[llvm-bugs] [Bug 51120] New: [optimizer + ubsan] constructor call on address with insufficient space for an object of type

via llvm-bugs llvm-bugs at lists.llvm.org
Fri Jul 16 14:28:07 PDT 2021 

https://bugs.llvm.org/show_bug.cgi?id=51120

            Bug ID: 51120
           Summary: [optimizer + ubsan] constructor call on address with
                    insufficient space for an object of type
           Product: clang
           Version: trunk
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: enhancement
          Priority: P
         Component: C++
          Assignee: unassignedclangbugs at nondot.org
          Reporter: matthewjbarichello at gmail.com
                CC: blitzrakete at gmail.com, dgregor at apple.com,
                    erik.pilkington at gmail.com, llvm-bugs at lists.llvm.org,
                    richard-llvm at metafoo.co.uk

Affected versions:
Note: The regression seems to have been introduced in 11.0.0 as versions <=
10.0.1 do not exhibit this issue.
 - trunk
 - 12.0.1
 - 12.0.0
 - 11.1.0
 - 11.0.0

Driver cmdline:
Note: This bug occurs with all optimizer levels > 0
 clang++ -std=c++20 -O1 -fsanitize=undefined

Code:
Note: Code was reduced from the initial ~20k line sample
 struct A {
  struct B {
   char _[0];
  } b;

  A(B b) : b{b} {}
 };

 int main() {
  A{{}};
 }

UBSAN trace:
 example-reduced.cpp:10:2: runtime error: constructor call on address
0x7fffcaf56e90 with insufficient space for an object of type 'A'
 0x7fffcaf56e90: note: pointer points here
  18 56 00 00  90 6f f5 ca ff 7f 00 00  00 42 f4 a4 41 d6 f1 ba  00 00 00 00 00
00 00 00  25 9b cf be
               ^ 
     #0 0x56188f444f5c in main example-reduced.cpp:10:2
     #1 0x7fcbbecf9b24 in __libc_start_main (/usr/lib/libc.so.6+0x27b24)
     #2 0x56188f36619d in _start (a.out+0x2019d)

 SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior
example-reduced.cpp:10:2 in 

Notes:
 - This error does not occur when compiling with `-O0` which leads me to
believe that this is an optimizer regression
 - GCC does not seem to exhibit the issue at any optimization level

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20210716/96df5682/attachment-0001.html>

More information about the llvm-bugs mailing list