public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug c++/99185] New: asan initialization-order-fiasco false positive
@ 2021-02-20 23:26 kal.conley at dectris dot com
2021-02-20 23:52 ` [Bug c++/99185] " kal.conley at dectris dot com
` (7 more replies)
0 siblings, 8 replies; 9+ messages in thread
From: kal.conley at dectris dot com @ 2021-02-20 23:26 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=99185
Bug ID: 99185
Summary: asan initialization-order-fiasco false positive
Product: gcc
Version: 10.2.1
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: c++
Assignee: unassigned at gcc dot gnu.org
Reporter: kal.conley at dectris dot com
Target Milestone: ---
The default constructor does not initialize primitive types.
a.cc:
=====
struct A {
int value;
A() = default;
};
A g;
b.cc:
=====
struct A {
int value;
A() = default;
};
extern A g;
int b = []() {
g.value = 1;
return 0;
}();
int main() {
return 0;
}
$ g++ -fsanitize=address -std=c++20 a.cc b.cc; ./a.out
=================================================================
==3844820==ERROR: AddressSanitizer: initialization-order-fiasco on address
0x000000404160 at pc 0x0000004013c6 bp 0x7fff2371ecc0 sp 0x7fff2371ecb0
WRITE of size 4 at 0x000000404160 thread T0
#0 0x4013c5 in b::{lambda()#1}::operator()() const
(/home/kal/work/cxx/a.out+0x4013c5)
#1 0x4012a8 in __static_initialization_and_destruction_0(int, int)
(/home/kal/work/cxx/a.out+0x4012a8)
#2 0x40134b in _GLOBAL__sub_I_b (/home/kal/work/cxx/a.out+0x40134b)
#3 0x40142c in __libc_csu_init (/home/kal/work/cxx/a.out+0x40142c)
#4 0x7f43cfb8b00d in __libc_start_main (/lib64/libc.so.6+0x2700d)
#5 0x4010dd in _start (/home/kal/work/cxx/a.out+0x4010dd)
0x000000404160 is located 0 bytes inside of global variable 'g' defined in
'a.cc:5:3' (0x404160) of size 4
registered at:
#0 0x7f43d00b5cc8 (/lib64/libasan.so.6+0x37cc8)
#1 0x401202 in _sub_I_00099_1 (/home/kal/work/cxx/a.out+0x401202)
#2 0x40142c in __libc_csu_init (/home/kal/work/cxx/a.out+0x40142c)
SUMMARY: AddressSanitizer: initialization-order-fiasco
(/home/kal/work/cxx/a.out+0x4013c5) in b::{lambda()#1}::operator()() const
Shadow bytes around the buggy address:
0x0000800787d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0000800787e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0000800787f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x000080078800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x000080078810: 00 00 00 00 f9 f9 f9 f9 f9 f9 f9 f9 00 00 00 00
=>0x000080078820: f9 f9 f9 f9 f9 f9 f9 f9 00 00 00 00[f6]f6 f6 f6
0x000080078830: f6 f6 f6 f6 00 00 00 00 04 f9 f9 f9 f9 f9 f9 f9
0x000080078840: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x000080078850: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x000080078860: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x000080078870: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Container overflow: fc
Array cookie: ac
Intra object redzone: bb
ASan internal: fe
Left alloca redzone: ca
Right alloca redzone: cb
Shadow gap: cc
==3844820==ABORTING
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Bug c++/99185] asan initialization-order-fiasco false positive
2021-02-20 23:26 [Bug c++/99185] New: asan initialization-order-fiasco false positive kal.conley at dectris dot com
@ 2021-02-20 23:52 ` kal.conley at dectris dot com
2021-02-21 0:05 ` pinskia at gcc dot gnu.org
` (6 subsequent siblings)
7 siblings, 0 replies; 9+ messages in thread
From: kal.conley at dectris dot com @ 2021-02-20 23:52 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=99185
--- Comment #1 from kal.conley at dectris dot com ---
Strict init-order checking is enabled.
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Bug c++/99185] asan initialization-order-fiasco false positive
2021-02-20 23:26 [Bug c++/99185] New: asan initialization-order-fiasco false positive kal.conley at dectris dot com
2021-02-20 23:52 ` [Bug c++/99185] " kal.conley at dectris dot com
@ 2021-02-21 0:05 ` pinskia at gcc dot gnu.org
2021-02-21 1:05 ` kal.conley at dectris dot com
` (5 subsequent siblings)
7 siblings, 0 replies; 9+ messages in thread
From: pinskia at gcc dot gnu.org @ 2021-02-21 0:05 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=99185
--- Comment #2 from Andrew Pinski <pinskia at gcc dot gnu.org> ---
I think the error is correct. There is no defined ordering of globalstar
between translation units.
Can you explain why you think the ordering is defined here?
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Bug c++/99185] asan initialization-order-fiasco false positive
2021-02-20 23:26 [Bug c++/99185] New: asan initialization-order-fiasco false positive kal.conley at dectris dot com
2021-02-20 23:52 ` [Bug c++/99185] " kal.conley at dectris dot com
2021-02-21 0:05 ` pinskia at gcc dot gnu.org
@ 2021-02-21 1:05 ` kal.conley at dectris dot com
2021-02-22 17:01 ` m.cencora at gmail dot com
` (4 subsequent siblings)
7 siblings, 0 replies; 9+ messages in thread
From: kal.conley at dectris dot com @ 2021-02-21 1:05 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=99185
--- Comment #3 from kal.conley at dectris dot com ---
I don't think there should be any dynamic initialization of A here. Also, its
weird that if the definition if A is changed to:
struct A {
int value = 0;
A() = default;
};
then the error goes away.
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Bug c++/99185] asan initialization-order-fiasco false positive
2021-02-20 23:26 [Bug c++/99185] New: asan initialization-order-fiasco false positive kal.conley at dectris dot com
` (2 preceding siblings ...)
2021-02-21 1:05 ` kal.conley at dectris dot com
@ 2021-02-22 17:01 ` m.cencora at gmail dot com
2021-02-22 17:55 ` kal.conley at dectris dot com
` (3 subsequent siblings)
7 siblings, 0 replies; 9+ messages in thread
From: m.cencora at gmail dot com @ 2021-02-22 17:01 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=99185
m.cencora at gmail dot com changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |m.cencora at gmail dot com
--- Comment #4 from m.cencora at gmail dot com ---
I think it is just that sanitizer didn't caught up to the C++20 standard where
constexpr was relaxed to allow uninitialized variables.
Constant initialization is applied only when class constructor in constexpr,
and only since C++20 'A' class has constexpr constructor.
Proof, following compiles only since C++20:
struct A {
int value;
constexpr A() = default;
};
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Bug c++/99185] asan initialization-order-fiasco false positive
2021-02-20 23:26 [Bug c++/99185] New: asan initialization-order-fiasco false positive kal.conley at dectris dot com
` (3 preceding siblings ...)
2021-02-22 17:01 ` m.cencora at gmail dot com
@ 2021-02-22 17:55 ` kal.conley at dectris dot com
2021-02-22 21:08 ` m.cencora at gmail dot com
` (2 subsequent siblings)
7 siblings, 0 replies; 9+ messages in thread
From: kal.conley at dectris dot com @ 2021-02-22 17:55 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=99185
--- Comment #5 from kal.conley at dectris dot com ---
I don't think this has anything to do with C++20. The behavior doesn't change
when compiling for C++17. In any case, `g` should be static initialized with
zeros and no dynamic initialization in `a.cc` should take place.
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Bug c++/99185] asan initialization-order-fiasco false positive
2021-02-20 23:26 [Bug c++/99185] New: asan initialization-order-fiasco false positive kal.conley at dectris dot com
` (4 preceding siblings ...)
2021-02-22 17:55 ` kal.conley at dectris dot com
@ 2021-02-22 21:08 ` m.cencora at gmail dot com
2021-02-22 21:34 ` kal.conley at dectris dot com
2021-02-22 22:08 ` m.cencora at gmail dot com
7 siblings, 0 replies; 9+ messages in thread
From: m.cencora at gmail dot com @ 2021-02-22 21:08 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=99185
--- Comment #6 from m.cencora at gmail dot com ---
Now that I think about and having read relevant chapters of C++20 spec,
observed behavior seems to be expected.
A cannot be constant initialized (because it has missing initializer for
'value' member) so at first zero-initialization is performed as part of static
initialization, then A constructor is called as part of dynamic initialization.
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Bug c++/99185] asan initialization-order-fiasco false positive
2021-02-20 23:26 [Bug c++/99185] New: asan initialization-order-fiasco false positive kal.conley at dectris dot com
` (5 preceding siblings ...)
2021-02-22 21:08 ` m.cencora at gmail dot com
@ 2021-02-22 21:34 ` kal.conley at dectris dot com
2021-02-22 22:08 ` m.cencora at gmail dot com
7 siblings, 0 replies; 9+ messages in thread
From: kal.conley at dectris dot com @ 2021-02-22 21:34 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=99185
--- Comment #7 from kal.conley at dectris dot com ---
There is no fiasco here because the default constructor of `A` does no dynamic
initialization. If the definition of `A` is changed to:
struct A {
int value;
};
then the error goes away. However, in both cases there is the same
implicitly-defined default constructor generated by the compiler. Explicitly
declaring `A() = default` should not change anything in this regard. Generating
an error in this case is not useful.
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Bug c++/99185] asan initialization-order-fiasco false positive
2021-02-20 23:26 [Bug c++/99185] New: asan initialization-order-fiasco false positive kal.conley at dectris dot com
` (6 preceding siblings ...)
2021-02-22 21:34 ` kal.conley at dectris dot com
@ 2021-02-22 22:08 ` m.cencora at gmail dot com
7 siblings, 0 replies; 9+ messages in thread
From: m.cencora at gmail dot com @ 2021-02-22 22:08 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=99185
--- Comment #8 from m.cencora at gmail dot com ---
It does not matter whether A constructor is default or empty. If class instance
cannot be constant-initialized then dynamic initialization will take place.
I think gcc just incorrectly performs constant initialization in these
scenarios.
clang reports error as expected:
struct A
{
int value;
};
struct B
{
int value;
B() = default;
};
constinit A a;
constinit B b;
^ permalink raw reply [flat|nested] 9+ messages in thread
end of thread, other threads:[~2021-02-22 22:08 UTC | newest]
Thread overview: 9+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-02-20 23:26 [Bug c++/99185] New: asan initialization-order-fiasco false positive kal.conley at dectris dot com
2021-02-20 23:52 ` [Bug c++/99185] " kal.conley at dectris dot com
2021-02-21 0:05 ` pinskia at gcc dot gnu.org
2021-02-21 1:05 ` kal.conley at dectris dot com
2021-02-22 17:01 ` m.cencora at gmail dot com
2021-02-22 17:55 ` kal.conley at dectris dot com
2021-02-22 21:08 ` m.cencora at gmail dot com
2021-02-22 21:34 ` kal.conley at dectris dot com
2021-02-22 22:08 ` m.cencora at gmail dot com
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).