https://gcc.gnu.org/bugzilla/show_bug.cgi?id=92678
Jakub Jelinek <jakub at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |mpolacek at gcc dot gnu.org
--- Comment #1 from Jakub Jelinek <jakub at gcc dot gnu.org> ---
The problem is that the PMF call is maybe instrumented too late, during
genericization the first argument is (struct C *) obj + (sizetype) pmf.__delta
and so -fsanitize=vptr decides that it should check whether *((struct C *) obj
+ (sizetype) pmf.__delta) has dynamic type C, but it should really check that
*obj has dynamic type C, or perhaps that *((struct C *) obj + (sizetype)
pmf.__delta) has dynamic type B2. clang++ seems to check the former.
The question is if it is possible to figure this out from the lowered code that
has been through cp_fold already and the pmf could be all kinds of weird
expressions, or if we need to move the instrumentation earlier.
