* [Bug libstdc++/109703] [13/14 Regression] __builtin_unreachable() reached
2023-05-02 19:05 [Bug libstdc++/109703] New: __builtin_unreachable() reached christian.morales.vega at gmail dot com
@ 2023-05-02 20:10 ` pinskia at gcc dot gnu.org
2023-05-02 20:11 ` [Bug libstdc++/109703] [12/13/14 " pinskia at gcc dot gnu.org
` (10 subsequent siblings)
11 siblings, 0 replies; 13+ messages in thread
From: pinskia at gcc dot gnu.org @ 2023-05-02 20:10 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=109703
Andrew Pinski <pinskia at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Summary|__builtin_unreachable() |[13/14 Regression]
|reached |__builtin_unreachable()
| |reached
Target Milestone|--- |13.2
^ permalink raw reply [flat|nested] 13+ messages in thread
* [Bug libstdc++/109703] [12/13/14 Regression] __builtin_unreachable() reached
2023-05-02 19:05 [Bug libstdc++/109703] New: __builtin_unreachable() reached christian.morales.vega at gmail dot com
2023-05-02 20:10 ` [Bug libstdc++/109703] [13/14 Regression] " pinskia at gcc dot gnu.org
@ 2023-05-02 20:11 ` pinskia at gcc dot gnu.org
2023-05-02 20:14 ` pinskia at gcc dot gnu.org
` (9 subsequent siblings)
11 siblings, 0 replies; 13+ messages in thread
From: pinskia at gcc dot gnu.org @ 2023-05-02 20:11 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=109703
Andrew Pinski <pinskia at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Target Milestone|13.2 |12.3
Summary|[13/14 Regression] |[12/13/14 Regression]
|__builtin_unreachable() |__builtin_unreachable()
|reached |reached
^ permalink raw reply [flat|nested] 13+ messages in thread
* [Bug libstdc++/109703] [12/13/14 Regression] __builtin_unreachable() reached
2023-05-02 19:05 [Bug libstdc++/109703] New: __builtin_unreachable() reached christian.morales.vega at gmail dot com
2023-05-02 20:10 ` [Bug libstdc++/109703] [13/14 Regression] " pinskia at gcc dot gnu.org
2023-05-02 20:11 ` [Bug libstdc++/109703] [12/13/14 " pinskia at gcc dot gnu.org
@ 2023-05-02 20:14 ` pinskia at gcc dot gnu.org
2023-05-02 20:35 ` [Bug libstdc++/109703] [12/13/14 Regression] __builtin_unreachable() reached since r13-6915-gbf78b43873b0b7 redi at gcc dot gnu.org
` (8 subsequent siblings)
11 siblings, 0 replies; 13+ messages in thread
From: pinskia at gcc dot gnu.org @ 2023-05-02 20:14 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=109703
Andrew Pinski <pinskia at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Priority|P3 |P1
^ permalink raw reply [flat|nested] 13+ messages in thread
* [Bug libstdc++/109703] [12/13/14 Regression] __builtin_unreachable() reached since r13-6915-gbf78b43873b0b7
2023-05-02 19:05 [Bug libstdc++/109703] New: __builtin_unreachable() reached christian.morales.vega at gmail dot com
` (2 preceding siblings ...)
2023-05-02 20:14 ` pinskia at gcc dot gnu.org
@ 2023-05-02 20:35 ` redi at gcc dot gnu.org
2023-05-03 2:00 ` pinskia at gcc dot gnu.org
` (7 subsequent siblings)
11 siblings, 0 replies; 13+ messages in thread
From: redi at gcc dot gnu.org @ 2023-05-02 20:35 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=109703
Jonathan Wakely <redi at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Assignee|unassigned at gcc dot gnu.org |redi at gcc dot gnu.org
Status|UNCONFIRMED |ASSIGNED
Ever confirmed|0 |1
Last reconfirmed| |2023-05-02
--- Comment #1 from Jonathan Wakely <redi at gcc dot gnu.org> ---
See https://gcc.gnu.org/pipermail/libstdc++/2023-May/055903.html
^ permalink raw reply [flat|nested] 13+ messages in thread
* [Bug libstdc++/109703] [12/13/14 Regression] __builtin_unreachable() reached since r13-6915-gbf78b43873b0b7
2023-05-02 19:05 [Bug libstdc++/109703] New: __builtin_unreachable() reached christian.morales.vega at gmail dot com
` (3 preceding siblings ...)
2023-05-02 20:35 ` [Bug libstdc++/109703] [12/13/14 Regression] __builtin_unreachable() reached since r13-6915-gbf78b43873b0b7 redi at gcc dot gnu.org
@ 2023-05-03 2:00 ` pinskia at gcc dot gnu.org
2023-05-03 12:19 ` cvs-commit at gcc dot gnu.org
` (6 subsequent siblings)
11 siblings, 0 replies; 13+ messages in thread
From: pinskia at gcc dot gnu.org @ 2023-05-03 2:00 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=109703
Andrew Pinski <pinskia at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |tchaikov at gmail dot com
--- Comment #2 from Andrew Pinski <pinskia at gcc dot gnu.org> ---
*** Bug 109706 has been marked as a duplicate of this bug. ***
^ permalink raw reply [flat|nested] 13+ messages in thread
* [Bug libstdc++/109703] [12/13/14 Regression] __builtin_unreachable() reached since r13-6915-gbf78b43873b0b7
2023-05-02 19:05 [Bug libstdc++/109703] New: __builtin_unreachable() reached christian.morales.vega at gmail dot com
` (4 preceding siblings ...)
2023-05-03 2:00 ` pinskia at gcc dot gnu.org
@ 2023-05-03 12:19 ` cvs-commit at gcc dot gnu.org
2023-05-03 12:24 ` cvs-commit at gcc dot gnu.org
` (5 subsequent siblings)
11 siblings, 0 replies; 13+ messages in thread
From: cvs-commit at gcc dot gnu.org @ 2023-05-03 12:19 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=109703
--- Comment #3 from CVS Commits <cvs-commit at gcc dot gnu.org> ---
The master branch has been updated by Jonathan Wakely <redi@gcc.gnu.org>:
https://gcc.gnu.org/g:cbf6c7a1d16490a1e63e9a5ce00e9a5c44c4c2f2
commit r14-430-gcbf6c7a1d16490a1e63e9a5ce00e9a5c44c4c2f2
Author: Kefu Chai <kefu.chai@scylladb.com>
Date: Mon May 1 21:24:26 2023 +0100
libstdc++: Set _M_string_length before calling _M_dispose() [PR109703]
This always sets _M_string_length in the constructor for ranges of input
iterators, such as stream iterators.
We copy from the source range to the local buffer, and then repeatedly
reallocate a larger one if necessary. When disposing the old buffer,
_M_is_local() is used to tell if the buffer is the local one or not (and
so must be deallocated). In addition to comparing the buffer address
with the local buffer, _M_is_local() has an optimization hint so that
the compiler knows that for a string using the local buffer, there is an
invariant that _M_string_length <= _S_local_capacity (added for PR109299
via r13-6915-gbf78b43873b0b7). But we failed to set _M_string_length in
the constructor taking a pair of iterators, so the invariant might not
hold, and __builtin_unreachable() is reached. This causes UBsan errors,
and potentially misoptimization.
To ensure the invariant holds, _M_string_length is initialized to zero
before doing anything else, so that _M_is_local() doesn't see an
uninitialized value.
This issue only surfaces when constructing a string with a range of
input iterator, and the uninitialized _M_string_length happens to be
greater than _S_local_capacity, i.e., 15 for the std::string
specialization.
libstdc++-v3/ChangeLog:
PR libstdc++/109703
* include/bits/basic_string.h (basic_string(Iter, Iter, Alloc)):
Initialize _M_string_length.
Signed-off-by: Kefu Chai <kefu.chai@scylladb.com>
Co-authored-by: Jonathan Wakely <jwakely@redhat.com>
^ permalink raw reply [flat|nested] 13+ messages in thread
* [Bug libstdc++/109703] [12/13/14 Regression] __builtin_unreachable() reached since r13-6915-gbf78b43873b0b7
2023-05-02 19:05 [Bug libstdc++/109703] New: __builtin_unreachable() reached christian.morales.vega at gmail dot com
` (5 preceding siblings ...)
2023-05-03 12:19 ` cvs-commit at gcc dot gnu.org
@ 2023-05-03 12:24 ` cvs-commit at gcc dot gnu.org
2023-05-03 13:24 ` cvs-commit at gcc dot gnu.org
` (4 subsequent siblings)
11 siblings, 0 replies; 13+ messages in thread
From: cvs-commit at gcc dot gnu.org @ 2023-05-03 12:24 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=109703
--- Comment #4 from CVS Commits <cvs-commit at gcc dot gnu.org> ---
The releases/gcc-13 branch has been updated by Jonathan Wakely
<redi@gcc.gnu.org>:
https://gcc.gnu.org/g:d50f2599d7b23bdba05a9102645d082ed9bcb05f
commit r13-7282-gd50f2599d7b23bdba05a9102645d082ed9bcb05f
Author: Kefu Chai <kefu.chai@scylladb.com>
Date: Mon May 1 21:24:26 2023 +0100
libstdc++: Set _M_string_length before calling _M_dispose() [PR109703]
This always sets _M_string_length in the constructor for ranges of input
iterators, such as stream iterators.
We copy from the source range to the local buffer, and then repeatedly
reallocate a larger one if necessary. When disposing the old buffer,
_M_is_local() is used to tell if the buffer is the local one or not (and
so must be deallocated). In addition to comparing the buffer address
with the local buffer, _M_is_local() has an optimization hint so that
the compiler knows that for a string using the local buffer, there is an
invariant that _M_string_length <= _S_local_capacity (added for PR109299
via r13-6915-gbf78b43873b0b7). But we failed to set _M_string_length in
the constructor taking a pair of iterators, so the invariant might not
hold, and __builtin_unreachable() is reached. This causes UBsan errors,
and potentially misoptimization.
To ensure the invariant holds, _M_string_length is initialized to zero
before doing anything else, so that _M_is_local() doesn't see an
uninitialized value.
This issue only surfaces when constructing a string with a range of
input iterator, and the uninitialized _M_string_length happens to be
greater than _S_local_capacity, i.e., 15 for the std::string
specialization.
libstdc++-v3/ChangeLog:
PR libstdc++/109703
* include/bits/basic_string.h (basic_string(Iter, Iter, Alloc)):
Initialize _M_string_length.
Signed-off-by: Kefu Chai <kefu.chai@scylladb.com>
Co-authored-by: Jonathan Wakely <jwakely@redhat.com>
(cherry picked from commit cbf6c7a1d16490a1e63e9a5ce00e9a5c44c4c2f2)
^ permalink raw reply [flat|nested] 13+ messages in thread
* [Bug libstdc++/109703] [12/13/14 Regression] __builtin_unreachable() reached since r13-6915-gbf78b43873b0b7
2023-05-02 19:05 [Bug libstdc++/109703] New: __builtin_unreachable() reached christian.morales.vega at gmail dot com
` (6 preceding siblings ...)
2023-05-03 12:24 ` cvs-commit at gcc dot gnu.org
@ 2023-05-03 13:24 ` cvs-commit at gcc dot gnu.org
2023-05-03 13:25 ` redi at gcc dot gnu.org
` (3 subsequent siblings)
11 siblings, 0 replies; 13+ messages in thread
From: cvs-commit at gcc dot gnu.org @ 2023-05-03 13:24 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=109703
--- Comment #5 from CVS Commits <cvs-commit at gcc dot gnu.org> ---
The releases/gcc-12 branch has been updated by Jonathan Wakely
<redi@gcc.gnu.org>:
https://gcc.gnu.org/g:04fbfafbd9657a36e8c3e80708a18fba08136854
commit r12-9508-g04fbfafbd9657a36e8c3e80708a18fba08136854
Author: Kefu Chai <kefu.chai@scylladb.com>
Date: Mon May 1 21:24:26 2023 +0100
libstdc++: Set _M_string_length before calling _M_dispose() [PR109703]
This always sets _M_string_length in the constructor for ranges of input
iterators, such as stream iterators.
We copy from the source range to the local buffer, and then repeatedly
reallocate a larger one if necessary. When disposing the old buffer,
_M_is_local() is used to tell if the buffer is the local one or not (and
so must be deallocated). In addition to comparing the buffer address
with the local buffer, _M_is_local() has an optimization hint so that
the compiler knows that for a string using the local buffer, there is an
invariant that _M_string_length <= _S_local_capacity (added for PR109299
via r13-6915-gbf78b43873b0b7). But we failed to set _M_string_length in
the constructor taking a pair of iterators, so the invariant might not
hold, and __builtin_unreachable() is reached. This causes UBsan errors,
and potentially misoptimization.
To ensure the invariant holds, _M_string_length is initialized to zero
before doing anything else, so that _M_is_local() doesn't see an
uninitialized value.
This issue only surfaces when constructing a string with a range of
input iterator, and the uninitialized _M_string_length happens to be
greater than _S_local_capacity, i.e., 15 for the std::string
specialization.
libstdc++-v3/ChangeLog:
PR libstdc++/109703
* include/bits/basic_string.h (basic_string(Iter, Iter, Alloc)):
Initialize _M_string_length.
Signed-off-by: Kefu Chai <kefu.chai@scylladb.com>
Co-authored-by: Jonathan Wakely <jwakely@redhat.com>
(cherry picked from commit cbf6c7a1d16490a1e63e9a5ce00e9a5c44c4c2f2)
^ permalink raw reply [flat|nested] 13+ messages in thread
* [Bug libstdc++/109703] [12/13/14 Regression] __builtin_unreachable() reached since r13-6915-gbf78b43873b0b7
2023-05-02 19:05 [Bug libstdc++/109703] New: __builtin_unreachable() reached christian.morales.vega at gmail dot com
` (7 preceding siblings ...)
2023-05-03 13:24 ` cvs-commit at gcc dot gnu.org
@ 2023-05-03 13:25 ` redi at gcc dot gnu.org
2023-05-04 15:43 ` pinskia at gcc dot gnu.org
` (2 subsequent siblings)
11 siblings, 0 replies; 13+ messages in thread
From: redi at gcc dot gnu.org @ 2023-05-03 13:25 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=109703
Jonathan Wakely <redi at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Resolution|--- |FIXED
Status|ASSIGNED |RESOLVED
--- Comment #6 from Jonathan Wakely <redi at gcc dot gnu.org> ---
Fixed for 12.3 and 13.2, thanks for the report.
^ permalink raw reply [flat|nested] 13+ messages in thread
* [Bug libstdc++/109703] [12/13/14 Regression] __builtin_unreachable() reached since r13-6915-gbf78b43873b0b7
2023-05-02 19:05 [Bug libstdc++/109703] New: __builtin_unreachable() reached christian.morales.vega at gmail dot com
` (8 preceding siblings ...)
2023-05-03 13:25 ` redi at gcc dot gnu.org
@ 2023-05-04 15:43 ` pinskia at gcc dot gnu.org
2023-05-09 11:22 ` redi at gcc dot gnu.org
2023-07-04 16:41 ` redi at gcc dot gnu.org
11 siblings, 0 replies; 13+ messages in thread
From: pinskia at gcc dot gnu.org @ 2023-05-04 15:43 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=109703
Andrew Pinski <pinskia at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |enrico.seiler+gccbugs@outlo
| |ok.com
--- Comment #7 from Andrew Pinski <pinskia at gcc dot gnu.org> ---
*** Bug 109737 has been marked as a duplicate of this bug. ***
^ permalink raw reply [flat|nested] 13+ messages in thread
* [Bug libstdc++/109703] [12/13/14 Regression] __builtin_unreachable() reached since r13-6915-gbf78b43873b0b7
2023-05-02 19:05 [Bug libstdc++/109703] New: __builtin_unreachable() reached christian.morales.vega at gmail dot com
` (9 preceding siblings ...)
2023-05-04 15:43 ` pinskia at gcc dot gnu.org
@ 2023-05-09 11:22 ` redi at gcc dot gnu.org
2023-07-04 16:41 ` redi at gcc dot gnu.org
11 siblings, 0 replies; 13+ messages in thread
From: redi at gcc dot gnu.org @ 2023-05-09 11:22 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=109703
Jonathan Wakely <redi at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |gnu.ojxq8 at dralias dot com
--- Comment #8 from Jonathan Wakely <redi at gcc dot gnu.org> ---
*** Bug 109786 has been marked as a duplicate of this bug. ***
^ permalink raw reply [flat|nested] 13+ messages in thread
* [Bug libstdc++/109703] [12/13/14 Regression] __builtin_unreachable() reached since r13-6915-gbf78b43873b0b7
2023-05-02 19:05 [Bug libstdc++/109703] New: __builtin_unreachable() reached christian.morales.vega at gmail dot com
` (10 preceding siblings ...)
2023-05-09 11:22 ` redi at gcc dot gnu.org
@ 2023-07-04 16:41 ` redi at gcc dot gnu.org
11 siblings, 0 replies; 13+ messages in thread
From: redi at gcc dot gnu.org @ 2023-07-04 16:41 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=109703
Jonathan Wakely <redi at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |vaibhavawale3 at gmail dot com
--- Comment #9 from Jonathan Wakely <redi at gcc dot gnu.org> ---
*** Bug 110549 has been marked as a duplicate of this bug. ***
^ permalink raw reply [flat|nested] 13+ messages in thread