This is the mail archive of the
gcc-bugs@gcc.gnu.org
mailing list for the GCC project.
[Bug sanitizer/70147] testcase from hana testsuite gets miscompiled with -fsanitize=undefined
- From: "jakub at gcc dot gnu.org" <gcc-bugzilla at gcc dot gnu dot org>
- To: gcc-bugs at gcc dot gnu dot org
- Date: Fri, 11 Mar 2016 18:04:35 +0000
- Subject: [Bug sanitizer/70147] testcase from hana testsuite gets miscompiled with -fsanitize=undefined
- Auto-submitted: auto-generated
- References: <bug-70147-4 at http dot gcc dot gnu dot org/bugzilla/>
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=70147
Jakub Jelinek <jakub at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |jason at gcc dot gnu.org
--- Comment #4 from Jakub Jelinek <jakub at gcc dot gnu.org> ---
Indeed, in std::basic_istream::basic_istream
MEM[(struct &)this] = {CLOBBER};
this->_vptr.basic_istream = 0B;
D.162921 = this->_vptr.basic_istream;
D.162922 = D.162921 + 18446744073709551592;
D.162923 = MEM[(long int *)D.162922];
D.162924 = (sizetype) D.162923;
D.162925 = this + D.162924;
D.162925->D.41813._vptr.ios_base = 0B;
looks wrong, because it dereferences NULL - 24.
If I look what the actual normal initialization does later on:
D.162930 = *__vtt_parm;
this->_vptr.basic_istream = D.162930;
D.162921 = this->_vptr.basic_istream;
D.162922 = D.162921 + 18446744073709551592;
D.162923 = MEM[(long int *)D.162922];
D.162924 = (sizetype) D.162923;
D.162925 = this + D.162924;
D.162931 = MEM[(const void * *)__vtt_parm + 8B];
D.162925->D.41813._vptr.ios_base = D.162931;
then we probably need to pretend that we've stored *__vtt_parm into
this->_vptr.basic_istream (e.g. replace that read with *__vtt_parm).
Now to figure out what is __vtt_parm...