[Bug sanitizer/96885] New: "member call on misaligned address" when calling a second base member through a pointer to member of derived class

andrey.vihrov at gmail dot com gcc-bugzilla@gcc.gnu.org
Tue Sep 1 16:53:35 GMT 2020 

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=96885

            Bug ID: 96885
           Summary: "member call on misaligned address" when calling a
                    second base member through a pointer to member of
                    derived class
           Product: gcc
           Version: 10.2.0
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: sanitizer
          Assignee: unassigned at gcc dot gnu.org
          Reporter: andrey.vihrov at gmail dot com
                CC: dodji at gcc dot gnu.org, dvyukov at gcc dot gnu.org,
                    jakub at gcc dot gnu.org, kcc at gcc dot gnu.org, marxin at gcc dot gnu.org
  Target Milestone: ---

Consider

    struct Base
    {
        int x;
    };

    struct OtherBase
    {
        char c;

        void foo() { }
    };

    struct Derived : Base, OtherBase
    {
        void *p;
    };

    int main()
    {
        Derived d;

        void (Derived::*ptr)() = &Derived::foo;

        (d.*ptr)();
    }

Compiling and running this with "gcc -fsanitize=undefined", the output is

    x.cpp:24:13: runtime error: member call on misaligned address
0x7ffd9e0d5b14 for type 'struct Derived', which requires 8 byte alignment
    0x7ffd9e0d5b14: note: pointer points here
      79 00 00 00 c8 7f 00 00  6d 72 08 9f 2c 56 00 00  14 72 08 9f 2c 56 00 00
 04 00 00 00 00 00 00 00
              ^ 

AFAICS, since foo() is a member of Derived through OtherBase, a member call
through void (Derived::*)() should be allowed.

gcc -v:
Using built-in specs.
COLLECT_GCC=gcc
COLLECT_LTO_WRAPPER=/usr/lib/gcc/x86_64-pc-linux-gnu/10.2.0/lto-wrapper
Target: x86_64-pc-linux-gnu
Configured with: /build/gcc/src/gcc/configure --prefix=/usr --libdir=/usr/lib
--libexecdir=/usr/lib --mandir=/usr/share/man --infodir=/usr/share/info
--with-bugurl=https://bugs.archlinux.org/
--enable-languages=c,c++,ada,fortran,go,lto,objc,obj-c++,d --with-isl
--with-linker-hash-style=gnu --with-system-zlib --enable-__cxa_atexit
--enable-cet=auto --enable-checking=release --enable-clocale=gnu
--enable-default-pie --enable-default-ssp --enable-gnu-indirect-function
--enable-gnu-unique-object --enable-install-libiberty --enable-linker-build-id
--enable-lto --enable-multilib --enable-plugin --enable-shared
--enable-threads=posix --disable-libssp --disable-libstdcxx-pch
--disable-libunwind-exceptions --disable-werror
gdc_include_dir=/usr/include/dlang/gdc
Thread model: posix
Supported LTO compression algorithms: zlib zstd
gcc version 10.2.0 (GCC)

More information about the Gcc-bugs mailing list