<html>

    <head>

      <base href="https://bugs.llvm.org/">

    </head>

    <body><table border="1" cellspacing="0" cellpadding="8">

        <tr>

          <th>Bug ID</th>

          <td><a class="bz_bug_link 

          bz_status_NEW "

   title="NEW - False positive error in memory sanitizer"

   href="https://bugs.llvm.org/show_bug.cgi?id=39824">39824</a>

          </td>

        </tr>

        <tr>

          <th>Summary</th>

          <td>False positive error in memory sanitizer

          </td>

        </tr>

        <tr>

          <th>Product</th>

          <td>clang

          </td>

        </tr>

        <tr>

          <th>Version</th>

          <td>7.0

          </td>

        </tr>

        <tr>

          <th>Hardware</th>

          <td>PC

          </td>

        </tr>

        <tr>

          <th>OS</th>

          <td>Linux

          </td>

        </tr>

        <tr>

          <th>Status</th>

          <td>NEW

          </td>

        </tr>

        <tr>

          <th>Severity</th>

          <td>normal

          </td>

        </tr>

        <tr>

          <th>Priority</th>

          <td>P

          </td>

        </tr>

        <tr>

          <th>Component</th>

          <td>Tooling

          </td>

        </tr>

        <tr>

          <th>Assignee</th>

          <td>unassignedclangbugs@nondot.org

          </td>

        </tr>

        <tr>

          <th>Reporter</th>

          <td>gael.guennebaud@gmail.com

          </td>

        </tr>

        <tr>

          <th>CC</th>

          <td>llvm-bugs@lists.llvm.org

          </td>

        </tr></table>

      <p>

        <div>

        <pre>The following self-contained example trigger an error with memory sanitizer:

*******************************

#include <iostream>

struct Vec {

  const float* data() const {return 0;}

};

struct myevaluator3 { ~myevaluator3() {} };

struct myevaluator2 : myevaluator3 {

  myevaluator2(const Vec& v) : m(v.data()) {}

  const float * m;

};

struct myevaluator : myevaluator2 {  

  myevaluator(const Vec& m) : myevaluator2(m) {}

};

float foo(const Vec&,int) {

  Vec w;

  myevaluator e(w);

  return 0;

}

int main() {

  Vec v;

  float x = foo(v,0);

  std::cout << x;

}

*******************************

Compiling without any optimization, i.e.,

$ clang++-7  bug.cpp -fsanitize=memory && ./a.out

gives me:

Uninitialized bytes in __interceptor_memcmp at offset 244 inside

[0x7ffeeaa581c0, 256)

==10014==WARNING: MemorySanitizer: use-of-uninitialized-value

    #0 0x7f2b3838ce2b in std::ctype<char>::_M_widen_init() const

(/usr/lib/x86_64-linux-gnu/libstdc++.so.6+0xb8e2b)

    #1 0x7f2b383e8df7 in std::ostream& std::ostream::_M_insert<double>(double)

(/usr/lib/x86_64-linux-gnu/libstdc++.so.6+0x114df7)

    #2 0x49445c in main (a.out+0x49445c)

    #3 0x7f2b37323b96 in __libc_start_main

/build/glibc-OTsEL5/glibc-2.27/csu/../csu/libc-start.c:310

    #4 0x41b4d9 in _start (a.out+0x41b4d9)

This is the most reduced test case I managed to get. For instance any of the

following change will remove the reported error:

- remove the destructor ~myevaluator3() {}

- reduce the hierarchy of myevaluator

- change the prototype of foo to: float foo(const Vec&) or float foo(Vec,int)

- removing std::cout << x;

- ...

The reported error also goes away if compiling with -O1 or higher.

I hope I did not reported a false negative ;)</pre>

        </div>

      </p>

      <hr>

      <span>You are receiving this mail because:</span>

      <ul>

          <li>You are on the CC list for the bug.</li>

      </ul>

    </body>

</html>