[Bug sanitizer/120471] New: -fsanitize=undefined causes read of uninitialized variable when accessing element in an array at -O0 level

[xiaohuba2021 at 163 dot com via Gcc-bugs]

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=120471

            Bug ID: 120471
           Summary: -fsanitize=undefined causes read of uninitialized
                    variable when accessing element in an array at -O0
                    level
           Product: gcc
           Version: 15.1.0
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: sanitizer
          Assignee: unassigned at gcc dot gnu.org
          Reporter: xiaohuba2021 at 163 dot com
                CC: dodji at gcc dot gnu.org, dvyukov at gcc dot gnu.org,
                    jakub at gcc dot gnu.org, kcc at gcc dot gnu.org
  Target Milestone: ---

The following code:

```
volatile int b[1], ib[1];
void build(int ll) {
  volatile int c = 21;
  volatile int v = (ll % 2 ? b : ib)[c % 3];
  if (v != 0)
    __builtin_abort();
  return;
}

int main() {
  build(1), build(2);
  return 0;
}
```

will produce the following warning during runtime:

```
/app/example.cpp:5:43: runtime error: index 1 out of bounds for type 'int [1]'
/app/example.cpp:5:43: runtime error: load of address 0x00000040413c with
insufficient space for an object of type 'volatile int'
0x00000040413c: note: pointer points here
  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  00
00 00 00 00 00 00 00
              ^ 
```

Note that it also got a strange warning during compiling:

```
<source>: In function 'void build(int)':
<source>:5:40: warning: 'c.3' may be used uninitialized [-Wmaybe-uninitialized]
    5 |   volatile int v = (ll % 2 ? b : ib)[c % 3];
      |                                      ~~^~~
<source>:5:38: note: 'c.3' was declared here
    5 |   volatile int v = (ll % 2 ? b : ib)[c % 3];
      |                                      ^
```

Compiled with `-O0 -fsanitize=undefined -Wall`.

-O1 hides it, but the warning still presents.

g++ -v:

```
x86-64 gcc 15.1 - cached (9476B) ~400 lines filtered

Using built-in specs.
COLLECT_GCC=/opt/compiler-explorer/gcc-15.1.0/bin/g++
Target: x86_64-linux-gnu
Configured with: ../gcc-15.1.0/configure
--prefix=/opt/compiler-explorer/gcc-build/staging
--enable-libstdcxx-backtrace=yes --build=x86_64-linux-gnu
--host=x86_64-linux-gnu --target=x86_64-linux-gnu --disable-bootstrap
--enable-multiarch --with-abi=m64 --with-multilib-list=m32,m64,mx32
--enable-multilib --enable-clocale=gnu
--enable-languages=c,c++,fortran,ada,objc,obj-c++,go,d,m2,rust,cobol
--enable-ld=yes --enable-gold=yes --enable-libstdcxx-debug
--enable-libstdcxx-time=yes --enable-linker-build-id --enable-lto
--enable-plugins --enable-threads=posix
--with-pkgversion=Compiler-Explorer-Build-gcc--binutils-2.42
Thread model: posix
Supported LTO compression algorithms: zlib
gcc version 15.1.0 (Compiler-Explorer-Build-gcc--binutils-2.42) 
COLLECT_GCC_OPTIONS='-fdiagnostics-color=always' '-g' '-o' '/app/output.s'
'-masm=intel' '-fno-verbose-asm' '-S' '-O0' '-fsanitize=undefined' '-Wall' '-v'
'-shared-libgcc' '-mtune=generic' '-march=x86-64' '-dumpdir' '/app/'

/opt/compiler-explorer/gcc-15.1.0/bin/../libexec/gcc/x86_64-linux-gnu/15.1.0/cc1plus
-quiet -v -imultiarch x86_64-linux-gnu -iprefix
/opt/compiler-explorer/gcc-15.1.0/bin/../lib/gcc/x86_64-linux-gnu/15.1.0/
-D_GNU_SOURCE <source> -quiet -dumpdir /app/ -dumpbase output.cpp -dumpbase-ext
.cpp -masm=intel -mtune=generic -march=x86-64 -g -O0 -Wall -version
-fdiagnostics-color=always -fno-verbose-asm -fsanitize=undefined -o
/app/output.s
GNU C++17 (Compiler-Explorer-Build-gcc--binutils-2.42) version 15.1.0
(x86_64-linux-gnu)
        compiled by GNU C version 11.4.0, GMP version 6.2.1, MPFR version
4.1.0, MPC version 1.2.1, isl version isl-0.24-GMP
```