public inbox for gcc-bugs@sourceware.org help / color / mirror / Atom feed
* [Bug libstdc++/107927] New: vector::push_back gives array bounds warning with optimization and undefined sanitizer @ 2022-11-30 2:15 larsbj at gullik dot org 2022-11-30 12:44 ` [Bug tree-optimization/107927] " rguenth at gcc dot gnu.org ` (3 more replies) 0 siblings, 4 replies; 5+ messages in thread From: larsbj at gullik dot org @ 2022-11-30 2:15 UTC (permalink / raw) To: gcc-bugs https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107927 Bug ID: 107927 Summary: vector::push_back gives array bounds warning with optimization and undefined sanitizer Product: gcc Version: 12.2.1 Status: UNCONFIRMED Severity: normal Priority: P3 Component: libstdc++ Assignee: unassigned at gcc dot gnu.org Reporter: larsbj at gullik dot org Target Milestone: --- Created attachment 53988 --> https://gcc.gnu.org/bugzilla/attachment.cgi?id=53988&action=edit Pre-processed source This looks very similar to Bug 107852, but different to warrant a report imho. gcc --version gcc (GCC) 12.2.1 20221121 (Red Hat 12.2.1-4) The preprocessed file has been reduced from something much larger with Compiling the pre-processed file with cvise. The seemingly similar test case: #include <initializer_list> #include <vector> struct Foo { Foo(std::initializer_list<unsigned> l) : v(l) { v.push_back(5); } struct::vector<unsigned> v; }; void make() { Foo{{}}; } does not exibit the same error as the original or preprocessed code. g++ g++ -Warray-bounds -O2 -fsanitize=undefined -std=gnu++20 -c test.ii (note that the original code requires -fsanitize=undefined to fail, the preprocessed code does not.) gives: In function ‘int std::construct_at(_Tp) [with _Tp = unsigned int*]’, inlined from ‘static int std::allocator_traits<std::allocator<_Tp> >::construct(allocator_type, _Up) [with _Up = unsigned int*; _Tp = unsigned int]’ at :59:17, inlined from ‘int std::vector::push_back(int)’ at :114:46, inlined from ‘RTCPfeedback::RTCPfeedback(std::initializer_list<unsigned int>)’ at :128:71, inlined from ‘int makeEmptyRR()’ at :131:17: :4:56: warning: array subscript 1 is outside array bounds of ‘unsigned int [1]’ [-Warray-bounds] In member function ‘unsigned int* std::__new_allocator::allocate(long int)’, inlined from ‘static _Tp* std::allocator_traits<std::allocator<_Tp> >::allocate(allocator_type, size_type) [with _Tp = unsigned int]’ at :56:24, inlined from ‘unsigned int* std::_Vector_base::_M_allocate(long int)’ at :103:53, inlined from ‘void std::vector::_M_range_initialize(_ForwardIterator, _ForwardIterator, random_access_iterator_tag) [with _ForwardIterator = unsigned int*]’ at :120:20, inlined from ‘std::vector::vector(std::initializer_list<unsigned int>)’ at :112:24, inlined from ‘RTCPfeedback::RTCPfeedback(std::initializer_list<unsigned int>)’ at :128:53, inlined from ‘int makeEmptyRR()’ at :131:17: :7:48: note: at offset 4 into object of size 4 allocated by ‘operator new’ ^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug tree-optimization/107927] vector::push_back gives array bounds warning with optimization and undefined sanitizer 2022-11-30 2:15 [Bug libstdc++/107927] New: vector::push_back gives array bounds warning with optimization and undefined sanitizer larsbj at gullik dot org @ 2022-11-30 12:44 ` rguenth at gcc dot gnu.org 2022-11-30 12:48 ` redi at gcc dot gnu.org ` (2 subsequent siblings) 3 siblings, 0 replies; 5+ messages in thread From: rguenth at gcc dot gnu.org @ 2022-11-30 12:44 UTC (permalink / raw) To: gcc-bugs https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107927 Richard Biener <rguenth at gcc dot gnu.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Ever confirmed|0 |1 Status|UNCONFIRMED |WAITING Last reconfirmed| |2022-11-30 --- Comment #1 from Richard Biener <rguenth at gcc dot gnu.org> --- I can't seem to reproduce with the unreduced non-preprocessed source? In the reduced testcase there's void _M_range_initialize(_ForwardIterator __first, _ForwardIterator __last, random_access_iterator_tag) { size_type __n; _M_impl._M_start = _M_allocate(_S_check_init_len(__n, _M_get_Tp_allocator())); so __n is clearly uninitialized. ^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug tree-optimization/107927] vector::push_back gives array bounds warning with optimization and undefined sanitizer 2022-11-30 2:15 [Bug libstdc++/107927] New: vector::push_back gives array bounds warning with optimization and undefined sanitizer larsbj at gullik dot org 2022-11-30 12:44 ` [Bug tree-optimization/107927] " rguenth at gcc dot gnu.org @ 2022-11-30 12:48 ` redi at gcc dot gnu.org 2022-12-01 1:12 ` larsbj at gullik dot org 2022-12-01 14:22 ` redi at gcc dot gnu.org 3 siblings, 0 replies; 5+ messages in thread From: redi at gcc dot gnu.org @ 2022-11-30 12:48 UTC (permalink / raw) To: gcc-bugs https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107927 --- Comment #2 from Jonathan Wakely <redi at gcc dot gnu.org> --- In the original <vector> code that should be: const size_type __n = std::distance(__first, __last); ^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug tree-optimization/107927] vector::push_back gives array bounds warning with optimization and undefined sanitizer 2022-11-30 2:15 [Bug libstdc++/107927] New: vector::push_back gives array bounds warning with optimization and undefined sanitizer larsbj at gullik dot org 2022-11-30 12:44 ` [Bug tree-optimization/107927] " rguenth at gcc dot gnu.org 2022-11-30 12:48 ` redi at gcc dot gnu.org @ 2022-12-01 1:12 ` larsbj at gullik dot org 2022-12-01 14:22 ` redi at gcc dot gnu.org 3 siblings, 0 replies; 5+ messages in thread From: larsbj at gullik dot org @ 2022-12-01 1:12 UTC (permalink / raw) To: gcc-bugs https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107927 --- Comment #3 from Lars Gullik Bjønnes <larsbj at gullik dot org> --- I cannot send you the unreduced preprocessed code and I have failed at creating a small snippet that produces the error. This is the compiler output though. Something might be gleaned from that. In function ‘constexpr decltype (::new(void*(0)) _Tp) std::construct_at(_Tp*, _Args&& ...) [with _Tp = unsigned int; _Args = {unsigned int}]’, inlined from ‘static constexpr void std::allocator_traits<std::allocator<_CharT> >::construct(allocator_type&, _Up*, _Args&& ...) [with _Up = unsigned int; _Args = {unsigned int}; _Tp = unsigned int]’ at /usr/include/c++/12/bits/alloc_traits.h:518:21, inlined from ‘constexpr std::vector<_Tp, _Alloc>::reference std::vector<_Tp, _Alloc>::emplace_back(_Args&& ...) [with _Args = {unsigned int}; _Tp = unsigned int; _Alloc = std::allocator<unsigned int>]’ at /usr/include/c++/12/bits/vector.tcc:117:30, inlined from ‘constexpr void std::vector<_Tp, _Alloc>::push_back(value_type&&) [with _Tp = unsigned int; _Alloc = std::allocator<unsigned int>]’ at /usr/include/c++/12/bits/stl_vector.h:1294:21, inlined from ‘rtcp::RTCPfeedback<T>::RTCPfeedback(int, std::initializer_list<unsigned int>) [with RTCP_PACKET_TYPE T = RTCP_PT_RR]’ at functional/protocols/rtpshared/api/rtp/rtcppacket.hpp:27:20, inlined from ‘rtcp::RTCPfeedback<RTCP_PT_RR> rtcp::makeEmptyRR(uint32_t)’ at functional/protocols/rtpshared/rtcppacket.cpp:15:53: /usr/include/c++/12/bits/stl_construct.h:97:14: warning: array subscript 1 is outside array bounds of ‘unsigned int [1]’ [-Warray-bounds] 97 | { return ::new((void*)__location) _Tp(std::forward<_Args>(__args)...); } | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ In file included from /usr/include/c++/12/x86_64-redhat-linux/bits/c++allocator.h:33, from /usr/include/c++/12/bits/allocator.h:46, from /usr/include/c++/12/string:41: In member function ‘_Tp* std::__new_allocator<_Tp>::allocate(size_type, const void*) [with _Tp = unsigned int]’, inlined from ‘constexpr _Tp* std::allocator< <template-parameter-1-1> >::allocate(std::size_t) [with _Tp = unsigned int]’ at /usr/include/c++/12/bits/allocator.h:188:40, inlined from ‘static constexpr _Tp* std::allocator_traits<std::allocator<_CharT> >::allocate(allocator_type&, size_type) [with _Tp = unsigned int]’ at /usr/include/c++/12/bits/alloc_traits.h:464:28, inlined from ‘constexpr std::_Vector_base<_Tp, _Alloc>::pointer std::_Vector_base<_Tp, _Alloc>::_M_allocate(std::size_t) [with _Tp = unsigned int; _Alloc = std::allocator<unsigned int>]’ at /usr/include/c++/12/bits/stl_vector.h:378:33, inlined from ‘constexpr std::_Vector_base<_Tp, _Alloc>::pointer std::_Vector_base<_Tp, _Alloc>::_M_allocate(std::size_t) [with _Tp = unsigned int; _Alloc = std::allocator<unsigned int>]’ at /usr/include/c++/12/bits/stl_vector.h:375:7, inlined from ‘constexpr void std::vector<_Tp, _Alloc>::_M_range_initialize(_ForwardIterator, _ForwardIterator, std::forward_iterator_tag) [with _ForwardIterator = const unsigned int*; _Tp = unsigned int; _Alloc = std::allocator<unsigned int>]’ at /usr/include/c++/12/bits/stl_vector.h:1687:25, inlined from ‘constexpr std::vector<_Tp, _Alloc>::vector(std::initializer_list<_Tp>, const allocator_type&) [with _Tp = unsigned int; _Alloc = std::allocator<unsigned int>]’ at /usr/include/c++/12/bits/stl_vector.h:677:21, inlined from ‘rtcp::RTCPfeedback<T>::RTCPfeedback(int, std::initializer_list<unsigned int>) [with RTCP_PACKET_TYPE T = RTCP_PT_RR]’ at functional/protocols/rtpshared/api/rtp/rtcppacket.hpp:26:7, inlined from ‘rtcp::RTCPfeedback<RTCP_PT_RR> rtcp::makeEmptyRR(uint32_t)’ at functional/protocols/rtpshared/rtcppacket.cpp:15:53: /usr/include/c++/12/bits/new_allocator.h:137:48: note: at offset 4 into object of size 4 allocated by ‘operator new’ 137 | return static_cast<_Tp*>(_GLIBCXX_OPERATOR_NEW(__n * sizeof(_Tp))); | ~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~ ^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug tree-optimization/107927] vector::push_back gives array bounds warning with optimization and undefined sanitizer 2022-11-30 2:15 [Bug libstdc++/107927] New: vector::push_back gives array bounds warning with optimization and undefined sanitizer larsbj at gullik dot org ` (2 preceding siblings ...) 2022-12-01 1:12 ` larsbj at gullik dot org @ 2022-12-01 14:22 ` redi at gcc dot gnu.org 3 siblings, 0 replies; 5+ messages in thread From: redi at gcc dot gnu.org @ 2022-12-01 14:22 UTC (permalink / raw) To: gcc-bugs https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107927 --- Comment #4 from Jonathan Wakely <redi at gcc dot gnu.org> --- It might be fixed by r13-4393-gcca06f0d6d76b0 ^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2022-12-01 14:22 UTC | newest] Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2022-11-30 2:15 [Bug libstdc++/107927] New: vector::push_back gives array bounds warning with optimization and undefined sanitizer larsbj at gullik dot org 2022-11-30 12:44 ` [Bug tree-optimization/107927] " rguenth at gcc dot gnu.org 2022-11-30 12:48 ` redi at gcc dot gnu.org 2022-12-01 1:12 ` larsbj at gullik dot org 2022-12-01 14:22 ` redi at gcc dot gnu.org
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).