<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
</head>
<body>
<p>Hello everyone,</p>
<p>The code example below triggers an undefined behavior sanitizer
warning when compiled with -O1 and higher:</p>
<p><tt> 1 struct Aux {</tt><tt><br>
</tt><tt> 2 virtual ~Aux() = default;</tt><tt><br>
</tt><tt> 3 int i = 0;</tt><tt><br>
</tt><tt> 4 };</tt><tt><br>
</tt><tt> 5</tt><tt><br>
</tt><tt> 6 struct Base {</tt><tt><br>
</tt><tt> 7 virtual ~Base() = default;</tt><tt><br>
</tt><tt> 8 };</tt><tt><br>
</tt><tt> 9</tt><tt><br>
</tt><tt> 10 struct A : public virtual Base, public Aux {};</tt><tt><br>
</tt><tt> 11</tt><tt><br>
</tt><tt> 12 struct B final : public virtual A {};</tt><tt><br>
</tt><tt> 13</tt><tt><br>
</tt><tt> 14 void check(const A &a) {}</tt><tt><br>
</tt><tt> 15</tt><tt><br>
</tt><tt> 16 int main() {</tt><tt><br>
</tt><tt> 17 B b;</tt><tt><br>
</tt><tt> 18 check(b);</tt><tt> // UBSan warns here<br>
</tt><tt> 19 return 0;</tt><tt><br>
</tt><tt> 20 }</tt><br>
</p>
<p>When compiled with -fsanitize=undefined:</p>
<p><tt>example.cpp:18:9: runtime error: reference binding to address
0x7ffe652149c8 with insufficient space for an object of type
'const A'</tt></p>
<p>When compiled with -fsanitize=object-size:</p>
<tt>example.cpp:12:8: runtime error: constructor call on address
0x7ffc7988a2e0 with insufficient space for an object of type 'A'</tt><tt><br>
</tt>
<p><tt>example.cpp:18:9: runtime error: reference binding to address
0x7ffc7988a2e0 with insufficient space for an object of type
'const A'</tt></p>
<p>Could someone tell if it is a sanitizer false positive or does
this case actually contains a kind of UB? GCC doesn't give any
warning for this code.<br>
</p>
<p class="program-exec-output"><br>
</p>
</body>
</html>