public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug libstdc++/107927] New: vector::push_back gives array bounds warning with optimization and undefined sanitizer
@ 2022-11-30 2:15 larsbj at gullik dot org
2022-11-30 12:44 ` [Bug tree-optimization/107927] " rguenth at gcc dot gnu.org
` (3 more replies)
0 siblings, 4 replies; 5+ messages in thread
From: larsbj at gullik dot org @ 2022-11-30 2:15 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107927
Bug ID: 107927
Summary: vector::push_back gives array bounds warning with
optimization and undefined sanitizer
Product: gcc
Version: 12.2.1
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: libstdc++
Assignee: unassigned at gcc dot gnu.org
Reporter: larsbj at gullik dot org
Target Milestone: ---
Created attachment 53988
--> https://gcc.gnu.org/bugzilla/attachment.cgi?id=53988&action=edit
Pre-processed source
This looks very similar to Bug 107852, but different to warrant a report imho.
gcc --version
gcc (GCC) 12.2.1 20221121 (Red Hat 12.2.1-4)
The preprocessed file has been reduced from something much larger with
Compiling the pre-processed file with cvise. The seemingly similar test case:
#include <initializer_list>
#include <vector>
struct Foo {
Foo(std::initializer_list<unsigned> l) : v(l) { v.push_back(5); }
struct::vector<unsigned> v;
};
void make() { Foo{{}}; }
does not exibit the same error as the original or preprocessed code.
g++ g++ -Warray-bounds -O2 -fsanitize=undefined -std=gnu++20 -c test.ii
(note that the original code requires -fsanitize=undefined to fail, the
preprocessed code does not.)
gives:
In function ‘int std::construct_at(_Tp) [with _Tp = unsigned int*]’,
inlined from ‘static int std::allocator_traits<std::allocator<_Tp>
>::construct(allocator_type, _Up) [with _Up = unsigned int*; _Tp = unsigned
int]’ at :59:17,
inlined from ‘int std::vector::push_back(int)’ at :114:46,
inlined from ‘RTCPfeedback::RTCPfeedback(std::initializer_list<unsigned
int>)’ at :128:71,
inlined from ‘int makeEmptyRR()’ at :131:17:
:4:56: warning: array subscript 1 is outside array bounds of ‘unsigned int [1]’
[-Warray-bounds]
In member function ‘unsigned int* std::__new_allocator::allocate(long int)’,
inlined from ‘static _Tp* std::allocator_traits<std::allocator<_Tp>
>::allocate(allocator_type, size_type) [with _Tp = unsigned int]’ at :56:24,
inlined from ‘unsigned int* std::_Vector_base::_M_allocate(long int)’ at
:103:53,
inlined from ‘void std::vector::_M_range_initialize(_ForwardIterator,
_ForwardIterator, random_access_iterator_tag) [with _ForwardIterator = unsigned
int*]’ at :120:20,
inlined from ‘std::vector::vector(std::initializer_list<unsigned int>)’ at
:112:24,
inlined from ‘RTCPfeedback::RTCPfeedback(std::initializer_list<unsigned
int>)’ at :128:53,
inlined from ‘int makeEmptyRR()’ at :131:17:
:7:48: note: at offset 4 into object of size 4 allocated by ‘operator new’
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug tree-optimization/107927] vector::push_back gives array bounds warning with optimization and undefined sanitizer
2022-11-30 2:15 [Bug libstdc++/107927] New: vector::push_back gives array bounds warning with optimization and undefined sanitizer larsbj at gullik dot org
@ 2022-11-30 12:44 ` rguenth at gcc dot gnu.org
2022-11-30 12:48 ` redi at gcc dot gnu.org
` (2 subsequent siblings)
3 siblings, 0 replies; 5+ messages in thread
From: rguenth at gcc dot gnu.org @ 2022-11-30 12:44 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107927
Richard Biener <rguenth at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Ever confirmed|0 |1
Status|UNCONFIRMED |WAITING
Last reconfirmed| |2022-11-30
--- Comment #1 from Richard Biener <rguenth at gcc dot gnu.org> ---
I can't seem to reproduce with the unreduced non-preprocessed source? In the
reduced testcase there's
void _M_range_initialize(_ForwardIterator __first, _ForwardIterator __last,
random_access_iterator_tag) {
size_type __n;
_M_impl._M_start =
_M_allocate(_S_check_init_len(__n, _M_get_Tp_allocator()));
so __n is clearly uninitialized.
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug tree-optimization/107927] vector::push_back gives array bounds warning with optimization and undefined sanitizer
2022-11-30 2:15 [Bug libstdc++/107927] New: vector::push_back gives array bounds warning with optimization and undefined sanitizer larsbj at gullik dot org
2022-11-30 12:44 ` [Bug tree-optimization/107927] " rguenth at gcc dot gnu.org
@ 2022-11-30 12:48 ` redi at gcc dot gnu.org
2022-12-01 1:12 ` larsbj at gullik dot org
2022-12-01 14:22 ` redi at gcc dot gnu.org
3 siblings, 0 replies; 5+ messages in thread
From: redi at gcc dot gnu.org @ 2022-11-30 12:48 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107927
--- Comment #2 from Jonathan Wakely <redi at gcc dot gnu.org> ---
In the original <vector> code that should be:
const size_type __n = std::distance(__first, __last);
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug tree-optimization/107927] vector::push_back gives array bounds warning with optimization and undefined sanitizer
2022-11-30 2:15 [Bug libstdc++/107927] New: vector::push_back gives array bounds warning with optimization and undefined sanitizer larsbj at gullik dot org
2022-11-30 12:44 ` [Bug tree-optimization/107927] " rguenth at gcc dot gnu.org
2022-11-30 12:48 ` redi at gcc dot gnu.org
@ 2022-12-01 1:12 ` larsbj at gullik dot org
2022-12-01 14:22 ` redi at gcc dot gnu.org
3 siblings, 0 replies; 5+ messages in thread
From: larsbj at gullik dot org @ 2022-12-01 1:12 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107927
--- Comment #3 from Lars Gullik Bjønnes <larsbj at gullik dot org> ---
I cannot send you the unreduced preprocessed code and I have failed at creating
a small
snippet that produces the error.
This is the compiler output though.
Something might be gleaned from that.
In function ‘constexpr decltype (::new(void*(0)) _Tp) std::construct_at(_Tp*,
_Args&& ...) [with _Tp = unsigned int; _Args = {unsigned int}]’,
inlined from ‘static constexpr void
std::allocator_traits<std::allocator<_CharT> >::construct(allocator_type&,
_Up*, _Args&& ...) [with _Up = unsigned int; _Args = {unsigned int}; _Tp =
unsigned int]’ at /usr/include/c++/12/bits/alloc_traits.h:518:21,
inlined from ‘constexpr std::vector<_Tp, _Alloc>::reference
std::vector<_Tp, _Alloc>::emplace_back(_Args&& ...) [with _Args = {unsigned
int}; _Tp = unsigned int; _Alloc = std::allocator<unsigned int>]’ at
/usr/include/c++/12/bits/vector.tcc:117:30,
inlined from ‘constexpr void std::vector<_Tp,
_Alloc>::push_back(value_type&&) [with _Tp = unsigned int; _Alloc =
std::allocator<unsigned int>]’ at
/usr/include/c++/12/bits/stl_vector.h:1294:21,
inlined from ‘rtcp::RTCPfeedback<T>::RTCPfeedback(int,
std::initializer_list<unsigned int>) [with RTCP_PACKET_TYPE T = RTCP_PT_RR]’ at
functional/protocols/rtpshared/api/rtp/rtcppacket.hpp:27:20,
inlined from ‘rtcp::RTCPfeedback<RTCP_PT_RR> rtcp::makeEmptyRR(uint32_t)’
at functional/protocols/rtpshared/rtcppacket.cpp:15:53:
/usr/include/c++/12/bits/stl_construct.h:97:14: warning: array subscript 1 is
outside array bounds of ‘unsigned int [1]’ [-Warray-bounds]
97 | { return ::new((void*)__location)
_Tp(std::forward<_Args>(__args)...); }
|
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from
/usr/include/c++/12/x86_64-redhat-linux/bits/c++allocator.h:33,
from /usr/include/c++/12/bits/allocator.h:46,
from /usr/include/c++/12/string:41:
In member function ‘_Tp* std::__new_allocator<_Tp>::allocate(size_type, const
void*) [with _Tp = unsigned int]’,
inlined from ‘constexpr _Tp* std::allocator< <template-parameter-1-1>
>::allocate(std::size_t) [with _Tp = unsigned int]’ at
/usr/include/c++/12/bits/allocator.h:188:40,
inlined from ‘static constexpr _Tp*
std::allocator_traits<std::allocator<_CharT> >::allocate(allocator_type&,
size_type) [with _Tp = unsigned int]’ at
/usr/include/c++/12/bits/alloc_traits.h:464:28,
inlined from ‘constexpr std::_Vector_base<_Tp, _Alloc>::pointer
std::_Vector_base<_Tp, _Alloc>::_M_allocate(std::size_t) [with _Tp = unsigned
int; _Alloc = std::allocator<unsigned int>]’ at
/usr/include/c++/12/bits/stl_vector.h:378:33,
inlined from ‘constexpr std::_Vector_base<_Tp, _Alloc>::pointer
std::_Vector_base<_Tp, _Alloc>::_M_allocate(std::size_t) [with _Tp = unsigned
int; _Alloc = std::allocator<unsigned int>]’ at
/usr/include/c++/12/bits/stl_vector.h:375:7,
inlined from ‘constexpr void std::vector<_Tp,
_Alloc>::_M_range_initialize(_ForwardIterator, _ForwardIterator,
std::forward_iterator_tag) [with _ForwardIterator = const unsigned int*; _Tp =
unsigned int; _Alloc = std::allocator<unsigned int>]’ at
/usr/include/c++/12/bits/stl_vector.h:1687:25,
inlined from ‘constexpr std::vector<_Tp,
_Alloc>::vector(std::initializer_list<_Tp>, const allocator_type&) [with _Tp =
unsigned int; _Alloc = std::allocator<unsigned int>]’ at
/usr/include/c++/12/bits/stl_vector.h:677:21,
inlined from ‘rtcp::RTCPfeedback<T>::RTCPfeedback(int,
std::initializer_list<unsigned int>) [with RTCP_PACKET_TYPE T = RTCP_PT_RR]’ at
functional/protocols/rtpshared/api/rtp/rtcppacket.hpp:26:7,
inlined from ‘rtcp::RTCPfeedback<RTCP_PT_RR> rtcp::makeEmptyRR(uint32_t)’
at functional/protocols/rtpshared/rtcppacket.cpp:15:53:
/usr/include/c++/12/bits/new_allocator.h:137:48: note: at offset 4 into object
of size 4 allocated by ‘operator new’
137 | return static_cast<_Tp*>(_GLIBCXX_OPERATOR_NEW(__n *
sizeof(_Tp)));
| ~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug tree-optimization/107927] vector::push_back gives array bounds warning with optimization and undefined sanitizer
2022-11-30 2:15 [Bug libstdc++/107927] New: vector::push_back gives array bounds warning with optimization and undefined sanitizer larsbj at gullik dot org
` (2 preceding siblings ...)
2022-12-01 1:12 ` larsbj at gullik dot org
@ 2022-12-01 14:22 ` redi at gcc dot gnu.org
3 siblings, 0 replies; 5+ messages in thread
From: redi at gcc dot gnu.org @ 2022-12-01 14:22 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107927
--- Comment #4 from Jonathan Wakely <redi at gcc dot gnu.org> ---
It might be fixed by r13-4393-gcca06f0d6d76b0
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2022-12-01 14:22 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-11-30 2:15 [Bug libstdc++/107927] New: vector::push_back gives array bounds warning with optimization and undefined sanitizer larsbj at gullik dot org
2022-11-30 12:44 ` [Bug tree-optimization/107927] " rguenth at gcc dot gnu.org
2022-11-30 12:48 ` redi at gcc dot gnu.org
2022-12-01 1:12 ` larsbj at gullik dot org
2022-12-01 14:22 ` redi at gcc dot gnu.org
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).