http://llvm.org/bugs/show_bug.cgi?id=17605
Bug ID: 17605
Summary: clang 3.4 UBSan falsely reports "member access with
insufficient space" (screwed up 'this' null check in
variadic function?)
Product: new-bugs
Version: unspecified
Hardware: PC
OS: Linux
Status: NEW
Severity: normal
Priority: P
Component: new bugs
Assignee: [email protected]
Reporter: [email protected]
CC: [email protected]
Classification: Unclassified
Ubuntu Clang version 3.4-1~exp1 (trunk) (based on LLVM 3.4), x86-64
1. Compile https://gist.github.com/ridiculousfish/7017899 like so:
clang++ -O1 -fsanitize=undefined test.cpp
2. Run it
Result: you get a bogus 'member access insufficient space' runtime error.
This does NOT occur at -O0 but DOES occur at -O1 through -O3, and -Os. The bug
is also somewhat fragile: changes to the objects like removing fields prevents
it from reproducing.
When the bug reproduces, the assembly for the 'this' pointer check is as
follows:
setne %al
testb $7, %bl
sete %r15b
andb %al, %r15b
je .LBB1_3
When the bug does not reproduce, the `setne` insn is preceded by a null
comparison like `testq %r10, %r10`. When it does reproduce, the comparison is
omitted, as illustrated above. So the setne just picks up whatever is in ZF,
which happens to be 1 by virtue of a prior comparison. Thus it thinks that
'this' is 0.
--
You are receiving this mail because:
You are on the CC list for the bug.
_______________________________________________
LLVMbugs mailing list
[email protected]
http://lists.cs.uiuc.edu/mailman/listinfo/llvmbugs
