[Bug target/86326] New: Conditional jump or move depends on uninitialized value in calculate_allocatation_cost (ira.c:2457)
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=86326 Bug ID: 86326 Summary: Conditional jump or move depends on uninitialized value in calculate_allocatation_cost (ira.c:2457) Product: gcc Version: 8.1.0 Status: UNCONFIRMED Severity: normal Priority: P3 Component: target Assignee: unassigned at gcc dot gnu.org Reporter: sduvan.gcc at gmail dot com Target Milestone: --- Created attachment 44323 --> https://gcc.gnu.org/bugzilla/attachment.cgi?id=44323&action=edit Preprocessed source The reduced testcase triggers a valgrind error. Running valgrind --trace-children=yes --expensive-definedness-checks=yes /opt/gcc/8.1.0/bin/g++ -m32 -c ./bug.ii gives (ignoring/suppressing the benign reports related to sparseset_bit_p) ==146658== Conditional jump or move depends on uninitialised value(s) ==146658==at 0xA28F8D: calculate_allocation_cost (ira.c:2457) ==146658==by 0xA28F8D: ira (ira.c:5377) ==146658==by 0xA28F8D: (anonymous namespace)::pass_ira::execute(function*) (ira.c:5606) ==146658==by 0xAEB8B1: execute_one_pass(opt_pass*) (passes.c:2497) ==146658==by 0xAEC027: execute_pass_list_1(opt_pass*) (passes.c:2586) ==146658==by 0xAEC039: execute_pass_list_1(opt_pass*) (passes.c:2587) ==146658==by 0xAEC078: execute_pass_list(function*, opt_pass*) (passes.c:2597) ==146658==by 0x85437C: cgraph_node::expand() (cgraphunit.c:2139) ==146658==by 0x855663: output_in_order (cgraphunit.c:2381) ==146658==by 0x855663: symbol_table::compile() [clone .part.72] (cgraphunit.c:2623) ==146658==by 0x857109: compile (cgraphunit.c:2537) ==146658==by 0x857109: symbol_table::finalize_compilation_unit() (cgraphunit.c:2717) ==146658==by 0xBA7987: compile_file() (toplev.c:480) ==146658==by 0x6346FE: do_compile (toplev.c:2132) ==146658==by 0x6346FE: toplev::main(int, char**) (toplev.c:2267) ==146658==by 0x63699A: main (main.c:39) bash> /opt/gcc/8.1.0/bin/g++ -v Using built-in specs. COLLECTGCC=/opt/gcc/8.1.0/bin/g++ COLLECT_LTO_WRAPPER=/opt/gcc/8.1.0/lib/gcc/x86_64-suse-linux/8.1.0/lto-wrapper Target: x86_64-suse-linux Configured with: ../../gcc-8.1.0/configure --enable-languages=c,c++,fortran --enable-targets=x86_64-suse-linux,i686-suse-linux --prefix=/opt/gcc/8.1.0 --with-gnu-as --with-as=/opt/gcc/binutils-2.30/bin/as --with-gnu-ld --with-ld=/opt/gcc/binutils-2.30/bin/ld.bfd --enable-threads=posix --enable-shared --enable-__cxa_atexit --enable-libstdcxx-allocator=pool x86_64-suse-linux Thread model: posix gcc version 8.1.0 (GCC) I'm aware of BZ 83321 but was under the impression that such issues with valgrind would not be possible when using --expensive-definedness-checks=yes.
[Bug sanitizer/84043] -fsanitize=alignment leads to massive compile time
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=84043 Johan Alfredsson changed: What|Removed |Added Status|RESOLVED|CLOSED --- Comment #5 from Johan Alfredsson --- Fixed in 8.1.
[Bug sanitizer/84043] -fsanitize=alignment leads to massive compile time
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=84043 --- Comment #2 from Johan Alfredsson --- bash> g++ -v Using built-in specs. COLLECT_GCC=/usr/local/products/gcc/7.2.0/bin/g++ COLLECT_LTO_WRAPPER=/usr/local/products/gcc/7.2.0/lib/gcc/x86_64-suse-linux/7.2.0/lto-wrapper Target: x86_64-suse-linux Configured with: ../../gcc-7.2.0/configure --enable-languages=c,c++,fortran --enable-targets=x86_64-suse-linux,i686-suse-linux --prefix=/usr/local/products/gcc/7.2.0 --with-gnu-as --with-as=/usr/local/products/gcc/binutils-2.26/bin/as --with-gnu-ld --with-ld=/usr/local/products/gcc/binutils-2.26/bin/ld.bfd --with-gmp=/usr/local/products/gcc/gmp-6.1.0 --with-mpfr=/usr/local/products/gcc/mpfr-3.1.4 --with-mpc=/usr/local/products/gcc/mpc-1.0.3 --enable-threads=posix --enable-shared --enable-__cxa_atexit --enable-libstdcxx-allocator=pool x86_64-suse-linux Thread model: posix gcc version 7.2.0 (GCC) to reproduce the problem g++ -fsanitize=alignment bug.C -o bug
[Bug sanitizer/84043] -fsanitize=alignment leads to massive compile time
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=84043 --- Comment #1 from Johan Alfredsson --- Created attachment 43245 --> https://gcc.gnu.org/bugzilla/attachment.cgi?id=43245&action=edit Preprocessed source
[Bug sanitizer/84043] New: -fsanitize=alignment leads to massive compile time
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=84043 Bug ID: 84043 Summary: -fsanitize=alignment leads to massive compile time Product: gcc Version: 7.2.0 Status: UNCONFIRMED Severity: normal Priority: P3 Component: sanitizer Assignee: unassigned at gcc dot gnu.org Reporter: sduvan.gcc at gmail dot com CC: dodji at gcc dot gnu.org, dvyukov at gcc dot gnu.org, jakub at gcc dot gnu.org, kcc at gcc dot gnu.org, marxin at gcc dot gnu.org Target Milestone: --- Created attachment 43244 --> https://gcc.gnu.org/bugzilla/attachment.cgi?id=43244&action=edit Testcase The tiny attached program, bug.C, leads to compile times that seem to be exponential in the number of operator<<():s used. I'm aware of bug 69656 but it was not clear to me that this was related to the same underlying issue and also my testcase seems significantly smaller.
[Bug sanitizer/67626] New: Erroneous report on downcast to __numpunct_cache
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=67626 Bug ID: 67626 Summary: Erroneous report on downcast to __numpunct_cache Product: gcc Version: 5.2.0 Status: UNCONFIRMED Severity: normal Priority: P3 Component: sanitizer Assignee: unassigned at gcc dot gnu.org Reporter: sduvan.gcc at gmail dot com CC: dodji at gcc dot gnu.org, dvyukov at gcc dot gnu.org, jakub at gcc dot gnu.org, kcc at gcc dot gnu.org Target Milestone: --- Created attachment 36347 --> https://gcc.gnu.org/bugzilla/attachment.cgi?id=36347&action=edit Preprocessed source code For the testcase below, it seems to me that ubsan is confused. The locale stores 'facet*':s in its cache which are downcast by __use_cache::operator() to retrieve the actual type (std::__numpunct_cache). Moreover, __numpunct_cache is a template and no type, as indicated in the error message below. Reduced testcase: #include int main() { std::locale loc(std::locale(), new std::num_put()); std::num_put const& np = std::use_facet>(loc); char buf[256]; struct ios : std::ios_base {} ios; np.put(buf, ios, '0', 1l); } bash> /usr/local/products/gcc/5.2.0/bin/g++ -fsanitize=undefined -std=gnu++11 -o bug bug.C -Wl,-rpath,/usr/local/products/gcc/5.2.0/lib64 bash> ./bug /usr/local/products/gcc/5.2.0/include/c++/5.2.0/bits/locale_facets.tcc:72:67: runtime error: downcast of address 0x7f57533d21e0 which does not point to an object of type '__numpunct_cache' 0x7f57533d21e0: note: object is of type 'std::__numpunct_cache' 00 00 00 00 d8 5f 3c 53 57 7f 00 00 01 00 00 00 00 00 00 00 8a bd 38 53 57 7f 00 00 00 00 00 00 ^~~ vptr for 'std::__numpunct_cache' /usr/local/products/gcc/5.2.0/include/c++/5.2.0/bits/locale_facets.tcc:880:2: runtime error: member access within address 0x7f57533d21e0 which does not point to an object of type '__numpunct_cache' 0x7f57533d21e0: note: object is of type 'std::__numpunct_cache' 00 00 00 00 d8 5f 3c 53 57 7f 00 00 01 00 00 00 00 00 00 00 8a bd 38 53 57 7f 00 00 00 00 00 00 ^~~ vptr for 'std::__numpunct_cache' bash> /usr/local/products/gcc/5.2.0/bin/g++ -v Using built-in specs. COLLECT_GCC=/usr/local/products/gcc/5.2.0/bin/g++ COLLECT_LTO_WRAPPER=/usr/local/products/gcc/5.2.0/lib/gcc/x86_64-suse-linux/5.2.0/lto-wrapper Target: x86_64-suse-linux Configured with: ../../gcc-5.2.0/configure --enable-languages=c,c++,fortran --enable-targets=x86_64-suse-linux,i686-suse-linux --prefix=/usr/local/products/gcc/5.2.0 --with-gnu-as --with-as=/usr/local/products/gcc/binutils-2.25.1/bin/as --with-gnu-ld --with-ld=/usr/local/products/gcc/binutils-2.25.1/bin/ld.gold --with-gmp=/usr/local/products/gcc/gmp-5.0.1 --with-mpfr=/usr/local/products/gcc/mpfr-3.0.0 --with-mpc=/usr/local/products/gcc/mpc-0.8.2 --enable-threads=posix --enable-shared --enable-__cxa_atexit --enable-libstdcxx-allocator=pool x86_64-suse-linux Thread model: posix gcc version 5.2.0 (GCC)