2043915 – systemd fails to build with gcc-12 and `-O2 -flto=auto -ffat-lto-objects`

Bug 2043915 - systemd fails to build with gcc-12 and `-O2 -flto=auto -ffat-lto-objects`

Summary: systemd fails to build with gcc-12 and `-O2 -flto=auto -ffat-lto-objects`

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	gcc
Sub Component:
Version:	rawhide
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Assignee:	Jakub Jelinek
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	2050761
TreeView+	depends on / blocked

Reported:	2022-01-22 12:53 UTC by Frantisek Sumsal
Modified:	2022-02-07 20:46 UTC (History)
CC List:	12 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2022-02-07 20:46:03 UTC
Type:	Bug
Embargoed:
Dependent Products:

Attachments	(Terms of Use)
pcks11-util.c.i (1.19 MB, text/plain) 2022-01-22 12:54 UTC, Frantisek Sumsal	no flags	Details
pkcs11-utils.c.s (1.34 MB, text/plain) 2022-01-22 12:54 UTC, Frantisek Sumsal	no flags	Details
pkcs11-util.c.o.d (9.23 KB, text/plain) 2022-01-22 12:55 UTC, Frantisek Sumsal	no flags	Details
View All

Links
System	ID	Private	Priority	Status	Summary	Last Updated
GNU Compiler Collection	104232	0	P3	ASSIGNED	[12 Regression] spurious -Wuse-after-free after conditional free	2022-01-25 20:37:28 UTC

Description Frantisek Sumsal 2022-01-22 12:53:02 UTC

Description of problem:
As mentioned in $SUBJ, our systemd builds in Rawhide started recently (https://github.com/systemd/systemd/issues/22215) failing with:

```
In file included from ../src/basic/macro.h:12,
                 from ../src/basic/time-util.h:19,
                 from ../src/shared/ask-password-api.h:6,
                 from ../src/shared/pkcs11-util.c:5:
In function ‘freep’,
    inlined from ‘pkcs11_token_login’ at ../src/shared/pkcs11-util.c:240:83:
../src/fundamental/macro-fundamental.h:284:17: error: pointer ‘id_384’ used after ‘free’ [-Werror=use-after-free]
  284 |                 free(memory);                   \
      |                 ^~~~~~~~~~~~
In function ‘freep’,
    inlined from ‘pkcs11_token_login’ at ../src/shared/pkcs11-util.c:240:95:
../src/fundamental/macro-fundamental.h:284:17: note: call to ‘free’ here
  284 |                 free(memory);                   \
      |                 ^~~~~~~~~~~~
In function ‘freep’,
    inlined from ‘pkcs11_token_login’ at ../src/shared/pkcs11-util.c:240:56:
../src/fundamental/macro-fundamental.h:284:17: error: pointer ‘token_uri_escaped_380’ used after ‘free’ [-Werror=use-after-free]
  284 |                 free(memory);                   \
      |                 ^~~~~~~~~~~~
In function ‘freep’,
    inlined from ‘pkcs11_token_login’ at ../src/shared/pkcs11-util.c:240:95:
../src/fundamental/macro-fundamental.h:284:17: note: call to ‘free’ here
  284 |                 free(memory);                   \
      |                 ^~~~~~~~~~~~
cc1: all warnings being treated as errors
```

After a closer look the culprit seems to be `-ffat-lto-objects` - without it the issue disappears.

Version-Release number of selected component (if applicable):
gcc-12.0.1-0.2.fc36.x86_64


Steps to Reproduce:
# dnf builddep -y systemd
# git clone https://github.com/systemd/systemd -depth 1
# cd systemd
# CFLAGS="-O2 -flto=auto -ffat-lto-objects" meson build --werror
# ninja -C build

Actual results:
# ninja -C build
ninja: Entering directory `build'
[416/1999] Compiling C object src/shared/libsystemd-shared-250.a.p/pkcs11-util.c.o
FAILED: src/shared/libsystemd-shared-250.a.p/pkcs11-util.c.o 
cc -Isrc/shared/libsystemd-shared-250.a.p -Isrc/shared -I../src/shared -Isrc/basic -I../src/basic -Isrc/fundamental -I../src/fundamental -Isrc/systemd -I../src/systemd -I. -I.. -I../src/libsystemd/sd-bus -I../src/libsystemd/sd-device -I../src/libsystemd/sd-event -I../src/libsystemd/sd-hwdb -I../src/libsystemd/sd-id128 -I../src/libsystemd/sd-journal -I../src/libsystemd/sd-netlink -I../src/libsystemd/sd-network -I../src/libsystemd/sd-resolve -I/usr/include/blkid -I/usr/include/libmount -I/usr/include/p11-kit-1 -fdiagnostics-color=always -D_FILE_OFFSET_BITS=64 -Wall -Winvalid-pch -Wextra -Werror -std=gnu99 -g -Wno-format-signedness -Wno-missing-field-initializers -Wno-unused-parameter -Wdate-time -Wendif-labels -Werror=format=2 -Werror=implicit-function-declaration -Werror=incompatible-pointer-types -Werror=int-conversion -Werror=overflow -Werror=override-init -Werror=return-type -Werror=shift-count-overflow -Werror=shift-overflow=2 -Werror=undef -Wfloat-equal -Wimplicit-fallthrough=5 -Winit-self -Wlogical-op -Wmissing-include-dirs -Wmissing-noreturn -Wnested-externs -Wold-style-definition -Wpointer-arith -Wredundant-decls -Wshadow -Wstrict-aliasing=2 -Wstrict-prototypes -Wsuggest-attribute=noreturn -Wunused-function -Wwrite-strings -Wno-unused-result -Werror=missing-declarations -Werror=missing-prototypes -fdiagnostics-show-option -fno-common -fno-strict-aliasing -fstack-protector -fstack-protector-strong -fvisibility=hidden --param=ssp-buffer-size=4 -Werror=shadow -include config.h -O2 -flto=auto -ffat-lto-objects -fPIC -pthread -fvisibility=default -MD -MQ src/shared/libsystemd-shared-250.a.p/pkcs11-util.c.o -MF src/shared/libsystemd-shared-250.a.p/pkcs11-util.c.o.d -o src/shared/libsystemd-shared-250.a.p/pkcs11-util.c.o -c ../src/shared/pkcs11-util.c
In file included from ../src/basic/macro.h:12,
                 from ../src/basic/time-util.h:19,
                 from ../src/shared/ask-password-api.h:6,
                 from ../src/shared/pkcs11-util.c:5:
In function ‘freep’,
    inlined from ‘pkcs11_token_login’ at ../src/shared/pkcs11-util.c:240:83:
../src/fundamental/macro-fundamental.h:284:17: error: pointer ‘id_239’ used after ‘free’ [-Werror=use-after-free]
  284 |                 free(memory);                   \
      |                 ^~~~~~~~~~~~
In function ‘freep’,
    inlined from ‘pkcs11_token_login’ at ../src/shared/pkcs11-util.c:240:95:
../src/fundamental/macro-fundamental.h:284:17: note: call to ‘free’ here
  284 |                 free(memory);                   \
      |                 ^~~~~~~~~~~~
In function ‘freep’,
    inlined from ‘pkcs11_token_login’ at ../src/shared/pkcs11-util.c:240:56:
../src/fundamental/macro-fundamental.h:284:17: error: pointer ‘token_uri_escaped_237’ used after ‘free’ [-Werror=use-after-free]
  284 |                 free(memory);                   \
      |                 ^~~~~~~~~~~~
In function ‘freep’,
    inlined from ‘pkcs11_token_login’ at ../src/shared/pkcs11-util.c:240:95:
../src/fundamental/macro-fundamental.h:284:17: note: call to ‘free’ here
  284 |                 free(memory);                   \
      |                 ^~~~~~~~~~~~
cc1: all warnings being treated as errors
[425/1999] Compiling C object src/udev/libudev-core.a.p/udev-rules.c.o
ninja: build stopped: subcommand failed.


Additional info:
# cd build
# cc -Isrc/shared/libsystemd-shared-250.a.p -Isrc/shared -I../src/shared -Isrc/basic -I../src/basic -Isrc/fundamental -I../src/fundamental -Isrc/systemd -I../src/systemd -I. -I.. -I../src/libsystemd/sd-bus -I../src/libsystemd/sd-device -I../src/libsystemd/sd-event -I../src/libsystemd/sd-hwdb -I../src/libsystemd/sd-id128 -I../src/libsystemd/sd-journal -I../src/libsystemd/sd-netlink -I../src/libsystemd/sd-network -I../src/libsystemd/sd-resolve -I/usr/include/blkid -I/usr/include/libmount -I/usr/include/p11-kit-1 -fdiagnostics-color=always -D_FILE_OFFSET_BITS=64 -Wall -Winvalid-pch -Wextra -Werror -std=gnu99 -g -Wno-format-signedness -Wno-missing-field-initializers -Wno-unused-parameter -Wdate-time -Wendif-labels -Werror=format=2 -Werror=implicit-function-declaration -Werror=incompatible-pointer-types -Werror=int-conversion -Werror=overflow -Werror=override-init -Werror=return-type -Werror=shift-count-overflow -Werror=shift-overflow=2 -Werror=undef -Wfloat-equal -Wimplicit-fallthrough=5 -Winit-self -Wlogical-op -Wmissing-include-dirs -Wmissing-noreturn -Wnested-externs -Wold-style-definition -Wpointer-arith -Wredundant-decls -Wshadow -Wstrict-aliasing=2 -Wstrict-prototypes -Wsuggest-attribute=noreturn -Wunused-function -Wwrite-strings -Wno-unused-result -Werror=missing-declarations -Werror=missing-prototypes -fdiagnostics-show-option -fno-common -fno-strict-aliasing -fstack-protector -fstack-protector-strong -fvisibility=hidden --param=ssp-buffer-size=4 -Werror=shadow -include config.h -O2 -flto=auto -ffat-lto-objects -fPIC -pthread -fvisibility=default -MD -MQ src/shared/libsystemd-shared-250.a.p/pkcs11-util.c.o -MF src/shared/libsystemd-shared-250.a.p/pkcs11-util.c.o.d -o src/shared/libsystemd-shared-250.a.p/pkcs11-util.c.o -c ../src/shared/pkcs11-util.c -save-temps
In file included from ../src/basic/string-util.h:8,
                 from ../src/basic/escape.h:10,
                 from ../src/shared/pkcs11-util.c:7:
In function ‘freep’,
    inlined from ‘pkcs11_token_login’ at ../src/shared/pkcs11-util.c:240:82:
../src/basic/alloc-util.h:90:25: error: pointer ‘id_239’ used after ‘free’ [-Werror=use-after-free]
   90 |         *(void**)p = mfree(*(void**) p);
      |                         ^~~~~~~~~~~~~~~~ 
In function ‘freep’,
    inlined from ‘pkcs11_token_login’ at ../src/shared/pkcs11-util.c:240:94:
../src/basic/alloc-util.h:90:25: note: call to ‘free’ here
   90 |         *(void**)p = mfree(*(void**) p);
      |                         ^~~~~~~~~~~~~~~~ 
In function ‘freep’,
    inlined from ‘pkcs11_token_login’ at ../src/shared/pkcs11-util.c:240:55:
../src/basic/alloc-util.h:90:25: error: pointer ‘token_uri_escaped_237’ used after ‘free’ [-Werror=use-after-free]
   90 |         *(void**)p = mfree(*(void**) p);
      |                         ^~~~~~~~~~~~~~~~ 
In function ‘freep’,
    inlined from ‘pkcs11_token_login’ at ../src/shared/pkcs11-util.c:240:94:
../src/basic/alloc-util.h:90:25: note: call to ‘free’ here
   90 |         *(void**)p = mfree(*(void**) p);
      |                         ^~~~~~~~~~~~~~~~ 
cc1: all warnings being treated as errors

See attachments for the generated pkcs11-util.c.{i,o.d,s} files.

Comment 1 Frantisek Sumsal 2022-01-22 12:54:00 UTC

Created attachment 1852706 [details]
pcks11-util.c.i

Comment 2 Frantisek Sumsal 2022-01-22 12:54:57 UTC

Created attachment 1852707 [details]
pkcs11-utils.c.s

Comment 3 Frantisek Sumsal 2022-01-22 12:55:43 UTC

Created attachment 1852708 [details]
pkcs11-util.c.o.d

Comment 4 Arnaldo Carvalho de Melo 2022-01-24 17:01:39 UTC

The perf codebase also has cases such as:

                file = realloc(files, (nr + 1) * sizeof(*files));
                if (!file)
                        goto out_err;

                files = file;
                file = &files[nr++];
...
        if (!files)
                return -EINVAL;

        data->dir.files = files;
        data->dir.nr    = nr;
        return 0;

out_err:
        close_dir(files, nr);
        return ret;

Tha gets this warning and breaks the build:


     9.60 fedora:rawhide                : FAIL gcc version 12.0.1 20220118 (Red Hat 12.0.1-0) (GCC) 
        inlined from 'perf_data__open_dir' at util/data.c:139:2:
    util/data.c:27:9: error: pointer 'files' may be used after 'realloc' [-Werror=use-after-free]
       27 |         free(files);
          |         ^~~~~~~~~~~
    util/data.c: In function 'perf_data__open_dir':
    util/data.c:112:24: note: call to 'realloc' here
      112 |                 file = realloc(files, (nr + 1) * sizeof(*files));
          |                        ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    util/data.c:141:1: error: pointer 'files' may be used after 'realloc' [-Werror=use-after-free]
      141 | }
          | ^
    util/data.c:112:24: note: call to 'realloc' here
      112 |                 file = realloc(files, (nr + 1) * sizeof(*files));
          |                        ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    util/data.c:141:1: error: pointer 'files' may be used after 'realloc' [-Werror=use-after-free]
      141 | }
          | ^
    util/data.c:112:24: note: call to 'realloc' here
      112 |                 file = realloc(files, (nr + 1) * sizeof(*files));
          |                        ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    cc1: all warnings being treated as errors

Since realloc leaves 'files' untouched when it fails, this doesn't look a valid conclusion for use after free. I'll go looking for the pragma to disable this...

BTW, this works on these compilers:

almalinux:8                   : Ok   gcc (GCC) 8.5.0 20210514 (Red Hat 8.5.0-4) , clang version 12.0.1 (Red Hat 12.0.1-4.module_el8.5.0+1025+93159d6c)
alpine:3.4                    : Ok   gcc (Alpine 5.3.0) 5.3.0 , clang version 3.8.0 (tags/RELEASE_380/final)
alpine:3.5                    : Ok   gcc (Alpine 6.2.1) 6.2.1 20160822 , clang version 3.8.1 (tags/RELEASE_381/final)
alpine:3.6                    : Ok   gcc (Alpine 6.3.0) 6.3.0 , clang version 4.0.0 (tags/RELEASE_400/final)
alpine:3.7                    : Ok   gcc (Alpine 6.4.0) 6.4.0 , Alpine clang version 5.0.0 (tags/RELEASE_500/final) (based on LLVM 5.0.0)
alpine:3.8                    : Ok   gcc (Alpine 6.4.0) 6.4.0 , Alpine clang version 5.0.1 (tags/RELEASE_501/final) (based on LLVM 5.0.1)
alpine:3.9                    : Ok   gcc (Alpine 8.3.0) 8.3.0 , Alpine clang version 5.0.1 (tags/RELEASE_502/final) (based on LLVM 5.0.1)
alpine:3.10                   : Ok   gcc (Alpine 8.3.0) 8.3.0 , Alpine clang version 8.0.0 (tags/RELEASE_800/final) (based on LLVM 8.0.0)
alpine:3.11                   : Ok   gcc (Alpine 9.3.0) 9.3.0 , Alpine clang version 9.0.0 (https://git.alpinelinux.org/aports f7f0d2c2b8bcd6a5843401a9a702029556492689) (based on LLVM 9.0.0)
alpine:3.12                   : Ok   gcc (Alpine 9.3.0) 9.3.0 , Alpine clang version 10.0.0 (https://gitlab.alpinelinux.org/alpine/aports.git 7445adce501f8473efdb93b17b5eaf2f1445ed4c)
alpine:3.13                   : Ok   gcc (Alpine 10.2.1_pre1) 10.2.1 20201203 , Alpine clang version 10.0.1
alpine:3.14                   : Ok   gcc (Alpine 10.3.1_git20210424) 10.3.1 20210424 , Alpine clang version 11.1.0
alpine:3.15                   : Ok   gcc (Alpine 10.3.1_git20211027) 10.3.1 20211027 , Alpine clang version 12.0.1
alpine:edge                   : Ok   gcc (Alpine 11.2.1_git20211128) 11.2.1 20211128 , Alpine clang version 12.0.1
alt:p8                        : Ok   x86_64-alt-linux-gcc (GCC) 5.3.1 20151207 (ALT p8 5.3.1-alt3.M80P.1) , clang version 3.8.0 (tags/RELEASE_380/final)
alt:p9                        : Ok   x86_64-alt-linux-gcc (GCC) 8.4.1 20200305 (ALT p9 8.4.1-alt0.p9.1) , clang version 10.0.0
alt:p10                       : Ok   x86_64-alt-linux-gcc (GCC) 10.3.1 20210703 (ALT Sisyphus 10.3.1-alt2) , clang version 11.0.1
alt:sisyphus                  : Ok   x86_64-alt-linux-gcc (GCC) 11.2.1 20210911 (ALT Sisyphus 11.2.1-alt1) , ALT Linux Team clang version 12.0.1
amazonlinux:1                 : Ok   gcc (GCC) 7.2.1 20170915 (Red Hat 7.2.1-2) , clang version 3.6.2 (tags/RELEASE_362/final)
amazonlinux:2                 : Ok   gcc (GCC) 7.3.1 20180712 (Red Hat 7.3.1-13) , clang version 11.1.0 (Amazon Linux 2 11.1.0-1.amzn2.0.2)
archlinux:base                : Ok   gcc (GCC) 11.1.0 , clang version 13.0.0
centos:8                      : Ok   gcc (GCC) 8.4.1 20200928 (Red Hat 8.4.1-1) , clang version 11.0.1 (Red Hat 11.0.1-1.module_el8.4.0+966+2995ef20)
centos:stream                 : Ok   gcc (GCC) 8.5.0 20210514 (Red Hat 8.5.0-3) , clang version 12.0.1 (Red Hat 12.0.1-2.module_el8.6.0+937+1cafe22c)
clearlinux:latest             : Ok   gcc (Clear Linux OS for Intel Architecture) 11.2.1 20220103 releases/gcc-11.2.0-627-gd4a1d3c4b3 , clang version 11.1.0
debian:9                      : Ok   gcc (Debian 6.3.0-18+deb9u1) 6.3.0 20170516 , clang version 3.8.1-24 (tags/RELEASE_381/final)
debian:10                     : Ok   gcc (Debian 8.3.0-6) 8.3.0 , clang version 7.0.1-8+deb10u2 (tags/RELEASE_701/final)
debian:11                     : Ok   gcc (Debian 10.2.1-6) 10.2.1 20210110 , Debian clang version 11.0.1-2
debian:experimental           : Ok   gcc (Debian 11.2.0-13) 11.2.0 , Debian clang version 13.0.0-9+b2
debian:experimental-x-arm64   : Ok   aarch64-linux-gnu-gcc (Debian 11.2.0-9) 11.2.0
debian:experimental-x-mips    : Ok   mips-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110
debian:experimental-x-mips64  : Ok   mips64-linux-gnuabi64-gcc (Debian 10.2.1-6) 10.2.1 20210110
debian:experimental-x-mipsel  : Ok   mipsel-linux-gnu-gcc (Debian 11.2.0-9) 11.2.0
fedora:22                     : Ok   gcc (GCC) 5.3.1 20160406 (Red Hat 5.3.1-6) , clang version 3.5.0 (tags/RELEASE_350/final)
fedora:23                     : Ok   gcc (GCC) 5.3.1 20160406 (Red Hat 5.3.1-6) , clang version 3.7.0 (tags/RELEASE_370/final)
fedora:24                     : Ok   gcc (GCC) 6.3.1 20161221 (Red Hat 6.3.1-1) , clang version 3.8.1 (tags/RELEASE_381/final)
fedora:24-x-ARC-uClibc        : Ok   arc-linux-gcc (ARCompact ISA Linux uClibc toolchain 2017.09-rc2) 7.1.1 20170710
fedora:25                     : Ok   gcc (GCC) 6.4.1 20170727 (Red Hat 6.4.1-1) , clang version 3.9.1 (tags/RELEASE_391/final)
fedora:26                     : Ok   gcc (GCC) 7.3.1 20180130 (Red Hat 7.3.1-2) , clang version 4.0.1 (tags/RELEASE_401/final)
fedora:27                     : Ok   gcc (GCC) 7.3.1 20180712 (Red Hat 7.3.1-6) , clang version 5.0.2 (tags/RELEASE_502/final)
fedora:28                     : Ok   gcc (GCC) 8.3.1 20190223 (Red Hat 8.3.1-2) , clang version 6.0.1 (tags/RELEASE_601/final)
fedora:29                     : Ok   gcc (GCC) 8.3.1 20190223 (Red Hat 8.3.1-2) , clang version 7.0.1 (Fedora 7.0.1-6.fc29)
fedora:30                     : Ok   gcc (GCC) 9.3.1 20200408 (Red Hat 9.3.1-2) , clang version 8.0.0 (Fedora 8.0.0-3.fc30)
fedora:31                     : Ok   gcc (GCC) 9.3.1 20200408 (Red Hat 9.3.1-2) , clang version 9.0.1 (Fedora 9.0.1-4.fc31)
fedora:32                     : Ok   gcc (GCC) 10.3.1 20210422 (Red Hat 10.3.1-1) , clang version 10.0.1 (Fedora 10.0.1-3.fc32)
fedora:33                     : Ok   gcc (GCC) 10.3.1 20210422 (Red Hat 10.3.1-1) , clang version 11.0.0 (Fedora 11.0.0-3.fc33)
fedora:34                     : Ok   gcc (GCC) 11.2.1 20210728 (Red Hat 11.2.1-1) , clang version 12.0.1 (Fedora 12.0.1-1.fc34)
fedora:34-x-ARC-glibc         : Ok   arc-linux-gcc (ARC HS GNU/Linux glibc toolchain 2019.03-rc1) 8.3.1 20190225
fedora:34-x-ARC-uClibc        : Ok   arc-linux-gcc (ARCv2 ISA Linux uClibc toolchain 2019.03-rc1) 8.3.1 20190225
fedora:35                     : Ok   gcc (GCC) 11.2.1 20211203 (Red Hat 11.2.1-7) , clang version 13.0.0 (Fedora 13.0.0-3.fc35)
gentoo-stage3:latest          : Ok   gcc (Gentoo 11.2.0 p1) 11.2.0 , clang version 13.0.0
mageia:6                      : Ok   gcc (Mageia 5.5.0-1.mga6) 5.5.0 , clang version 3.9.1 (tags/RELEASE_391/final)
manjaro:base                  : Ok   gcc (GCC) 11.1.0 , clang version 13.0.0
opensuse:15.0                 : Ok   gcc (SUSE Linux) 7.4.1 20190905 [gcc-7-branch revision 275407] , clang version 5.0.1 (tags/RELEASE_501/final 312548)
opensuse:15.1                 : Ok   gcc (SUSE Linux) 7.5.0 , clang version 7.0.1 (tags/RELEASE_701/final 349238)
opensuse:15.2                 : Ok   gcc (SUSE Linux) 7.5.0 , clang version 9.0.1
opensuse:15.3                 : Ok   gcc (SUSE Linux) 7.5.0 , clang version 11.0.1
opensuse:15.4                 : Ok   gcc (SUSE Linux) 7.5.0 , clang version 11.0.1
opensuse:tumbleweed           : Ok   gcc (SUSE Linux) 11.2.1 20211124 [revision 7510c23c1ec53aa4a62705f0384079661342ff7b] , clang version 13.0.0
oraclelinux:8                 : Ok   gcc (GCC) 8.5.0 20210514 (Red Hat 8.5.0-4.0.1) , clang version 12.0.1 (Red Hat 12.0.1-4.0.1.module+el8.5.0+20428+2b4ecd47)
rockylinux:8                  : Ok   gcc (GCC) 8.5.0 20210514 (Red Hat 8.5.0-4) , clang version 12.0.1 (Red Hat 12.0.1-4.module+el8.5.0+715+58f51d49)
ubuntu:16.04                  : Ok   gcc (Ubuntu 5.4.0-6ubuntu1~16.04.12) 5.4.0 20160609 , clang version 3.8.0-2ubuntu4 (tags/RELEASE_380/final)
ubuntu:16.04-x-arm            : Ok   arm-linux-gnueabihf-gcc (Ubuntu/Linaro 5.4.0-6ubuntu1~16.04.9) 5.4.0 20160609
ubuntu:16.04-x-arm64          : Ok   aarch64-linux-gnu-gcc (Ubuntu/Linaro 5.4.0-6ubuntu1~16.04.9) 5.4.0 20160609
ubuntu:16.04-x-powerpc        : Ok   powerpc-linux-gnu-gcc (Ubuntu 5.4.0-6ubuntu1~16.04.9) 5.4.0 20160609
ubuntu:16.04-x-powerpc64      : Ok   powerpc64-linux-gnu-gcc (Ubuntu/IBM 5.4.0-6ubuntu1~16.04.9) 5.4.0 20160609
ubuntu:16.04-x-powerpc64el    : Ok   powerpc64le-linux-gnu-gcc (Ubuntu/IBM 5.4.0-6ubuntu1~16.04.9) 5.4.0 20160609
ubuntu:16.04-x-s390           : Ok   s390x-linux-gnu-gcc (Ubuntu 5.4.0-6ubuntu1~16.04.9) 5.4.0 20160609
ubuntu:18.04                  : Ok   gcc (Ubuntu 7.5.0-3ubuntu1~18.04) 7.5.0 , clang version 6.0.0-1ubuntu2 (tags/RELEASE_600/final)
ubuntu:18.04-x-arm            : Ok   arm-linux-gnueabihf-gcc (Ubuntu/Linaro 7.5.0-3ubuntu1~18.04) 7.5.0
ubuntu:18.04-x-arm64          : Ok   aarch64-linux-gnu-gcc (Ubuntu/Linaro 7.5.0-3ubuntu1~18.04) 7.5.0
ubuntu:18.04-x-m68k           : Ok   m68k-linux-gnu-gcc (Ubuntu 7.5.0-3ubuntu1~18.04) 7.5.0
ubuntu:18.04-x-powerpc        : Ok   powerpc-linux-gnu-gcc (Ubuntu 7.5.0-3ubuntu1~18.04) 7.5.0
ubuntu:18.04-x-powerpc64      : Ok   powerpc64-linux-gnu-gcc (Ubuntu 7.5.0-3ubuntu1~18.04) 7.5.0
ubuntu:18.04-x-powerpc64el    : Ok   powerpc64le-linux-gnu-gcc (Ubuntu 7.5.0-3ubuntu1~18.04) 7.5.0
ubuntu:18.04-x-riscv64        : Ok   riscv64-linux-gnu-gcc (Ubuntu 7.5.0-3ubuntu1~18.04) 7.5.0
ubuntu:18.04-x-s390           : Ok   s390x-linux-gnu-gcc (Ubuntu 7.5.0-3ubuntu1~18.04) 7.5.0
ubuntu:18.04-x-sh4            : Ok   sh4-linux-gnu-gcc (Ubuntu 7.5.0-3ubuntu1~18.04) 7.5.0
ubuntu:18.04-x-sparc64        : Ok   sparc64-linux-gnu-gcc (Ubuntu 7.5.0-3ubuntu1~18.04) 7.5.0
ubuntu:20.04-x-powerpc64el    : Ok   powerpc64le-linux-gnu-gcc (Ubuntu 10.3.0-1ubuntu1~20.04) 10.3.0
ubuntu:20.10                  : Ok   gcc (Ubuntu 10.3.0-1ubuntu1~20.10) 10.3.0 , Ubuntu clang version 11.0.0-2
ubuntu:21.04                  : Ok   gcc (Ubuntu 10.3.0-1ubuntu1) 10.3.0 , Ubuntu clang version 12.0.0-3ubuntu1~21.04.2
ubuntu:21.10                  : Ok   gcc (Ubuntu 11.2.0-7ubuntu2) 11.2.0 , Ubuntu clang version 13.0.0-2
ubuntu:22.04                  : Ok   gcc (Ubuntu 11.2.0-13ubuntu1) 11.2.0 , Ubuntu clang version 13.0.0-9

Comment 5 Martin Sebor 2022-01-25 16:57:53 UTC

-O2 -fPIC is needed to reproduce the warnings.  The first one triggers for the free (id_239) call below, with free(_7) being the first free.  Let me see what makes it think the two pointers are related.

<bb 69> [local count: 866963891]:
# _234 = PHI <_150(7), _233(68), _148(9)>
# token_uri_escaped_237 = PHI <_7(7), token_uri_escaped_236(68), _8(9)>
# id_239 = PHI <_7(7), id_238(68), _8(9)>
free (_7);                                      <<< first free
free (id_239);                                  <<< -Wuse-after-free
free (token_uri_escaped_237);
_157 = MEM[(void * *)&token_uri_string];
free (_157);
token_uri_string ={v} {CLOBBER};
updated_token_info ={v} {CLOBBER};
return _234;

Comment 6 Martin Sebor 2022-01-25 20:37:29 UTC

I reduced one instance of the warning to a GCC bug and opened https://gcc.gnu.org/bugzilla/show_bug.cgi?id=104232 for it in GCC Bugzilla.

Comment 7 Frantisek Sumsal 2022-02-07 20:46:03 UTC

Fixed in the latest gcc build in Rawhide.

Note You need to log in before you can comment on or make changes to this bug.