From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 18599 invoked by alias); 18 Sep 2014 15:09:27 -0000 Mailing-List: contact gcc-bugs-help@gcc.gnu.org; run by ezmlm Precedence: bulk List-Id: List-Archive: List-Post: List-Help: Sender: gcc-bugs-owner@gcc.gnu.org Received: (qmail 18568 invoked by uid 48); 18 Sep 2014 15:09:22 -0000 From: "rogier777 at gmail dot com" To: gcc-bugs@gcc.gnu.org Subject: [Bug c++/63296] New: g++ reports incomplete type for static template member of template class Date: Thu, 18 Sep 2014 15:09:00 -0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: gcc X-Bugzilla-Component: c++ X-Bugzilla-Version: unknown X-Bugzilla-Keywords: X-Bugzilla-Severity: normal X-Bugzilla-Who: rogier777 at gmail dot com X-Bugzilla-Status: UNCONFIRMED X-Bugzilla-Priority: P3 X-Bugzilla-Assigned-To: unassigned at gcc dot gnu.org X-Bugzilla-Target-Milestone: --- X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: bug_id short_desc product version bug_status bug_severity priority component assigned_to reporter Message-ID: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: http://gcc.gnu.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-SW-Source: 2014-09/txt/msg01844.txt.bz2 https://gcc.gnu.org/bugzilla/show_bug.cgi?id=3D63296 Bug ID: 63296 Summary: g++ reports incomplete type for static template member of template class Product: gcc Version: unknown Status: UNCONFIRMED Severity: normal Priority: P3 Component: c++ Assignee: unassigned at gcc dot gnu.org Reporter: rogier777 at gmail dot com G++ fails to compile the following code. IMHO, as 'staticmember' is a static member, the code is valid and should be accepted. Moving 'staticmember' outside the class (making it a plain static variable), makes g++ accept the code. Making 'myclass' a regular (non-template) class instead makes g++ accept the code as well. Code: --------------------------------------------------- template struct list { c member; }; template struct myclass { static list staticmember; }; myclass myvar; --------------------------------------------------- Compilation output (extended version with '-v -save-temps' below): --------------------------------------------------- $ g++ -W -Wall --std=3Dc++11 -o /dev/null try_01c.cc try_01c.cc: In instantiation of =E2=80=98struct list >=E2=80= =99: try_01c.cc:9:26: required from =E2=80=98struct myclass=E2=80=99 try_01c.cc:12:14: required from here try_01c.cc:4:7: error: =E2=80=98list::member=E2=80=99 has incomplete type c member; ^ try_01c.cc:8:8: error: declaration of =E2=80=98struct myclass=E2=80=99 struct myclass { ^ --------------------------------------------------- G++ version: 4.9 (Stock debian package version 4.9.1-14) Detailed compiler output with '-v -save-temps': --------------------------------------------------- $ g++ -W -Wall --std=3Dc++11 -v -save-temps -o /dev/null try_01c.cc Using built-in specs. COLLECT_GCC=3D/usr/bin/g++-4.9.real COLLECT_LTO_WRAPPER=3D/usr/lib/gcc/i586-linux-gnu/4.9/lto-wrapper Target: i586-linux-gnu Configured with: ../src/configure -v --with-pkgversion=3D'Debian 4.9.1-14' --with-bugurl=3Dfile:///usr/share/doc/gcc-4.9/README.Bugs --enable-languages=3Dc,c++,java,go,d,fortran,objc,obj-c++ --prefix=3D/usr --program-suffix=3D-4.9 --enable-shared --enable-linker-build-id --libexecdir=3D/usr/lib --without-included-gettext --enable-threads=3Dposix --with-gxx-include-dir=3D/usr/include/c++/4.9 --libdir=3D/usr/lib --enable-= nls --with-sysroot=3D/ --enable-clocale=3Dgnu --enable-libstdcxx-debug --enable-libstdcxx-time=3Dyes --enable-gnu-unique-object --disable-vtable-v= erify --enable-plugin --with-system-zlib --disable-browser-plugin --enable-java-awt=3Dgtk --enable-gtk-cairo --with-java-home=3D/usr/lib/jvm/java-1.5.0-gcj-4.9-i386/jre --enable-java-h= ome --with-jvm-root-dir=3D/usr/lib/jvm/java-1.5.0-gcj-4.9-i386 --with-jvm-jar-dir=3D/usr/lib/jvm-exports/java-1.5.0-gcj-4.9-i386 --with-arch-directory=3Di386 --with-ecj-jar=3D/usr/share/java/eclipse-ecj.j= ar --enable-objc-gc --enable-targets=3Dall --enable-multiarch --with-arch-32= =3Di586 --with-multilib-list=3Dm32,m64,mx32 --enable-multilib --with-tune=3Dgeneric --enable-checking=3Drelease --build=3Di586-linux-gnu --host=3Di586-linux-gnu --target=3Di586-linux-gnu Thread model: posix gcc version 4.9.1 (Debian 4.9.1-14)=20 COLLECT_GCC_OPTIONS=3D'-Wextra' '-Wall' '-std=3Dc++11' '-v' '-save-temps' '= -o' '/dev/null' '-shared-libgcc' '-mtune=3Dgeneric' '-march=3Di586' /usr/lib/gcc/i586-linux-gnu/4.9/cc1plus -E -quiet -v -imultiarch i386-linux-gnu -D_GNU_SOURCE try_01c.cc -mtune=3Dgeneric -march=3Di586 -std= =3Dc++11 -Wextra -Wall -fpch-preprocess -o try_01c.ii ignoring duplicate directory "/usr/include/i386-linux-gnu/c++/4.9" ignoring nonexistent directory "/usr/local/include/i386-linux-gnu" ignoring nonexistent directory "/usr/lib/gcc/i586-linux-gnu/4.9/../../../../i586-linux-gnu/include" #include "..." search starts here: #include <...> search starts here: /usr/include/c++/4.9 /usr/include/i386-linux-gnu/c++/4.9 /usr/include/c++/4.9/backward /usr/lib/gcc/i586-linux-gnu/4.9/include /usr/local/include /usr/lib/gcc/i586-linux-gnu/4.9/include-fixed /usr/include/i386-linux-gnu /usr/include End of search list. COLLECT_GCC_OPTIONS=3D'-Wextra' '-Wall' '-std=3Dc++11' '-v' '-save-temps' '= -o' '/dev/null' '-shared-libgcc' '-mtune=3Dgeneric' '-march=3Di586' /usr/lib/gcc/i586-linux-gnu/4.9/cc1plus -fpreprocessed try_01c.ii -quiet -dumpbase try_01c.cc -mtune=3Dgeneric -march=3Di586 -auxbase try_01c -Wextr= a -Wall -std=3Dc++11 -version -o try_01c.s GNU C++ (Debian 4.9.1-14) version 4.9.1 (i586-linux-gnu) compiled by GNU C version 4.9.1, GMP version 6.0.0, MPFR version 3.1.2-p3, MPC version 1.0.2 GGC heuristics: --param ggc-min-expand=3D100 --param ggc-min-heapsize=3D131= 072 GNU C++ (Debian 4.9.1-14) version 4.9.1 (i586-linux-gnu) compiled by GNU C version 4.9.1, GMP version 6.0.0, MPFR version 3.1.2-p3, MPC version 1.0.2 GGC heuristics: --param ggc-min-expand=3D100 --param ggc-min-heapsize=3D131= 072 Compiler executable checksum: 4eca7bfa4a918deb01db62dfdef571b2 try_01c.cc: In instantiation of =E2=80=98struct list >=E2=80= =99: try_01c.cc:9:26: required from =E2=80=98struct myclass=E2=80=99 try_01c.cc:12:14: required from here try_01c.cc:4:7: error: =E2=80=98list::member=E2=80=99 has incomplete type c member; ^ try_01c.cc:8:8: error: declaration of =E2=80=98struct myclass=E2=80=99 struct myclass { ^ --------------------------------------------------- >>From gcc-bugs-return-462011-listarch-gcc-bugs=gcc.gnu.org@gcc.gnu.org Thu Sep 18 15:13:55 2014 Return-Path: Delivered-To: listarch-gcc-bugs@gcc.gnu.org Received: (qmail 20921 invoked by alias); 18 Sep 2014 15:13:54 -0000 Mailing-List: contact gcc-bugs-help@gcc.gnu.org; run by ezmlm Precedence: bulk List-Id: List-Archive: List-Post: List-Help: Sender: gcc-bugs-owner@gcc.gnu.org Delivered-To: mailing list gcc-bugs@gcc.gnu.org Received: (qmail 20893 invoked by uid 48); 18 Sep 2014 15:13:50 -0000 From: "chefmax at gcc dot gnu.org" To: gcc-bugs@gcc.gnu.org Subject: [Bug testsuite/63297] New: ASan reported heap-use-after-free in g++.old-deja/g++.law/virtual3.C. Date: Thu, 18 Sep 2014 15:13:00 -0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: gcc X-Bugzilla-Component: testsuite X-Bugzilla-Version: 5.0 X-Bugzilla-Keywords: X-Bugzilla-Severity: normal X-Bugzilla-Who: chefmax at gcc dot gnu.org X-Bugzilla-Status: UNCONFIRMED X-Bugzilla-Priority: P3 X-Bugzilla-Assigned-To: unassigned at gcc dot gnu.org X-Bugzilla-Target-Milestone: --- X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: bug_id short_desc product version bug_status bug_severity priority component assigned_to reporter cf_gcchost cf_gcctarget attachments.created Message-ID: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 7bit X-Bugzilla-URL: http://gcc.gnu.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-SW-Source: 2014-09/txt/msg01845.txt.bz2 Content-length: 5039 https://gcc.gnu.org/bugzilla/show_bug.cgi?id=63297 Bug ID: 63297 Summary: ASan reported heap-use-after-free in g++.old-deja/g++.law/virtual3.C. Product: gcc Version: 5.0 Status: UNCONFIRMED Severity: normal Priority: P3 Component: testsuite Assignee: unassigned at gcc dot gnu.org Reporter: chefmax at gcc dot gnu.org Host: x86_64-pc-linux-gnu Target: x86_64-pc-linux-gnu Created attachment 33512 --> https://gcc.gnu.org/bugzilla/attachment.cgi?id=33512&action=edit This trivial patch seems to fix the issue. ASan reported heap-use-after-free in g++.old-deja/g++.law/virtual3.C: $ ~/install/master/bin/g++ gcc/testsuite/g++.old-deja/g++.law/virtual3.C -fsanitize=address $ ./a.out ================================================================= ==26271==ERROR: AddressSanitizer: heap-use-after-free on address 0x60300000eff8 at pc 0x7fd84fbb6470 bp 0x7fff4d8204a0 sp 0x7fff4d81fc60 READ of size 5 at 0x60300000eff8 thread T0 #0 0x7fd84fbb646f in __interceptor_strlen /home/max/workspace/downloads/gcc/libsanitizer/asan/asan_interceptors.cc:536 #1 0x7fd84f8ed2d8 in std::char_traits::length(char const*) /home/max/build/master-x86_64/x86_64-unknown-linux-gnu/libstdc++-v3/include/bits/char_traits.h:263 #2 0x7fd84f8ed2d8 in std::basic_ostream >& std::operator<< >(std::basic_ostream >&, char const*) /home/max/build/master-x86_64/x86_64-unknown-linux-gnu/libstdc++-v3/include/ostream:536 #3 0x401515 in BugStream::eval() (/home/max/workspace/downloads/gcc/a.out+0x401515) #4 0x4015ef in operator<<(std::ostream&, Eval_) (/home/max/workspace/downloads/gcc/a.out+0x4015ef) #5 0x401699 in main (/home/max/workspace/downloads/gcc/a.out+0x401699) #6 0x7fd84efa576c in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2176c) #7 0x4013c8 (/home/max/workspace/downloads/gcc/a.out+0x4013c8) 0x60300000eff8 is located 24 bytes inside of 30-byte region [0x60300000efe0,0x60300000effe) freed by thread T0 here: #0 0x7fd84fbf36a9 in operator delete(void*) /home/max/workspace/downloads/gcc/libsanitizer/asan/asan_new_delete.cc:85 #1 0x7fd84f914eef in std::string::_Rep::_M_dispose(std::allocator const&) /home/max/build/master-x86_64/x86_64-unknown-linux-gnu/libstdc++-v3/include/bits/basic_string.h:249 #2 0x7fd84f914eef in std::basic_string, std::allocator >::~basic_string() /home/max/build/master-x86_64/x86_64-unknown-linux-gnu/libstdc++-v3/include/bits/basic_string.h:547 #3 0x4015ef in operator<<(std::ostream&, Eval_) (/home/max/workspace/downloads/gcc/a.out+0x4015ef) #4 0x401699 in main (/home/max/workspace/downloads/gcc/a.out+0x401699) #5 0x7fd84efa576c in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2176c) previously allocated by thread T0 here: #0 0x7fd84fbf3169 in operator new(unsigned long) /home/max/workspace/downloads/gcc/libsanitizer/asan/asan_new_delete.cc:53 #1 0x7fd84f914d18 in __gnu_cxx::new_allocator::allocate(unsigned long, void const*) /home/max/build/master-x86_64/x86_64-unknown-linux-gnu/libstdc++-v3/include/ext/new_allocator.h:104 #2 0x7fd84f914d18 in std::string::_Rep::_S_create(unsigned long, unsigned long, std::allocator const&) /home/max/build/master-x86_64/x86_64-unknown-linux-gnu/libstdc++-v3/include/bits/basic_string.tcc:607 SUMMARY: AddressSanitizer: heap-use-after-free /home/max/workspace/downloads/gcc/libsanitizer/asan/asan_interceptors.cc:536 __interceptor_strlen Shadow bytes around the buggy address: 0x0c067fff9da0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c067fff9db0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c067fff9dc0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c067fff9dd0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c067fff9de0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa =>0x0c067fff9df0: fa fa fa fa fa fa fa fa fa fa fa fa fd fd fd[fd] 0x0c067fff9e00: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c067fff9e10: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c067fff9e20: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c067fff9e30: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c067fff9e40: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa Shadow byte legend (one shadow byte represents 8 application bytes): Addressable: 00 Partially addressable: 01 02 03 04 05 06 07 Heap left redzone: fa Heap right redzone: fb Freed heap region: fd Stack left redzone: f1 Stack mid redzone: f2 Stack right redzone: f3 Stack partial redzone: f4 Stack after return: f5 Stack use after scope: f8 Global redzone: f9 Global init order: f6 Poisoned by user: f7 Container overflow: fc ASan internal: fe ==26271==ABORTING