Fix PR c++/70218 (illegal access to private field succeeds)

Message ID	1457899426-7619-1-git-send-email-patrick@parcs.ath.cx
State	New
Headers	show Return-Path: <gcc-patches-return-423177-incoming=patchwork.ozlabs.org@gcc.gnu.org> DomainKey-Signature: a=rsa-sha1; c=nofws; d=gcc.gnu.org; h=list-id :list-unsubscribe:list-archive:list-post:list-help:sender:from :to:cc:subject:date:message-id; q=dns; s=default; b=vTdVyaLttLxH zFrVSQshewAW15dx2WNCbw25tZoOl33AASvUbz0HSejmQm7dSHBJ5HcWhhvwUKwF ytZ5i5SDmRESX3DOTUkV9eLDCAMtkCjiG5MVH33iF/q+lYOs3DRxC5Uyl2UVFXPn T0vC6nm1YlysPVgDM2t5ahQzKF6JvpQ= Mailing-List: contact gcc-patches-help@gcc.gnu.org; run by ezmlm Precedence: bulk Sender: gcc-patches-owner@gcc.gnu.org From: Patrick Palka <patrick@parcs.ath.cx> To: gcc-patches@gcc.gnu.org Cc: jason@redhat.com, Patrick Palka <patrick@parcs.ath.cx> Subject: [PATCH] Fix PR c++/70218 (illegal access to private field succeeds) Date: Sun, 13 Mar 2016 16:03:46 -0400 Message-Id: <1457899426-7619-1-git-send-email-patrick@parcs.ath.cx>

Message ID

1457899426-7619-1-git-send-email-patrick@parcs.ath.cx

State

New

Headers

DomainKey-Signature: a=rsa-sha1; c=nofws; d=gcc.gnu.org; h=list-id
	:list-unsubscribe:list-archive:list-post:list-help:sender:from
	:to:cc:subject:date:message-id; q=dns; s=default; b=vTdVyaLttLxH
	zFrVSQshewAW15dx2WNCbw25tZoOl33AASvUbz0HSejmQm7dSHBJ5HcWhhvwUKwF
	ytZ5i5SDmRESX3DOTUkV9eLDCAMtkCjiG5MVH33iF/q+lYOs3DRxC5Uyl2UVFXPn
	T0vC6nm1YlysPVgDM2t5ahQzKF6JvpQ=
Mailing-List: contact gcc-patches-help@gcc.gnu.org; run by ezmlm
Precedence: bulk
Sender: gcc-patches-owner@gcc.gnu.org
From: Patrick Palka <patrick@parcs.ath.cx>
To: gcc-patches@gcc.gnu.org
Cc: jason@redhat.com,	Patrick Palka <patrick@parcs.ath.cx>
Subject: [PATCH] Fix PR c++/70218 (illegal access to private field succeeds)
Date: Sun, 13 Mar 2016 16:03:46 -0400
Message-Id: <1457899426-7619-1-git-send-email-patrick@parcs.ath.cx>

Commit Message

Patrick Palka March 13, 2016, 8:03 p.m. UTC

Here we are mishandling the deferred_access_stack by not coherently
pushing/popping from it.  In cp_parser_lambda_expression we are calling
(in order):

  push_deferring_access_checks (dk_no_deferred);
  cp_parser_start_tentative_firewall (parser);
  ...
  pop_deferring_access_checks ();
  cp_parser_end_tentative_firewall (parser, start, lambda_expr);

But the order of the last two popping calls does not correspond with the order
of the first two pushing calls.  pop_deferring_access_checks should be
called last.  This error may cause us to drop deferred access checks
instead of performing them.

Bootstrap + regtest in progress, does this look OK to commit if testing
succeeds?

gcc/cp/ChangeLog:

	PR c++/70218
	* parser.c (cp_parser_lambda_expression): Move call to
	pop_deferring_access_checks ahead of the call to
	cp_parser_end_tentative_firewall.

gcc/testsuite/ChangeLog:

	PR c++/70218
	* g++.dg/cpp0x/lambda/lambda-70218.C: New test.
---
 gcc/cp/parser.c                                  |  4 ++--
 gcc/testsuite/g++.dg/cpp0x/lambda/lambda-70218.C | 17 +++++++++++++++++
 2 files changed, 19 insertions(+), 2 deletions(-)
 create mode 100644 gcc/testsuite/g++.dg/cpp0x/lambda/lambda-70218.C

Comments

Matthias Klose March 16, 2016, 9:20 p.m. UTC | #1

On 13.03.2016 21:03, Patrick Palka wrote:
> Here we are mishandling the deferred_access_stack by not coherently
> pushing/popping from it.  In cp_parser_lambda_expression we are calling
> (in order):
>
>    push_deferring_access_checks (dk_no_deferred);
>    cp_parser_start_tentative_firewall (parser);
>    ...
>    pop_deferring_access_checks ();
>    cp_parser_end_tentative_firewall (parser, start, lambda_expr);
>
> But the order of the last two popping calls does not correspond with the order
> of the first two pushing calls.  pop_deferring_access_checks should be
> called last.  This error may cause us to drop deferred access checks
> instead of performing them.
>
> Bootstrap + regtest in progress, does this look OK to commit if testing
> succeeds?

when applying this patch to the gcc-5-branch I see regressions like

/scratch/packages/gcc/5/gcc-5-5.3.1/src/gcc/testsuite/g++.dg/cpp0x/lambda/lambda-70218.C: 
In function 'void foo()':
/scratch/packages/gcc/5/gcc-5-5.3.1/src/gcc/testsuite/g++.dg/cpp0x/lambda/lambda-70218.C:6:8: 
error: 'int X::i' is private
/scratch/packages/gcc/5/gcc-5-5.3.1/src/gcc/testsuite/g++.dg/cpp0x/lambda/lambda-70218.C:16:18: 
error: within this context

Excess errors:
/scratch/packages/gcc/5/gcc-5-5.3.1/src/gcc/testsuite/g++.dg/cpp0x/lambda/lambda-70218.C:6:8: 
error: 'int X::i' is private
/scratch/packages/gcc/5/gcc-5-5.3.1/src/gcc/testsuite/g++.dg/cpp0x/lambda/lambda-70218.C:16:18: 
error: within this context


haven't yet checked the trunk. I don't see any other regressions besides the 
usual noise in the ubsan tests.

Matthias

Jason Merrill March 17, 2016, 3:14 a.m. UTC | #2

OK.

Jason

Patrick Palka March 17, 2016, 12:27 p.m. UTC | #3

On Wed, Mar 16, 2016 at 5:20 PM, Matthias Klose <doko@ubuntu.com> wrote:
> On 13.03.2016 21:03, Patrick Palka wrote:
>>
>> Here we are mishandling the deferred_access_stack by not coherently
>> pushing/popping from it.  In cp_parser_lambda_expression we are calling
>> (in order):
>>
>>    push_deferring_access_checks (dk_no_deferred);
>>    cp_parser_start_tentative_firewall (parser);
>>    ...
>>    pop_deferring_access_checks ();
>>    cp_parser_end_tentative_firewall (parser, start, lambda_expr);
>>
>> But the order of the last two popping calls does not correspond with the
>> order
>> of the first two pushing calls.  pop_deferring_access_checks should be
>> called last.  This error may cause us to drop deferred access checks
>> instead of performing them.
>>
>> Bootstrap + regtest in progress, does this look OK to commit if testing
>> succeeds?
>
>
> when applying this patch to the gcc-5-branch I see regressions like
>
> /scratch/packages/gcc/5/gcc-5-5.3.1/src/gcc/testsuite/g++.dg/cpp0x/lambda/lambda-70218.C:
> In function 'void foo()':
> /scratch/packages/gcc/5/gcc-5-5.3.1/src/gcc/testsuite/g++.dg/cpp0x/lambda/lambda-70218.C:6:8:
> error: 'int X::i' is private
> /scratch/packages/gcc/5/gcc-5-5.3.1/src/gcc/testsuite/g++.dg/cpp0x/lambda/lambda-70218.C:16:18:
> error: within this context
>
> Excess errors:
> /scratch/packages/gcc/5/gcc-5-5.3.1/src/gcc/testsuite/g++.dg/cpp0x/lambda/lambda-70218.C:6:8:
> error: 'int X::i' is private
> /scratch/packages/gcc/5/gcc-5-5.3.1/src/gcc/testsuite/g++.dg/cpp0x/lambda/lambda-70218.C:16:18:
> error: within this context
>
>
> haven't yet checked the trunk. I don't see any other regressions besides the
> usual noise in the ubsan tests.

lambda-70218.C is the test case that this patch adds.  It looks like
GCC 5 and 6 report errors access errors that originate inside a lambda
slightly differently.  So I think the dg-error directives in
lambda-70218.C would just have to be trivially adjusted for a GCC 5
backport.

diff --git a/gcc/cp/parser.c b/gcc/cp/parser.c
index 6ae45b0..33f09b8 100644
--- a/gcc/cp/parser.c
+++ b/gcc/cp/parser.c
@@ -9781,8 +9781,6 @@  cp_parser_lambda_expression (cp_parser* parser)
 	= auto_is_implicit_function_template_parm_p;
   }
 
-  pop_deferring_access_checks ();
-
   /* This field is only used during parsing of the lambda.  */
   LAMBDA_EXPR_THIS_CAPTURE (lambda_expr) = NULL_TREE;
 
@@ -9798,6 +9796,8 @@  cp_parser_lambda_expression (cp_parser* parser)
 
   cp_parser_end_tentative_firewall (parser, start, lambda_expr);
 
+  pop_deferring_access_checks ();
+
   return lambda_expr;
 }
 
diff --git a/gcc/testsuite/g++.dg/cpp0x/lambda/lambda-70218.C b/gcc/testsuite/g++.dg/cpp0x/lambda/lambda-70218.C
new file mode 100644
index 0000000..ae8cc2f
--- /dev/null
+++ b/gcc/testsuite/g++.dg/cpp0x/lambda/lambda-70218.C
@@ -0,0 +1,17 @@ 
+// PR c++/70218
+// { dg-do compile { target c++11 } }
+
+struct X {
+private:
+   int i;
+};
+
+struct Y {
+  Y (int) { }
+};
+
+void
+foo ()
+{
+  Y ([] { X x; x.i = 3; return 0; } ()); // { dg-error "private" }
+}

Fix PR c++/70218 (illegal access to private field succeeds)

Commit Message

Comments

Patch