<html>
<head>
<base href="https://bugs.llvm.org/">
</head>
<body><table border="1" cellspacing="0" cellpadding="8">
<tr>
<th>Bug ID</th>
<td><a class="bz_bug_link
bz_status_NEW "
title="NEW - Bad handling of aligned_alloc with invalid alignment"
href="https://bugs.llvm.org/show_bug.cgi?id=51826">51826</a>
</td>
</tr>
<tr>
<th>Summary</th>
<td>Bad handling of aligned_alloc with invalid alignment
</td>
</tr>
<tr>
<th>Product</th>
<td>libraries
</td>
</tr>
<tr>
<th>Version</th>
<td>trunk
</td>
</tr>
<tr>
<th>Hardware</th>
<td>PC
</td>
</tr>
<tr>
<th>OS</th>
<td>Linux
</td>
</tr>
<tr>
<th>Status</th>
<td>NEW
</td>
</tr>
<tr>
<th>Severity</th>
<td>normal
</td>
</tr>
<tr>
<th>Priority</th>
<td>P
</td>
</tr>
<tr>
<th>Component</th>
<td>Global Analyses
</td>
</tr>
<tr>
<th>Assignee</th>
<td>unassignedbugs@nondot.org
</td>
</tr>
<tr>
<th>Reporter</th>
<td>harald@gigawatt.nl
</td>
</tr>
<tr>
<th>CC</th>
<td>llvm-bugs@lists.llvm.org
</td>
</tr></table>
<p>
<div>
<pre>As of DR #460
<<a href="http://www.open-std.org/jtc1/sc22/wg14/www/docs/summary.htm#dr_460">http://www.open-std.org/jtc1/sc22/wg14/www/docs/summary.htm#dr_460</a>>, passing
invalid alignments to aligned_alloc is no longer UB, but is required to result
in a null pointer being returned. That means, I think, the below program is
supposed to run successfully:
#include <stdlib.h>
int main() {
if (aligned_alloc(3, 1))
abort();
}
With jemalloc (as glibc does not implement the new rule yet either) and
otherwise default options, it does run successfully, but at -O1, LLVM optimises
this to an unconditional call to abort().
Changing the example slightly by specifying an alignment of 0 instead:
#include <stdlib.h>
int main() {
if (aligned_alloc(0, 1))
abort();
}
With jemalloc and otherwise default options, it again runs successfully. At
-O1, with clang 12, it unconditionally calls abort(). With clang trunk (tested
on godbolt.org), the compiler crashes:
<source>:3:21: warning: requested alignment is not a power of 2
[-Wnon-power-of-two-alignment]
if (aligned_alloc(0, 1))
^
PLEASE submit a bug report to <a href="https://bugs.llvm.org/">https://bugs.llvm.org/</a> and include the crash
backtrace, preprocessed source, and associated run script.
Stack dump:
0. Program arguments: /opt/compiler-explorer/clang-trunk/bin/clang -g -o
/app/output.s -mllvm --x86-asm-syntax=intel -S
--gcc-toolchain=/opt/compiler-explorer/gcc-9.2.0 -fcolor-diagnostics
-fno-crash-diagnostics -O1 <source>
1. <eof> parser at end of file
2. Optimizer
#0 0x000056154078684f PrintStackTraceSignalHandler(void*) Signals.cpp:0:0
#1 0x0000561540784710 llvm::sys::CleanupOnSignal(unsigned long)
(/opt/compiler-explorer/clang-trunk/bin/clang+0x3584710)
#2 0x00005615406d5088 CrashRecoverySignalHandler(int)
CrashRecoveryContext.cpp:0:0
#3 0x00007f5fc06c23c0 __restore_rt
(/lib/x86_64-linux-gnu/libpthread.so.0+0x153c0)
#4 0x00005615406b4c8a llvm::APInt::setBitsSlowCase(unsigned int, unsigned int)
(/opt/compiler-explorer/clang-trunk/bin/clang+0x34b4c8a)
#5 0x000056153f92d0d9 computeKnownBitsFromAssume(llvm::Value const*,
llvm::KnownBits&, unsigned int, (anonymous namespace)::Query const&)
ValueTracking.cpp:0:0
[...]
<a href="https://godbolt.org/z/M7hW85vf4">https://godbolt.org/z/M7hW85vf4</a></pre>
</div>
</p>
<hr>
<span>You are receiving this mail because:</span>
<ul>
<li>You are on the CC list for the bug.</li>
</ul>
</body>
</html>