Bug 2047316

Summary: Unexpected [-Werror=use-after-free] warning only on arm7hl build of code
Product: [Fedora] Fedora Reporter: William Cohen <wcohen>
Component: gccAssignee: Jakub Jelinek <jakub>
Status: CLOSED RAWHIDE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: unspecified    
Version: rawhideCC: aoliva, dmalcolm, fweimer, jakub, jwakely, law, loganjerry, mattias.ellert, mpolacek, msebor, nickc, releng, sipoyare
Target Milestone: ---   
Target Release: ---   
Hardware: armv7hl   
OS: Linux   
Fixed In Version: gcc-12.0.1-0.4.fc36 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2022-02-01 18:30:00 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Bug Depends On:    
Bug Blocks: 1992484, 2045102, 2046015    
Description Flags
A reproducer generated from stap-session.ii using creduce. none

Description William Cohen 2022-01-27 15:27:13 UTC
Created attachment 1857122 [details]
A reproducer generated from stap-session.ii using creduce.

Description of problem:

When attempted to address the FTBFS issue of systemtap (rhbz2046015) a newer version of systemtap with the expected fix was was put into the koji build system.  All the architecture except armv7hl successfully built (https://koji.fedoraproject.org/koji/taskinfo?taskID=81941041).  The armv7hl builds failed with a number of errors similar to the following:

In file included from staptree.cxx:10:
staptree.h: In member function 'next_statement::~next_statement()':
staptree.h:841:8: error: pointer used after 'operator delete(void*, unsigned int)' [-Werror=use-after-free]
  841 | struct next_statement: public statement
      |        ^~~~~~~~~~~~~~
staptree.h:841:8: note: call to 'operator delete(void*, unsigned int)' here
staptree.h: In member function 'continue_statement::~continue_statement()':
staptree.h:834:8: error: pointer used after 'operator delete(void*, unsigned int)' [-Werror=use-after-free]
  834 | struct continue_statement: public statement
      |        ^~~~~~~~~~~~~~~~~~

Florian Weimer suggested it might be a similar issue to https://gcc.gnu.org/bugzilla/show_bug.cgi?id=104232

Applied creduce to that the original 2.8MB stap-session.ii file to create a much smaller stap-session.ii file that shows the issue.  The simplified example fails on armv7hl rahide but compiles fine on rawhide x86_64.

Version-Release number of selected component (if applicable):


How reproducible:

Every time

Steps to Reproduce:
1. copy the stap-session.ii file attached to this bug
2. g++   -Wall -Werror  -O2  -c -o stap-session.o stap-session.ii 

Actual results:

$ g++   -Wall -Werror  -O2  -c -o stap-session.o stap-session.ii 
stap-session.ii: In destructor ‘virtual b::~b()’:
stap-session.ii:5:8: error: pointer used after ‘void operator delete(void*, unsigned int)’ [-Werror=use-after-free]
    5 | struct b : a {};
      |        ^
stap-session.ii:5:8: note: call to ‘void operator delete(void*, unsigned int)’ here
cc1plus: all warnings being treated as errors

Expected results:

No error compiling, the same as running on rawhide x86_64.
Additional info:

Comment 1 Marek Polacek 2022-01-27 15:31:52 UTC
Already fixed on trunk.

Comment 2 Jakub Jelinek 2022-01-27 15:40:49 UTC
My plan is to start another gcc build later friday evening or saturday, so it will finish (hopefully) during the weekend and be in rawhide on Monday.

Comment 3 Jakub Jelinek 2022-02-01 18:30:00 UTC
This ought to be fixed in gcc-12.0.1-0.4.fc36.

Comment 4 David Muse 2022-02-11 21:29:06 UTC
*** Bug 2046967 has been marked as a duplicate of this bug. ***