggert April 19, 2015, 8:09 a.m. UTC | #7

Paul Eggert wrote:
> Since that patch
> <https://sourceware.org/ml/libc-alpha/2015-03/msg00527.html> fixes a bug and has
> been reviewed and tested, I would like to install it now.

I've done that.  Thanks for reminding me about it.

diff mbox

Patch

From 7d298c5558df36cf0e6a46940ace042c52284264 Mon Sep 17 00:00:00 2001
From: Paul Eggert <eggert@cs.ucla.edu>
Date: Sun, 15 Mar 2015 17:38:10 -0700
Subject: [PATCH] * stdlib/setenv.c (__add_to_environ):

Dump core quickly if setenv (..., NULL, ...) is called.
This time, do it the right way, and pacify GCC with a pragma.
---
 ChangeLog       |  4 ++++
 stdlib/setenv.c | 18 +++++++++++++++++-
 2 files changed, 21 insertions(+), 1 deletion(-)

diff --git a/ChangeLog b/ChangeLog
index c856f79..e61cc17 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,9 @@ 
 2015-03-15  Paul Eggert  <eggert@cs.ucla.edu>
 
+	* stdlib/setenv.c (__add_to_environ):
+	Dump core quickly if setenv (..., NULL, ...) is called.
+	This time, do it the right way, and pacify GCC with a pragma.
+
 	* stdlib/setenv.c (__add_to_environ): Revert previous change.
 
 2015-03-14  Andreas Schwab  <schwab@linux-m68k.org>
diff --git a/stdlib/setenv.c b/stdlib/setenv.c
index b60c4f0..184a8cd 100644
--- a/stdlib/setenv.c
+++ b/stdlib/setenv.c
@@ -19,6 +19,13 @@ 
 # include <config.h>
 #endif
 
+/* Pacify GCC; see the commentary about VALLEN below.  This is needed
+   at least through GCC 4.9.2.  Pacify GCC for the entire file, as
+   there seems to be no way to pacify GCC selectively, only for the
+   place where it's needed.  Do not use DIAG_IGNORE_NEEDS_COMMENT
+   here, as it's not defined yet.  */
+#pragma GCC diagnostic ignored "-Wmaybe-uninitialized"
+
 #include <errno.h>
 #if !_LIBC
 # if !defined errno && !defined HAVE_ERRNO_DECL
@@ -114,8 +121,17 @@  __add_to_environ (name, value, combined, replace)
 {
   char **ep;
   size_t size;
+
+  /* Compute lengths before locking, so that the critical section is
+     less of a performance bottleneck.  VALLEN is needed only if
+     COMBINED is null (unfortunately GCC is not smart enough to deduce
+     this; see the #pragma at the start of this file).  Testing
+     COMBINED instead of VALUE causes setenv (..., NULL, ...)  to dump
+     core now instead of corrupting memory later.  */
   const size_t namelen = strlen (name);
-  const size_t vallen = value != NULL ? strlen (value) + 1 : 0;
+  size_t vallen;
+  if (combined == NULL)
+    vallen = strlen (value) + 1;
 
   LOCK;
 
-- 
2.1.0