undefined behaviour due to LAPACK prototypes missing "hidden" variables required by Fortran

Comments (8)

1. 

   Conrad Sanderson reporter

   • edited description

   The prototypes for Fortran LAPACK functions appear to be incomplete in Blaze. This can lead to undefined behaviour with recent releases of gcc due to more aggressive compiler optimisations.

   According to gfortran passing conventions (followed by other fortran compilers as well), every char* argument also has an associated "hidden" argument which specifies the number of characters. The type of the "hidden" argument may vary across compilers and/or compiler versions. The position of each "hidden" argument is also compiler dependent, though seems to be typically tacked onto the end of the function definition.
   https://gcc.gnu.org/onlinedocs/gfortran/Argument-passing-conventions.html

   As an example in Blaze, the current prototype for dsyev in
   https://bitbucket.org/blaze-lib/blaze/src/master/blaze/math/lapack/clapack/syev.h
   is defined as:
   void dsyev_( char* jobz, char* uplo, int* n, double* A, int* lda, double* w, double* work, int* lwork, int* info );

   But it probably should be:
   void dsyev_( char* jobz, char* uplo, int* n, double* A, int* lda, double* w, double* work, int* lwork, int* info, blas_len jobz_len, blas_len uplo_len);

   where blas_len is typically a 32 bit unsigned int on 32 bit platforms, and 64 bit unsigned int on 64 bit platforms. (This does not apply to gcc versions <= 7, where it is always int).

   The same bug affects Armadillo, R, and a lot of other software in C and C++ that uses LAPACK:

   • https://gitlab.com/conradsnicta/armadillo-code/issues/123
   • https://gcc.gnu.org/bugzilla/show_bug.cgi?id=90329
   • https://gcc.gnu.org/ml/gcc-patches/2019-05/msg00915.html
   • https://github.com/Reference-LAPACK/lapack/issues/339

   • 2019-05-23T09:04:55+00:00
2. 

   Klaus Iglberger

   Hi Conrad!

   Thanks a lot for reporting this defect to us. We were unfortunately neither aware of the changes in gcc nor to these special Fortran conventions. Also thanks a lot for pointing out possible solutions.

   We will take some time to investigate the implications and potential differences on all supported platforms and think about reasonable changes. At this point, all test on all platforms and with all compilers (including gcc and in particular gcc-9.1) work perfectly, so we feel we have some time to properly investigate things. Thanks again,

   Best regards,

   Klaus!

   • 2019-05-24T04:31:15+00:00
3. 

   Conrad Sanderson reporter

   The “hidden args” issue is already causing visible problems, on RHEL 6 with an updated devtoolset (gcc 8.3):

   • https://bugzilla.redhat.com/show_bug.cgi?id=1709538
   • https://github.com/RcppCore/RcppArmadillo/issues/254

   The problem first seemed to be a compiler issue manifesting itself as stack corruption.

   • 2019-05-24T04:59:31+00:00
4. 

   Klaus Iglberger

   • assigned issue to
     
     Klaus Iglberger

   The prototypes for Fortran LAPACK functions appear to be incomplete in Blaze. This can lead to undefined behaviour with recent releases of gcc due to more aggressive compiler optimisations.

   According to gfortran passing conventions (followed by other fortran compilers as well), every char* argument also has an associated &#34;hidden&#34; argument which specifies the number of characters. The type of the &#34;hidden&#34; argument may vary across compilers and/or compiler versions. The position of each &#34;hidden&#34; argument is also compiler dependent, though seems to be typically tacked onto the end of the function definition.
   https://gcc.gnu.org/onlinedocs/gfortran/Argument-passing-conventions.html

   As an example in Blaze, the current prototype for dsyev in
   https://bitbucket.org/blaze-lib/blaze/src/master/blaze/math/lapack/clapack/syev.h
   is defined as:
   void dsyev_( char* jobz, char* uplo, int* n, double* A, int* lda, double* w, double* work, int* lwork, int* info );

   But it probably should be:
   void dsyev_( char* jobz, char* uplo, int* n, double* A, int* lda, double* w, double* work, int* lwork, int* info, blas_len jobz_len, blas_len uplo_len);

   where blas_len is typically a 32 bit unsigned int on 32 bit platforms, and 64 bit unsigned int on 64 bit platforms. (This does not apply to gcc versions <= 7, where it is always int).

   Avoiding the use of the blas_len arguments appeared to work, but recently gcc has started to optimise more heavily, leading to stack overwrites when these arguments are not used.

   The same bug affects Armadillo, R, and a lot of other software in C and C++ that uses LAPACK:

   • https://gitlab.com/conradsnicta/armadillo-code/issues/123
   • https://gcc.gnu.org/bugzilla/show_bug.cgi?id=90329
   • https://gcc.gnu.org/ml/gcc-patches/2019-05/msg00915.html
   • https://github.com/Reference-LAPACK/lapack/issues/339

   • 2019-05-25T05:33:18+00:00
5. 

   Klaus Iglberger

   • changed status to open

   • 2019-05-25T05:33:24+00:00
6. 

   Klaus Iglberger

   Hi Conrad!

   Thanks again for reporting this defect. After some testing we have decided to follow the path you suggested and extend the all according Fortran forward declaration with hidden arguments. However, as soon as we do that the forward declarations of Armadillo and Blaze will be incompatible. Therefore we suggest to synchronize our efforts to enable user to include both Armadillo and Blaze headers.

   We will introduce a new type similar to the one suggested by GCC. All forward declarations will be extended by the according number of trailing hidden arguments. For instance:

   void dgetrs_(char* trans, int* n, int* nrhs, double* A, int* lda, int* ipiv, double* B, int* ldb, int* info, blaze::fortran_charlen_t ntrans);
   void dsyev_(char* jobz, char* uplo, int* n, double* A, int* lda, double* w, double* work, int* lwork, int* info, blaze::fortran_charlen_t njobz, blaze::fortran_charlen_t nuplo);
   void zgesvdx_(char* jobu, char* jobv, char* range, int* m, int* n, double* A, int* lda, double* vl, double* vu, int* il, int* iu, int* ns, double* s, double* U, int* ldu, double* V, int* ldv, double* work, int* lwork, double* rwork, int* iwork, int* info, blaze::fortran_charlen_t njobu, blaze::fortran_charlen_t njobv, blaze::fortran_charlen_t nrange);
   

   We hope this approach matches the one that you have selected.

   Best regards,

   Klaus!

   • 2019-05-27T15:19:56+00:00
7. 

   Conrad Sanderson reporter

   This is what I have so far in Armadillo for the Fortran hidden argument type:

   #if !defined(ARMA_FORTRAN_CHARLEN_TYPE)
     #if defined(__GNUC__) && !defined(__clang__)
       #if (__GNUC__ <= 7)
         #define ARMA_FORTRAN_CHARLEN_TYPE int
       #else
         #define ARMA_FORTRAN_CHARLEN_TYPE size_t
       #endif
     #else
       // TODO: determine the type for other compilers
       #define ARMA_FORTRAN_CHARLEN_TYPE size_t
     #endif
   #endif
   
   typedef ARMA_FORTRAN_CHARLEN_TYPE blas_len;
   

   ‌

   It’s a work in progress (relevant file in gitlab repo). So far only tested on Linux x86-64.

   size_t is an educated guess based on:

   • "Intel Fortran Compiler User and Reference Guides", Document Number: 304970-006US, 2009, p. 301
     http://www.complexfluids.ethz.ch/MK/ifort.pdf
   • NAG Fortran compiler:
     https://www.nag.co.uk/nagware/np/r62_doc/manual/compiler_11_1.html#AUTOTOC_11_1
     Note that this compiler seems to use signed rather than unsigned; from the documentation: “Chrlenusually int, or long long on 64-bit Windows.“
     This is why I’ve allowed ARMA_FORTRAN_CHARLEN_TYPE to be optionally defined by the user.

   I haven’t checked other Fortran compilers (eg. flang from clang/llvm). There is a list of compilers at:

   • http://fortranwiki.org/fortran/show/Compilers

   • 2019-05-28T01:51:54+00:00
8. 

   Klaus Iglberger

   • changed status to resolved

   Commit 08a5303 adds hidden arguments to all Fortran forward declarations with arguments of character type. The fix is immediately available via cloning the Blaze repository and will be officially released in Blaze 3.6.

   • 2019-05-28T04:27:00+00:00
9. Log in to comment