Bug 2047316 - Unexpected [-Werror=use-after-free] warning only on arm7hl build of code
Summary: Unexpected [-Werror=use-after-free] warning only on arm7hl build of code
Alias: None
Product: Fedora
Classification: Fedora
Component: gcc
Version: rawhide
Hardware: armv7hl
OS: Linux
Target Milestone: ---
Assignee: Jakub Jelinek
QA Contact: Fedora Extras Quality Assurance
: 2046967 (view as bug list)
Depends On:
Blocks: F37FTBFS F36FTBFS 2046015
TreeView+ depends on / blocked
Reported: 2022-01-27 15:27 UTC by William Cohen
Modified: 2022-02-11 21:29 UTC (History)
13 users (show)

Fixed In Version: gcc-12.0.1-0.4.fc36
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Last Closed: 2022-02-01 18:30:00 UTC
Type: Bug

Attachments (Terms of Use)
A reproducer generated from stap-session.ii using creduce. (72 bytes, text/x-modelica)
2022-01-27 15:27 UTC, William Cohen
no flags Details

System ID Private Priority Status Summary Last Updated
GNU Compiler Collection 104213 0 P1 RESOLVED [12 Regression] bogus use-after-free in virtual dtor with -ffat-lto-objects on ARM 2022-01-27 15:31:52 UTC

Description William Cohen 2022-01-27 15:27:13 UTC
Created attachment 1857122 [details]
A reproducer generated from stap-session.ii using creduce.

Description of problem:

When attempted to address the FTBFS issue of systemtap (rhbz2046015) a newer version of systemtap with the expected fix was was put into the koji build system.  All the architecture except armv7hl successfully built (https://koji.fedoraproject.org/koji/taskinfo?taskID=81941041).  The armv7hl builds failed with a number of errors similar to the following:

In file included from staptree.cxx:10:
staptree.h: In member function 'next_statement::~next_statement()':
staptree.h:841:8: error: pointer used after 'operator delete(void*, unsigned int)' [-Werror=use-after-free]
  841 | struct next_statement: public statement
      |        ^~~~~~~~~~~~~~
staptree.h:841:8: note: call to 'operator delete(void*, unsigned int)' here
staptree.h: In member function 'continue_statement::~continue_statement()':
staptree.h:834:8: error: pointer used after 'operator delete(void*, unsigned int)' [-Werror=use-after-free]
  834 | struct continue_statement: public statement
      |        ^~~~~~~~~~~~~~~~~~

Florian Weimer suggested it might be a similar issue to https://gcc.gnu.org/bugzilla/show_bug.cgi?id=104232

Applied creduce to that the original 2.8MB stap-session.ii file to create a much smaller stap-session.ii file that shows the issue.  The simplified example fails on armv7hl rahide but compiles fine on rawhide x86_64.

Version-Release number of selected component (if applicable):


How reproducible:

Every time

Steps to Reproduce:
1. copy the stap-session.ii file attached to this bug
2. g++   -Wall -Werror  -O2  -c -o stap-session.o stap-session.ii 

Actual results:

$ g++   -Wall -Werror  -O2  -c -o stap-session.o stap-session.ii 
stap-session.ii: In destructor ‘virtual b::~b()’:
stap-session.ii:5:8: error: pointer used after ‘void operator delete(void*, unsigned int)’ [-Werror=use-after-free]
    5 | struct b : a {};
      |        ^
stap-session.ii:5:8: note: call to ‘void operator delete(void*, unsigned int)’ here
cc1plus: all warnings being treated as errors

Expected results:

No error compiling, the same as running on rawhide x86_64.
Additional info:

Comment 1 Marek Polacek 2022-01-27 15:31:52 UTC
Already fixed on trunk.

Comment 2 Jakub Jelinek 2022-01-27 15:40:49 UTC
My plan is to start another gcc build later friday evening or saturday, so it will finish (hopefully) during the weekend and be in rawhide on Monday.

Comment 3 Jakub Jelinek 2022-02-01 18:30:00 UTC
This ought to be fixed in gcc-12.0.1-0.4.fc36.

Comment 4 David Muse 2022-02-11 21:29:06 UTC
*** Bug 2046967 has been marked as a duplicate of this bug. ***

Note You need to log in before you can comment on or make changes to this bug.