Bug 88177 - Clang detects undefined behavior in shared_ptr_base.h
Summary: Clang detects undefined behavior in shared_ptr_base.h
Status: RESOLVED DUPLICATE of bug 85930
Alias: None
Product: gcc
Classification: Unclassified
Component: libstdc++ (show other bugs)
Version: 8.2.0
: P3 normal
Target Milestone: ---
Assignee: Not yet assigned to anyone
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2018-11-24 00:24 UTC by semi1
Modified: 2018-11-24 00:34 UTC (History)
0 users

See Also:
Host:
Target:
Build:
Known to work:
Known to fail:
Last reconfirmed:

Attachments
main.ii (86.14 KB, text/plain)
2018-11-24 00:24 UTC, semi1 		Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description semi1 2018-11-24 00:24:28 UTC 
Created attachment 45078 [details]
main.ii

The clang undefined behavior finds an reference binding to address with insufficient space in shared_ptr_base.h

gcc -v:
Using built-in specs.
COLLECT_GCC=gcc
COLLECT_LTO_WRAPPER=/usr/lib/gcc/x86_64-linux-gnu/8/lto-wrapper
OFFLOAD_TARGET_NAMES=nvptx-none
OFFLOAD_TARGET_DEFAULT=1
Target: x86_64-linux-gnu
Configured with: ../src/configure -v --with-pkgversion='Ubuntu 8.2.0-7ubuntu1' --with-bugurl=file:///usr/share/doc/gcc-8/README.Bugs --enable-languages=c,ada,c++,go,brig,d,fortran,objc,obj-c++ --prefix=/usr --with-gcc-major-version-only --program-suffix=-8 --program-prefix=x86_64-linux-gnu- --enable-shared --enable-linker-build-id --libexecdir=/usr/lib --without-included-gettext --enable-threads=posix --libdir=/usr/lib --enable-nls --with-sysroot=/ --enable-clocale=gnu --enable-libstdcxx-debug --enable-libstdcxx-time=yes --with-default-libstdcxx-abi=new --enable-gnu-unique-object --disable-vtable-verify --enable-libmpx --enable-plugin --enable-default-pie --with-system-zlib --with-target-system-zlib --enable-objc-gc=auto --enable-multiarch --disable-werror --with-arch-32=i686 --with-abi=m64 --with-multilib-list=m32,m64,mx32 --enable-multilib --with-tune=generic --enable-offload-targets=nvptx-none --without-cuda-driver --enable-checking=release --build=x86_64-linux-gnu --host=x86_64-linux-gnu --target=x86_64-linux-gnu
Thread model: posix
gcc version 8.2.0 (Ubuntu 8.2.0-7ubuntu1) 

clang++-7 -v:
clang version 7.0.0-3 (tags/RELEASE_700/final)
Target: x86_64-pc-linux-gnu
Thread model: posix
InstalledDir: /usr/bin
Found candidate GCC installation: /usr/bin/../lib/gcc/i686-linux-gnu/8
Found candidate GCC installation: /usr/bin/../lib/gcc/x86_64-linux-gnu/7
Found candidate GCC installation: /usr/bin/../lib/gcc/x86_64-linux-gnu/7.3.0
Found candidate GCC installation: /usr/bin/../lib/gcc/x86_64-linux-gnu/8
Found candidate GCC installation: /usr/lib/gcc/i686-linux-gnu/8
Found candidate GCC installation: /usr/lib/gcc/x86_64-linux-gnu/7
Found candidate GCC installation: /usr/lib/gcc/x86_64-linux-gnu/7.3.0
Found candidate GCC installation: /usr/lib/gcc/x86_64-linux-gnu/8
Selected GCC installation: /usr/bin/../lib/gcc/x86_64-linux-gnu/8
Candidate multilib: .;@m64
Selected multilib: .;@m64

Program which cause the error:
main.cpp:
#include <memory>
int main()
{
    auto sp = std::make_shared<int>(12);
}

Command line to compile:
clang++-7 -std=c++11 -Og -g -fsanitize=undefined -fno-omit-frame-pointer -fno-rtti main.cpp

Error: 

UBSAN_OPTIONS=print_stacktrace=1 ./a.out 
/usr/bin/../lib/gcc/x86_64-linux-gnu/8/../../../../include/c++/8/bits/shared_ptr_base.h:514:14: runtime error: reference binding to address 0x000000434e38 with insufficient space for an object of type 'const std::type_info'
0x000000434e38: note: pointer points here
 00 00 00 00  00 46 4f 69 52 69 45 00  f8 ec 43 00 00 00 00 00  39 4e 43 00 00 00 00 00  01 1b 03 3b
              ^ 
    #0 0x429c8a in std::_Sp_make_shared_tag::_S_ti() /usr/bin/../lib/gcc/x86_64-linux-gnu/8/../../../../include/c++/8/bits/shared_ptr_base.h:514:7
    #1 0x4299e3 in std::__shared_ptr<int, (__gnu_cxx::_Lock_policy)2>::__shared_ptr<std::allocator<int>, int>(std::_Sp_make_shared_tag, std::allocator<int> const&, int&&) /usr/bin/../lib/gcc/x86_64-linux-gnu/8/../../../../include/c++/8/bits/shared_ptr_base.h:1329:43
    #2 0x429822 in std::shared_ptr<int> std::allocate_shared<int, std::allocator<int>, int>(std::allocator<int> const&, int&&) /usr/bin/../lib/gcc/x86_64-linux-gnu/8/../../../../include/c++/8/bits/shared_ptr.h:706:14
    #3 0x429665 in std::shared_ptr<int> std::make_shared<int, int>(int&&) /usr/bin/../lib/gcc/x86_64-linux-gnu/8/../../../../include/c++/8/bits/shared_ptr.h:722:14
    #4 0x429557 in main /home/jr/src/main.cpp:9:15
    #5 0x7f89422fa09a in __libc_start_main /build/glibc-B9XfQf/glibc-2.28/csu/../csu/libc-start.c:308:16
    #6 0x4033c9 in _start (/home/jr/src/a.out+0x4033c9)



Notes:
The error occures only when rtti is disabled. The gcc undefined behavior sanitizer does not detect anything
Comment 1 Jonathan Wakely 2018-11-24 00:34:08 UTC 
See Bug 85930 comment 6.

*** This bug has been marked as a duplicate of bug 87520 ***
Comment 2 Jonathan Wakely 2018-11-24 00:34:41 UTC 
Oops I marked it as a dup of the wrong bug number.

*** This bug has been marked as a duplicate of bug 85930 ***