From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gcc-bugzilla@gcc.gnu.org>
Received: by sourceware.org (Postfix, from userid 48)
 id EDB933894C1F; Fri, 22 Jan 2021 18:05:03 +0000 (GMT)
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org EDB933894C1F
From: "cvs-commit at gcc dot gnu.org" <gcc-bugzilla@gcc.gnu.org>
To: gcc-bugs@gcc.gnu.org
Subject: [Bug sanitizer/95693] [8/9/10/11 Regression] Incorrect error from
 undefined behavior sanitizer
Date: Fri, 22 Jan 2021 18:05:03 +0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: gcc
X-Bugzilla-Component: sanitizer
X-Bugzilla-Version: 10.1.0
X-Bugzilla-Keywords: wrong-code
X-Bugzilla-Severity: normal
X-Bugzilla-Who: cvs-commit at gcc dot gnu.org
X-Bugzilla-Status: ASSIGNED
X-Bugzilla-Resolution: 
X-Bugzilla-Priority: P2
X-Bugzilla-Assigned-To: jakub at gcc dot gnu.org
X-Bugzilla-Target-Milestone: 8.5
X-Bugzilla-Flags: 
X-Bugzilla-Changed-Fields: 
Message-ID: <bug-95693-4-Jsyjz0X7nT@http.gcc.gnu.org/bugzilla/>
In-Reply-To: <bug-95693-4@http.gcc.gnu.org/bugzilla/>
References: <bug-95693-4@http.gcc.gnu.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: http://gcc.gnu.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-BeenThere: gcc-bugs@gcc.gnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Gcc-bugs mailing list <gcc-bugs.gcc.gnu.org>
List-Unsubscribe: <https://gcc.gnu.org/mailman/options/gcc-bugs>,
 <mailto:gcc-bugs-request@gcc.gnu.org?subject=unsubscribe>
List-Archive: <https://gcc.gnu.org/pipermail/gcc-bugs/>
List-Post: <mailto:gcc-bugs@gcc.gnu.org>
List-Help: <mailto:gcc-bugs-request@gcc.gnu.org?subject=help>
List-Subscribe: <https://gcc.gnu.org/mailman/listinfo/gcc-bugs>,
 <mailto:gcc-bugs-request@gcc.gnu.org?subject=subscribe>
X-List-Received-Date: Fri, 22 Jan 2021 18:05:04 -0000

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=3D95693

--- Comment #6 from CVS Commits <cvs-commit at gcc dot gnu.org> ---
The master branch has been updated by Jakub Jelinek <jakub@gcc.gnu.org>:

https://gcc.gnu.org/g:a9ed18295bfc6d69d40af197e059e16622cd94c6

commit r11-6865-ga9ed18295bfc6d69d40af197e059e16622cd94c6
Author: Jakub Jelinek <jakub@redhat.com>
Date:   Fri Jan 22 19:03:23 2021 +0100

    c++: Fix up ubsan false positives on references [PR95693]

    Alex' 2 years old change to build_zero_init_1 to return NULL pointer wi=
th
    reference type for references breaks the sanitizers, the assignment of =
NULL
    to a reference typed member is then instrumented before it is overwritt=
en
    with a non-NULL address later on.
    That change has been done to fix error recovery ICE during
    process_init_constructor_record, where we:
              if (TYPE_REF_P (fldtype))
                {
                  if (complain & tf_error)
                    error ("member %qD is uninitialized reference", field);
                  else
                    return PICFLAG_ERRONEOUS;
                }
    a few lines earlier, but then continue and ICE when build_zero_init ret=
urns
    NULL.

    The following patch reverts the build_zero_init_1 change and instead
creates
    the NULL with reference type constants during the error recovery.

    The pr84593.C testcase Alex' change was fixing still works as before.

    2021-01-22  Jakub Jelinek  <jakub@redhat.com>

            PR sanitizer/95693
            * init.c (build_zero_init_1): Revert the 2018-03-06 change to
            return build_zero_cst for reference types.
            * typeck2.c (process_init_constructor_record): Instead call
            build_zero_cst here during error recovery instead of
build_zero_init.

            * g++.dg/ubsan/pr95693.C: New test.=