[llvm-bugs] [Bug 33372] New: memcmp of 16 bytes is created for a 12-byte struct causing ASAN false positive
via llvm-bugs
llvm-bugs at lists.llvm.org
Thu Jun 8 18:06:12 PDT 2017
https://bugs.llvm.org/show_bug.cgi?id=33372
Bug ID: 33372
Summary: memcmp of 16 bytes is created for a 12-byte struct
causing ASAN false positive
Product: new-bugs
Version: unspecified
Hardware: PC
OS: Linux
Status: NEW
Severity: enhancement
Priority: P
Component: new bugs
Assignee: unassignedbugs at nondot.org
Reporter: kcc at google.com
CC: llvm-bugs at lists.llvm.org
trunk 305024, x86_64 linux
LLVM generates an out-of-bound read that is not present in the input code.
struct A { int x, y, z; };
struct B { A a; /*gap*/ long b; };
B *bb;
int main() {
A a1 = {1, 1, 2};
B b1{a1, 6};
bb = new B(b1);
}
% clang++ -O1 z.cc -std=c++11 -S -o - -emit-llvm
...
%struct.A = type { i32, i32, i32 }
...
@_ZZ4mainE2a1 = private unnamed_addr constant %struct.A { i32 1, i32 1, i32 2
}, align 8
tail call void @llvm.memcpy.p0i8.p0i8.i64(i8* nonnull %call, i8* bitcast
(%struct.A* @_ZZ4mainE2a1 to i8*), i64 16, i32 8, i1 false)
(with -O0, a regular 12-byte memcpy is emitted)
This causes an ASAN false positive:
% clang++ -g -O1 -fsanitize=address z.cc -std=c++11 && ./a.out
==9157==ERROR: AddressSanitizer: global-buffer-overflow on address
0x0000004fb54c at pc 0x0000004a35b4 bp 0x7ffcac467ef0 sp 0x7ffcac4676a0
READ of size 16 at 0x0000004fb54c thread T0
#0 0x4a35b3 in __asan_memcpy
#1 0x4e5b1f in main z.cc:7:12
--
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20170609/016d8fa7/attachment.html>
More information about the llvm-bugs
mailing list