https://gcc.gnu.org/bugzilla/show_bug.cgi?id=89869
Bug ID: 89869
Summary: -fsanitize=undefined miscompilation
Product: gcc
Version: 8.3.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: c++
Assignee: unassigned at gcc dot gnu.org
Reporter: joerg.rich...@pdv-fs.de
Target Milestone: ---
cat > t.cc <<EOF
struct Object
{
Object* first_ = 0;
Object* last_ = 0;
Object* next_ = 0;
Object* prev_ = 0;
virtual ~Object() {}
};
void unlinkChild( Object* parent, Object* child )
{
( child->prev_ ? child->prev_->next_ : parent->first_ ) = child->next_;
( child->next_ ? child->next_->prev_ : parent->last_ ) = child->prev_;
}
int main( int argc, char** argv)
{
Object a;
Object b;
unlinkChild( &a, &b );
return 0;
}
EOF
g++ -o t t.cc -Wmaybe-uninitialized -fsanitize=undefined
t
Gives this:
t.cc: In function 'void unlinkChild(Object*, Object*)':
t.cc:13:68: warning: 'child.1' may be used uninitialized in this function
[-Wmaybe-uninitialized]
( child->prev_ ? child->prev_->next_ : parent->first_ ) = child->next_;
~~~~~~~^~~~~
t.cc:14:67: warning: 'child.5' may be used uninitialized in this function
[-Wmaybe-uninitialized]
( child->next_ ? child->next_->prev_ : parent->last_ ) = child->prev_;
~~~~~~~^~~~~
t.cc:13:68: runtime error: member access within address 0x000000400710 which
does not point to an object of type 'Object'
0x000000400710: note: object has invalid vptr
a0 ff ff ff 31 ed 49 89 d1 5e 48 89 e2 48 83 e4 f0 50 54 49 c7 c0 70 15 40
00 48 c7 c1 80 15 40
^~~~~~~~~~~~~~~~~~~~~~~
invalid vptr
t.cc:14:67: runtime error: member access within address 0x7fff38bf5fa0 which
does not point to an object of type 'Object'
0x7fff38bf5fa0: note: object has invalid vptr
00 00 00 00 01 00 00 00 00 00 00 00 89 63 bf 38 ff 7f 00 00 00 00 00 00 00
00 00 00 8b 63 bf 38
^~~~~~~~~~~~~~~~~~~~~~~
invalid vptr
There is no compiler warning or runtime error without -fsanitize=undefined.
This was reduced from a much larger testcase where a pointer value was set to
zero by the -fsanitize=undefined code leading to wrong results.
