* [Bug c++/101355] compiling coroutines with ubsan emits bogus -Wmaybe-uninitialized warnings
2021-07-07 1:30 [Bug c++/101355] New: compiling coroutines with ubsan emits bogus -Wmaybe-uninitialized warnings daklishch at gmail dot com
@ 2021-07-07 1:30 ` daklishch at gmail dot com
2021-07-16 7:29 ` daklishch at gmail dot com
` (5 subsequent siblings)
6 siblings, 0 replies; 8+ messages in thread
From: daklishch at gmail dot com @ 2021-07-07 1:30 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=101355
--- Comment #1 from Dan Klishch <daklishch at gmail dot com> ---
Created attachment 51112
--> https://gcc.gnu.org/bugzilla/attachment.cgi?id=51112&action=edit
gcc with -v option output
^ permalink raw reply [flat|nested] 8+ messages in thread
* [Bug c++/101355] compiling coroutines with ubsan emits bogus -Wmaybe-uninitialized warnings
2021-07-07 1:30 [Bug c++/101355] New: compiling coroutines with ubsan emits bogus -Wmaybe-uninitialized warnings daklishch at gmail dot com
2021-07-07 1:30 ` [Bug c++/101355] " daklishch at gmail dot com
@ 2021-07-16 7:29 ` daklishch at gmail dot com
2021-08-30 19:02 ` [Bug c++/101355] incorrect `this' in destructor calls when compiling coroutines with ubsan iains at gcc dot gnu.org
` (4 subsequent siblings)
6 siblings, 0 replies; 8+ messages in thread
From: daklishch at gmail dot com @ 2021-07-16 7:29 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=101355
--- Comment #2 from Dan Klishch <daklishch at gmail dot com> ---
GCC incorrectly gimplifies the program. The code that is causing the warning is
in the coroutine's actor function:
try
{
D.9829 = &frame_ptr->__p;
.UBSAN_NULL (D.9829, 4B, 0);
coro::promise_type::return_void (D.9829);
goto final.suspend;
}
finally
{
.UBSAN_NULL (D.9828, 4B, 0); // here
a::~a (D.9828);
}
Obviously, an assignment to D.9828 is missing. However, a little bit earlier a
similar destruction of `struct a' is handled correctly:
try
{
b::~b (&D.9562);
}
catch
{
D.9828 = &frame_ptr->__obj.2.3;
.UBSAN_NULL (D.9828, 4B, 0);
a::~a (D.9828);
}
I guess one of this destructor calls is a copy of another and this might be the
root of the problem. After ubsan instrumentation the call to the destructor
looks like this:
a::~a (.UBSAN_NULL (SAVE_EXPR <&frame_ptr->__obj.2.3>, 4B, 0);,
SAVE_EXPR <&frame_ptr->__obj.2.3>;);
I believe the same SAVE_EXPR is copied to the second invocation of the
destructor but the enclosed expression evaluation is placed only before the
first use of SAVE_EXPR and the control flow does not reach it before a call to
the actual (second) destructor.
I guess this can be fixed by instrumenting the calls to the destructors using
temporary variable and not SAVE_EXPR, like this:
void *ptr = &frame_ptr->__obj.2.3;
.UBSAN_NULL (ptr, 4B, 0);
a::~a (ptr);
But I don't have a solid understanding of GCC internals, so I'm not sure if it
is right.
^ permalink raw reply [flat|nested] 8+ messages in thread
* [Bug c++/101355] incorrect `this' in destructor calls when compiling coroutines with ubsan
2021-07-07 1:30 [Bug c++/101355] New: compiling coroutines with ubsan emits bogus -Wmaybe-uninitialized warnings daklishch at gmail dot com
2021-07-07 1:30 ` [Bug c++/101355] " daklishch at gmail dot com
2021-07-16 7:29 ` daklishch at gmail dot com
@ 2021-08-30 19:02 ` iains at gcc dot gnu.org
2021-08-30 19:04 ` iains at gcc dot gnu.org
` (3 subsequent siblings)
6 siblings, 0 replies; 8+ messages in thread
From: iains at gcc dot gnu.org @ 2021-08-30 19:02 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=101355
Iain Sandoe <iains at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
See Also| |https://gcc.gnu.org/bugzill
| |a/show_bug.cgi?id=95137
Keywords| |wrong-code
Ever confirmed|0 |1
CC| |iains at gcc dot gnu.org
Status|UNCONFIRMED |NEW
Last reconfirmed| |2021-08-30
--- Comment #3 from Iain Sandoe <iains at gcc dot gnu.org> ---
the two cases seem likely related - if not actually the same. At present, I
was not sure if this is a coroutines bug (and have not had time to look at it
in detail).
The root cause does appear to be the same - that the sanitiser is expecting the
temp (D.9828 in your case) to be valid - but there is some path through the
code where a suspension occurs so that this is not true.
Unfortunately, I'm not familiar enough with the sanitizer code to comment on
whether the proposed fix is the right one.
^ permalink raw reply [flat|nested] 8+ messages in thread
* [Bug c++/101355] incorrect `this' in destructor calls when compiling coroutines with ubsan
2021-07-07 1:30 [Bug c++/101355] New: compiling coroutines with ubsan emits bogus -Wmaybe-uninitialized warnings daklishch at gmail dot com
` (2 preceding siblings ...)
2021-08-30 19:02 ` [Bug c++/101355] incorrect `this' in destructor calls when compiling coroutines with ubsan iains at gcc dot gnu.org
@ 2021-08-30 19:04 ` iains at gcc dot gnu.org
2021-09-04 16:39 ` daklishch at gmail dot com
` (2 subsequent siblings)
6 siblings, 0 replies; 8+ messages in thread
From: iains at gcc dot gnu.org @ 2021-08-30 19:04 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=101355
--- Comment #4 from Iain Sandoe <iains at gcc dot gnu.org> ---
patch proposed here:
https://gcc.gnu.org/pipermail/gcc-patches/2021-August/578401.html
^ permalink raw reply [flat|nested] 8+ messages in thread
* [Bug c++/101355] incorrect `this' in destructor calls when compiling coroutines with ubsan
2021-07-07 1:30 [Bug c++/101355] New: compiling coroutines with ubsan emits bogus -Wmaybe-uninitialized warnings daklishch at gmail dot com
` (3 preceding siblings ...)
2021-08-30 19:04 ` iains at gcc dot gnu.org
@ 2021-09-04 16:39 ` daklishch at gmail dot com
2021-09-30 14:42 ` mpolacek at gcc dot gnu.org
2021-09-30 14:59 ` iains at gcc dot gnu.org
6 siblings, 0 replies; 8+ messages in thread
From: daklishch at gmail dot com @ 2021-09-04 16:39 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=101355
Dan Klishch <daklishch at gmail dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution|--- |FIXED
--- Comment #5 from Dan Klishch <daklishch at gmail dot com> ---
GCC stopped instrumenting destructors in this particular case, so I guess the
bug is fixed.
https://godbolt.org/z/KGa6aGf5x
^ permalink raw reply [flat|nested] 8+ messages in thread
* [Bug c++/101355] incorrect `this' in destructor calls when compiling coroutines with ubsan
2021-07-07 1:30 [Bug c++/101355] New: compiling coroutines with ubsan emits bogus -Wmaybe-uninitialized warnings daklishch at gmail dot com
` (4 preceding siblings ...)
2021-09-04 16:39 ` daklishch at gmail dot com
@ 2021-09-30 14:42 ` mpolacek at gcc dot gnu.org
2021-09-30 14:59 ` iains at gcc dot gnu.org
6 siblings, 0 replies; 8+ messages in thread
From: mpolacek at gcc dot gnu.org @ 2021-09-30 14:42 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=101355
Marek Polacek <mpolacek at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |mpolacek at gcc dot gnu.org
--- Comment #6 from Marek Polacek <mpolacek at gcc dot gnu.org> ---
Would it be possible to backport this to gcc 11 too?
^ permalink raw reply [flat|nested] 8+ messages in thread
* [Bug c++/101355] incorrect `this' in destructor calls when compiling coroutines with ubsan
2021-07-07 1:30 [Bug c++/101355] New: compiling coroutines with ubsan emits bogus -Wmaybe-uninitialized warnings daklishch at gmail dot com
` (5 preceding siblings ...)
2021-09-30 14:42 ` mpolacek at gcc dot gnu.org
@ 2021-09-30 14:59 ` iains at gcc dot gnu.org
6 siblings, 0 replies; 8+ messages in thread
From: iains at gcc dot gnu.org @ 2021-09-30 14:59 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=101355
Iain Sandoe <iains at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Target Milestone|--- |11.3
--- Comment #7 from Iain Sandoe <iains at gcc dot gnu.org> ---
(In reply to Marek Polacek from comment #6)
> Would it be possible to backport this to gcc 11 too?
it's on my TODO to back port the correctness fixes to 11 (and where feasible
10).
^ permalink raw reply [flat|nested] 8+ messages in thread