[Bug sanitizer/87095] New: UndefinedBehaviorSanitizer vptr false positive with virtual inheritance only with -fno-sanitize-recover

vakevk at gmail dot com gcc-bugzilla@gcc.gnu.org
Fri Aug 24 17:31:00 GMT 2018 

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87095

            Bug ID: 87095
           Summary: UndefinedBehaviorSanitizer vptr false positive with
                    virtual inheritance only with -fno-sanitize-recover
           Product: gcc
           Version: 8.2.0
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: sanitizer
          Assignee: unassigned at gcc dot gnu.org
          Reporter: vakevk at gmail dot com
                CC: dodji at gcc dot gnu.org, dvyukov at gcc dot gnu.org,
                    jakub at gcc dot gnu.org, kcc at gcc dot gnu.org, marxin at gcc dot gnu.org
  Target Milestone: ---

Created attachment 44591
  --> https://gcc.gnu.org/bugzilla/attachment.cgi?id=44591&action=edit
main.cpp

Program does not run successfully when compiled with:
g++ -fsanitize=vptr -fno-sanitize-recover=vptr main.cpp

main.cpp:9:8: runtime error: member call on address 0x7ffd7987dc20 which does
not point to an object of type 'A'
0x7ffd7987dc20: note: object has invalid vptr
 c1 55 00 00  00 00 00 00 00 00 00 00  00 b0 34 7e ca 6d 56 eb  20 dd 87 79 fd
7f 00 00  00 00 00 00
               ^~~~~~~~~~~~~~~~~~~~~~~
                             invalid vptr



Program runs successfully if -fno-sanitize-recover=vptr is not specified or
when compiled with clang++ (6.0.1-5) with the original options.

Even without knowing whether the error message is correct, there is bug here
because the message should be shown consistently regardless of the recovery
option.

g++ -v

Using built-in specs.
COLLECT_GCC=g++
COLLECT_LTO_WRAPPER=/usr/lib/gcc/x86_64-pc-linux-gnu/8.2.0/lto-wrapper
Target: x86_64-pc-linux-gnu
Configured with: /build/gcc/src/gcc/configure --prefix=/usr --libdir=/usr/lib
--libexecdir=/usr/lib --mandir=/usr/share/man --infodir=/usr/share/info
--with-bugurl=https://bugs.archlinux.org/
--enable-languages=c,c++,ada,fortran,go,lto,objc,obj-c++ --enable-shared
--enable-threads=posix --enable-libmpx --with-system-zlib --with-isl
--enable-__cxa_atexit --disable-libunwind-exceptions --enable-clocale=gnu
--disable-libstdcxx-pch --disable-libssp --enable-gnu-unique-object
--enable-linker-build-id --enable-lto --enable-plugin
--enable-install-libiberty --with-linker-hash-style=gnu
--enable-gnu-indirect-function --enable-multilib --disable-werror
--enable-checking=release --enable-default-pie --enable-default-ssp
--enable-cet=auto
Thread model: posix
gcc version 8.2.0 (GCC)

More information about the Gcc-bugs mailing list