[Bug libstdc++/97415] New: Invalid pointer comparison in stringbuf::str() (reported by pointer-compare AddressSanitizer)
chfast at gmail dot com
gcc-bugzilla@gcc.gnu.org
Wed Oct 14 10:08:35 GMT 2020
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=97415
Bug ID: 97415
Summary: Invalid pointer comparison in stringbuf::str()
(reported by pointer-compare AddressSanitizer)
Product: gcc
Version: 10.2.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: libstdc++
Assignee: unassigned at gcc dot gnu.org
Reporter: chfast at gmail dot com
Target Milestone: ---
When my application is instrumented with -fsanitize=address,pointer-compare
and running under ASAN_OPTIONS=detect_invalid_pointer_pairs=2,
I get for following failure in basic_stringbuf::str()
==3879==ERROR: AddressSanitizer: invalid-pointer-pair: 0x7ffcdf273b66
0x000000000000
#0 0x5597a6c6d786 in std::__cxx11::basic_stringbuf<char,
std::char_traits<char>, std::allocator<char> >::str() const
/usr/include/c++/10/sstream:184
#1 0x5597a6c6d786 in std::__cxx11::basic_ostringstream<char,
std::char_traits<char>, std::allocator<char> >::str() const
/usr/include/c++/10/sstream:678
#2 0x5597a6c6d786 in std::basic_ostream<char, std::char_traits<char> >&
std::__detail::operator<< <char, std::char_traits<char>,
std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >
const&>(std::basic_ostream<char, std::char_traits<char> >&,
std::__detail::_Quoted_string<std::__cxx11::basic_string<char,
std::char_traits<char>, std::allocator<char> > const&, char> const&)
/usr/include/c++/10/bits/quoted_string.h:130
#3 0x5597a6c6d786 in std::basic_ostream<char, std::char_traits<char> >&
std::filesystem::__cxx11::operator<< <char, std::char_traits<char>
>(std::basic_ostream<char, std::char_traits<char> >&,
std::filesystem::__cxx11::path const&) /usr/include/c++/10/bits/fs_path.h:441
#4 0x5597a6c6d786 in log_total
/home/builder/project/test/spectests/spectests.cpp:675
#5 0x5597a6c48939 in run_tests_from_dir
/home/builder/project/test/spectests/spectests.cpp:708
#6 0x5597a6c48939 in main
/home/builder/project/test/spectests/spectests.cpp:750
Here is the implementation of basic_stringbuf::str() used for compilation:
__string_type
str() const
{
__string_type __ret(_M_string.get_allocator());
if (this->pptr())
{
// The current egptr() may not be the actual string end.
if (this->pptr() > this->egptr())
__ret.assign(this->pbase(), this->pptr());
else
__ret.assign(this->pbase(), this->egptr());
}
else
__ret = _M_string;
return __ret;
}
In the line `if (this->pptr() > this->egptr())`,
the `this->egptr()` may be nullptr and therefore AddressSanitizer complains
about this comparison.
I don't have handy repro code for the issue, but I can try to build one if
desired.
GCC version: cpp (Debian 10.2.0-15) 10.2.0
More information about the Gcc-bugs
mailing list