[Bug c++/51270] New: constness violation is accepted without any warning but leads to a required function call being eliminated during optimization

[Bug c++/51270] New: constness violation is accepted without any warning but leads to a required function call being eliminated during optimization

[michiel_dewilde at agilent dot com]

http://gcc.gnu.org/bugzilla/show_bug.cgi?id=51270

             Bug #: 51270
           Summary: constness violation is accepted without any warning
                    but leads to a required function call being eliminated
                    during optimization
    Classification: Unclassified
           Product: gcc
           Version: 4.6.2
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: c++
        AssignedTo: unassigned@gcc.gnu.org
        ReportedBy: michiel_dewilde@agilent.com


Created attachment 25884
  --> http://gcc.gnu.org/bugzilla/attachment.cgi?id=25884
Standalone source file

Bug summary: constness violation is accepted without any warning but leads to a
required function call being eliminated during optimization

The code itself has a problem in the function "faulty_compiled_function":
Feeding the return value of "pass_through" as argument to "recast_reference"
violates "const" regulations.
This error is never caught by at least g++ 4.4.2 and g++ 4.6.2 on x86_64.
Far worse, when compiling with -O1 or bigger, the optimizer eliminates the call
to "pass_through" and feeds invalid data into "recast_reference".

Proposed treatment: Either there must be an error keeping this code from
compiling, or the optimization must be able to handle it properly.

Bug triggered as follows:
  Compile using "g++ -O faulty_optimization_of_invalid_const_usage.cpp"
  Run "./a.out ; echo $0"
This should return exit code 0. It returns exit code 1.

Without optimization, there is no error.
The error occurs at any nonzero optimization level, even when using
-fno-strict-aliasing -fno-inline -fno-omit-stack-frame.

$ gcc -v
COLLECT_GCC=gcc_x86_64
COLLECT_LTO_WRAPPER=/gfs/belgium/gntnas01/d3/hped_build_gent/tools/gcc/4.6.2/bin/../libexec/gcc/x86_64-unknown-linux-gnu/4.6.2/lto-wrapper
Target: x86_64-unknown-linux-gnu
Configured with: ./configure --prefix=/hped/builds/tools/gcc/4.6.2
--enable-languages=c,c++ --with-gmp=/hfs/d1/local/dbjornba/btmp
--with-mpfr=/hfs/d1/local/dbjornba/btmp --with-mpc=/hfs/d1/local/dbjornba/btmp
Thread model: posix
gcc version 4.6.2 (GCC)

[Bug c++/51270] constness violation is accepted without any warning but leads to a required function call being eliminated during optimization

[michiel_dewilde at agilent dot com]

http://gcc.gnu.org/bugzilla/show_bug.cgi?id=51270

--- Comment #1 from Michiel De Wilde <michiel_dewilde at agilent dot com> 2011-11-22 15:26:42 UTC ---
Created attachment 25885
  --> http://gcc.gnu.org/bugzilla/attachment.cgi?id=25885
preprocessed source code (*.ii)

[Bug c++/51270] constness violation is accepted without any warning but leads to a required function call being eliminated during optimization

[redi at gcc dot gnu.org]

http://gcc.gnu.org/bugzilla/show_bug.cgi?id=51270

--- Comment #2 from Jonathan Wakely <redi at gcc dot gnu.org> 2011-11-22 15:47:45 UTC ---
If you want warnings then you should request them using -Wall etc.

Although doing so at -O2 gives this, which isn't actually very helpful:

e.cpp:67:60: warning: '<anonymous>' is used uninitialized in this function
[-Wuninitialized]


There is no constness error, the argument to recast_reference creates a
temporary of type 'char const*' which binds to a reference-to-const to that
type:

You can rewrite it as:

  int*& faulty_compiled_function(char*& val)
  {
    char const* tmp = pass_through(val);
    return recast_reference(tmp);
  }

pass_through and recast_reference are not needed, they simply serve to hide the
error in your code, which is that you return a reference to the temporary, and
use it in main() after the temporary has gone out of scope.  Therefore the code
is invalid.

[Bug c++/51270] constness violation is accepted without any warning but leads to a required function call being eliminated during optimization

[redi at gcc dot gnu.org]

http://gcc.gnu.org/bugzilla/show_bug.cgi?id=51270

--- Comment #3 from Jonathan Wakely <redi at gcc dot gnu.org> 2011-11-22 15:50:33 UTC ---
If you eliminate the obfuscation you get this:

int*& faulty_compiled_function(char*& val)
{
  char const* tmp = val;
  return (int*&)tmp;
}

char* input = (char*)0x1234;
int* output = (int*)0x1234;

int main(int argc, char* argv[])
{
  return (faulty_compiled_function(input) == output ? 0 : 1);
}

Which correctly warns you about the problem even without -Wall

If there's a bug in GCC it's that it doesn't see through two layers of
functions to determine that you're returning a reference to a temporary.

[Bug c++/51270] constness violation is accepted without any warning but leads to a required function call being eliminated during optimization

[redi at gcc dot gnu.org]

http://gcc.gnu.org/bugzilla/show_bug.cgi?id=51270

Jonathan Wakely <redi at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
           Keywords|                            |diagnostic

--- Comment #4 from Jonathan Wakely <redi at gcc dot gnu.org> 2011-11-22 15:55:41 UTC ---
This variation is a bit closer to your original and doesn't get a warning:

int*& faulty_compiled_function(char*& val)
{
  char const* const& tmp = (const char*)val;
  return (int*&)tmp;
}

So maybe there is a missed warning bug.  Other compilers miss it too.

[Bug c++/51270] missed warning about returning reference to temporary

[redi at gcc dot gnu.org]

http://gcc.gnu.org/bugzilla/show_bug.cgi?id=51270

Jonathan Wakely <redi at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
            Summary|constness violation is      |missed warning about
                   |accepted without any        |returning reference to
                   |warning but leads to a      |temporary
                   |required function call      |
                   |being eliminated during     |
                   |optimization                |

--- Comment #5 from Jonathan Wakely <redi at gcc dot gnu.org> 2011-11-22 16:41:16 UTC ---
Very similar to my PR 49974.


Still no warning even without the (highly questionable) cast:

char const* const& faulty_compiled_function(char*& val)
{
  char const* const& tmp = (const char*)val;
  return tmp;
}

N.B. Clang warns for that variation (but not the others):

faulty_optimization_of_invalid_const_usage.cpp:4:10: warning: returning
      reference to local temporary object [-Wreturn-stack-address]
  return tmp;
         ^~~
faulty_optimization_of_invalid_const_usage.cpp:3:22: note: binding reference
      variable 'tmp' here
  char const* const& tmp = (const char*)val;
                     ^     ~~~~~~~~~~~~~~~~

[Bug c++/51270] missed warning about returning reference to temporary

[michiel_dewilde at agilent dot com]

http://gcc.gnu.org/bugzilla/show_bug.cgi?id=51270

--- Comment #6 from Michiel De Wilde <michiel_dewilde at agilent dot com> 2011-11-22 18:20:44 UTC ---
Hi Jonathan, thanks for the quick analysis.

I did not realize that "char * &" and "char const * &" are not
reference-compatible, leading to a temporary being introduced when initializing
a "char const * const &" reference from a "char * &".

Therefore this is not a true gcc bug.

It would be nice though to have a warning for this case, i.e. when only the
different constnesses after pointer dereferencing are responsible for
temporaries being created for const lvalue initializations from other lvalues.
I understand this may be difficult.
Improved tracking of the reference to the temporary would also be nice.

Thanks,

Michiel

[Bug c++/51270] missed warning about returning reference to temporary

[redi at gcc dot gnu.org]

http://gcc.gnu.org/bugzilla/show_bug.cgi?id=51270

--- Comment #7 from Jonathan Wakely <redi at gcc dot gnu.org> 2011-11-22 18:56:37 UTC ---
I don't think the warning should be restricted to conversions that only involve
different const-ness.

Here's a simpler testcase for the missed warning:

const int& f(long l)
{
  const int& i = l;
  return i;
}

See also PR 51066

[Bug c++/51270] missed warning about returning reference to temporary

[redi at gcc dot gnu.org]

http://gcc.gnu.org/bugzilla/show_bug.cgi?id=51270

Jonathan Wakely <redi at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|UNCONFIRMED                 |NEW
   Last reconfirmed|                            |2011-11-22
     Ever Confirmed|0                           |1

--- Comment #8 from Jonathan Wakely <redi at gcc dot gnu.org> 2011-11-22 19:39:27 UTC ---
since at least one other compiler (clang) warns about the testcase in comment 7
I'm going to confirm this