[Bug sanitizer/81068] Sanitizer memory leak in codecvt_utf8
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=81068 --- Comment #7 from Piotr Stachura --- Jonathan, you are right. In sample code, end of string should be input_data[8]. With this correction I have this same behavior on both systems that I use (correct compilation and execution without sanitizer and memory leak when sanitizer is enabled). For clarification about Ubuntu system. When code is compiled with input end at input_data[8] then output string is following: 0x22 0x44 0x80 0x156 0x34b When compiled with input_data[7] last character is not present in output string (as expected, since not full UTF-8 character is in input). This same can be archived when compiled with end at input_data[6] at all systems. Memory leak is also shown when compiled with clang (4.0) with sanitizers.
[Bug sanitizer/81068] Sanitizer memory leak in codecvt_utf8
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=81068 --- Comment #2 from Piotr Stachura --- I have to check it deeper. I have 2 systems - one gentoo and one Ubuntu. On Ubuntu, code is correct (as I posted in bug report). When I compile this same code on gentoo (gcc-5.4.0 and gcc-7.2.0) I have this same results as you "terminate called after throwing an instance of 'std::range_error'". Maybe a locale settings are making a difference... LANG=pl_PL.utf8 vs LANG=pl_PL.UTF-8 On ubuntu: valgrind ./1 ==2581== Memcheck, a memory error detector ==2581== Copyright (C) 2002-2015, and GNU GPL'd, by Julian Seward et al. ==2581== Using Valgrind-3.12.0.SVN and LibVEX; rerun with -h for copyright info ==2581== Command: ./1 ==2581== ==2581== ==2581== HEAP SUMMARY: ==2581== in use at exit: 0 bytes in 0 blocks ==2581== total heap usage: 3 allocs, 3 frees, 72,794 bytes allocated ==2581== ==2581== All heap blocks were freed -- no leaks are possible ==2581== ==2581== For counts of detected and suppressed errors, rerun with: -v ==2581== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 0 from 0) gcc -v Using built-in specs. COLLECT_GCC=gcc COLLECT_LTO_WRAPPER=/usr/lib/gcc/x86_64-linux-gnu/6/lto-wrapper Target: x86_64-linux-gnu Configured with: ../src/configure -v --with-pkgversion='Ubuntu 6.2.0-7ubuntu11' --with-bugurl=file:///usr/share/doc/gcc-6/README.Bugs --enable-languages=c,ada,c++,java,go,d,fortran,objc,obj-c++ --prefix=/usr --program-suffix=-6 --program-prefix=x86_64-linux-gnu- --enable-shared --enable-linker-build-id --libexecdir=/usr/lib --without-included-gettext --enable-threads=posix --libdir=/usr/lib --enable-nls --with-sysroot=/ --enable-clocale=gnu --enable-libstdcxx-debug --enable-libstdcxx-time=yes --with-default-libstdcxx-abi=new --enable-gnu-unique-object --disable-vtable-verify --enable-libmpx --enable-plugin --enable-default-pie --with-system-zlib --disable-browser-plugin --enable-java-awt=gtk --enable-gtk-cairo --with-java-home=/usr/lib/jvm/java-1.5.0-gcj-6-amd64/jre --enable-java-home --with-jvm-root-dir=/usr/lib/jvm/java-1.5.0-gcj-6-amd64 --with-jvm-jar-dir=/usr/lib/jvm-exports/java-1.5.0-gcj-6-amd64 --with-arch-directory=amd64 --with-ecj-jar=/usr/share/java/eclipse-ecj.jar --enable-objc-gc --enable-multiarch --disable-werror --with-arch-32=i686 --with-abi=m64 --with-multilib-list=m32,m64,mx32 --enable-multilib --with-tune=generic --enable-checking=release --build=x86_64-linux-gnu --host=x86_64-linux-gnu --target=x86_64-linux-gnu Thread model: posix gcc version 6.2.0 20161018 (Ubuntu 6.2.0-7ubuntu11)
[Bug sanitizer/81068] New: Sanitizer memory leak in codecvt_utf8
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=81068
Bug ID: 81068
Summary: Sanitizer memory leak in codecvt_utf8
Product: gcc
Version: 5.4.1
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: sanitizer
Assignee: unassigned at gcc dot gnu.org
Reporter: piotr.stachura at delphi dot com
CC: dodji at gcc dot gnu.org, dvyukov at gcc dot gnu.org,
jakub at gcc dot gnu.org, kcc at gcc dot gnu.org, marxin at
gcc dot gnu.org
Target Milestone: ---
Simple string conversion application compiled with -fsanitize=undefined results
in runtime_error and memory leak.
Code:
--
#include
#include
#include
int main()
{
const uint8_t input_data[] = { 0x22, 0x44, 0xC2, 0x80, 0xC5, 0x96, 0xCD,
0x8B };
std::wstring_convert<std::codecvt_utf8, char16_t> converter;
std::u16string output_string = converter.from_bytes((const
char*)_data[0], (const char*)_data[7]);
return 0;
}
--
Compilation command:
g++ -fsanitize=address -fsanitize=undefined -std=c++11 1.cpp -o 1
Run results:
/usr/include/c++/5/bits/locale_conv.h:68:48: runtime error: member call on
address 0x6030efe0 which does not point to an object of type
'__codecvt_abstract_base'
0x6030efe0: note: object is of type 'std::codecvt_utf8<char16_t, 1114111ul,
(std::codecvt_mode)0>'
01 00 80 21 20 3b b7 eb 54 56 00 00 00 00 00 00 be be be be ff ff 10 00 00
00 00 00 00 00 00 00
^~~
vptr for 'std::codecvt_utf8<char16_t, 1114111ul,
(std::codecvt_mode)0>'
/usr/include/c++/5/bits/codecvt.h:220:36: runtime error: member call on address
0x6030efe0 which does not point to an object of type
'__codecvt_abstract_base'
0x6030efe0: note: object is of type 'std::codecvt_utf8<char16_t, 1114111ul,
(std::codecvt_mode)0>'
01 00 80 21 20 3b b7 eb 54 56 00 00 00 00 00 00 be be be be ff ff 10 00 00
00 00 00 00 00 00 00
^~~
vptr for 'std::codecvt_utf8<char16_t, 1114111ul,
(std::codecvt_mode)0>'
/usr/include/c++/5/bits/codecvt.h:202:32: runtime error: member call on address
0x6030efe0 which does not point to an object of type
'__codecvt_abstract_base'
0x6030efe0: note: object is of type 'std::codecvt_utf8<char16_t, 1114111ul,
(std::codecvt_mode)0>'
01 00 80 21 20 3b b7 eb 54 56 00 00 00 00 00 00 be be be be ff ff 10 00 00
00 00 00 00 00 00 00
^~~
vptr for 'std::codecvt_utf8<char16_t, 1114111ul,
(std::codecvt_mode)0>'
=
==7612==ERROR: LeakSanitizer: detected memory leaks
Direct leak of 384 byte(s) in 6 object(s) allocated from:
#0 0x7fe5ef1ac911 in realloc
(/usr/lib/x86_64-linux-gnu/libasan.so.2+0x98911)
#1 0x7fe5eee1e093 (/usr/lib/x86_64-linux-gnu/libstdc++.so.6+0x92093)
SUMMARY: AddressSanitizer: 384 byte(s) leaked in 6 allocation(s).
Notes:
- issue also visible on gcc 6.2.0
- without -fsanitize=undefined, no errors and no memory leak.
