[Bug sanitizer/100439] stack overflow running ubsan
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=100439 --- Comment #14 from Florin Iucha --- Bisecting the configure flags, I think I narrowed it down to: it fails when "--enable-gnu-indirect-function" is present.
[Bug sanitizer/100439] stack overflow running ubsan
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=100439 --- Comment #13 from Florin Iucha --- With GCC 11-20210703 snapshot I can reproduce the observation on Ubuntu 20.04 but can not reproduce the observation on Debian testing.
[Bug sanitizer/100439] stack overflow running ubsan
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=100439
--- Comment #12 from Florin Iucha ---
Actually, it gets even better - no clang needed. Just build GCC 11-20210626
Snapshot and build the example using the Google test recipe:
#
# Makefile
#
ALL: bin/test_hello
.PHONY: clean
CXX=/opt/gcc11-for-tng/bin/g++-11
CXXFLAGS=-m64 -g -std=c++20 -fsanitize=undefined -fno-omit-frame-pointer
LDFLAGS=-L/opt/gcc11-for-tng/lib64 -Wl,-rpath,/opt/gcc11-for-tng/lib64
-fsanitize=undefined
GOOGLE_TEST_PATH=googletest/googletest
GOOGLE_TEST_OBJECTS=obj/gtest.o obj/gtest_main.o obj/gtest-port.o
obj/gtest-filepath.o obj/gtest-death-test.o obj/gtest-test-part.o
obj/gtest-printers.o
obj/test_hello.o: test_hello.cpp
$(CXX) $(CXXFLAGS) -o $@ -I$(GOOGLE_TEST_PATH)/include -c $<
obj/gtest.o: $(GOOGLE_TEST_PATH)/src/gtest.cc
$(CXX) $(CXXFLAGS) -o $@ -I$(GOOGLE_TEST_PATH)/include
-I$(GOOGLE_TEST_PATH) -c $<
obj/gtest%.o: $(GOOGLE_TEST_PATH)/src/gtest%.cc
$(CXX) $(CXXFLAGS) -o $@ -I$(GOOGLE_TEST_PATH)/include
-I$(GOOGLE_TEST_PATH) -c $<
bin/test_hello: obj/test_hello.o $(GOOGLE_TEST_OBJECTS)
$(CXX) -o $@ $(LDFLAGS) $^ -lpthread
clean:
$(RM) bin/test_hello obj/*.o
#
# test_hello.cpp
#
#include
#include
TEST(Hello, World)
{
ASSERT_EQ(43, std::stoi("42"));
}
--
After build:
$ ldd bin/test_hello
linux-vdso.so.1 (0x7ffc551ee000)
libpthread.so.0 => /lib/x86_64-linux-gnu/libpthread.so.0
(0x7f387908d000)
libstdc++.so.6 => /opt/gcc11-for-tng/lib64/libstdc++.so.6
(0x7f3878ce4000)
libm.so.6 => /lib/x86_64-linux-gnu/libm.so.6 (0x7f3878b95000)
libubsan.so.1 => /opt/gcc11-for-tng/lib64/libubsan.so.1
(0x7f387803c000)
libgcc_s.so.1 => /opt/gcc11-for-tng/lib64/libgcc_s.so.1
(0x7f3877e29000)
libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x7f3877c37000)
/lib64/ld-linux-x86-64.so.2 (0x7f387933a000)
libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x7f3877c2f000)
librt.so.1 => /lib/x86_64-linux-gnu/librt.so.1 (0x7f3877c24000)
$ gdb bin/test_hello
...
...
Program received signal SIGSEGV, Segmentation fault.
0x76f4f555 in HandleDynamicTypeCacheMiss (Data=0x557a49a0,
Pointer=140737353637960, Hash=3327454538508686025, Opts=...)
at ../../../../gcc/libsanitizer/ubsan/ubsan_handlers_cxx.cpp:36
36 ../../../../gcc/libsanitizer/ubsan/ubsan_handlers_cxx.cpp: No such file
or directory.
...
(gdb) bt
#44921 0x76f50516 in __ubsan::checkDynamicType
(Object=Object@entry=0x77f87588 >,
Type=0x77f860b8 , Hash=8146310091054124745) at
../../../../gcc/libsanitizer/ubsan/ubsan_type_hash_itanium.cpp:233
#44922 0x76f4f55a in HandleDynamicTypeCacheMiss (Data=0x557a49a0,
Pointer=140737353643400, Hash=, Opts=...) at
../../../../gcc/libsanitizer/ubsan/ubsan_handlers_cxx.cpp:36
#44923 0x76f4fa92 in __ubsan::__ubsan_handle_dynamic_type_cache_miss
(Data=, Pointer=, Hash=) at
../../../../gcc/libsanitizer/ubsan/ubsan_handlers_cxx.cpp:87
#44924 0x5567addd in std::type_info::operator== (this=0x77f87588
>, __arg=...) at
/opt/gcc11-for-tng/include/c++/11.1.1/typeinfo:122
#44925 0x77c9beec in __cxxabiv1::__vmi_class_type_info::__do_dyncast
(this=0x77f87588 >, src2dst=0,
access_path=__cxxabiv1::__class_type_info::__contained_public,
dst_type=0x77f87588 >, obj_ptr=0x77f93e00
<(anonymous namespace)::ctype_c>, src_type=0x77f86298 , src_ptr=0x77f93e00 <(anonymous namespace)::ctype_c>,
result=...) at ../../../../gcc/libstdc++-v3/libsupc++/vmi_class_type_info.cc:91
#44926 0x77c999e9 in __cxxabiv1::__dynamic_cast (src_ptr=0x77f93e00
<(anonymous namespace)::ctype_c>, src_type=0x77f86298 , dst_type=0x77f87588 >,
src2dst=0) at ../../../../gcc/libstdc++-v3/libsupc++/dyncast.cc:74
#44927 0x77cdfd6d in std::has_facet > (__loc=...) at
/home/fiucha/tools/gcc.objdir/x86_64-linux-gnu/libstdc++-v3/include/bits/locale_classes.tcc:110
#44928 0x77cd6fcf in std::basic_ios
>::_M_cache_locale (this=this@entry=0x557cc988 ,
__loc=...) at
/home/fiucha/tools/gcc.objdir/x86_64-linux-gnu/libstdc++-v3/include/bits/basic_ios.tcc:159
#44929 0x77cd7263 in std::basic_ios
>::init (this=this@entry=0x557cc988 ,
__sb=__sb@entry=0x77f92460 <__gnu_internal::buf_cout_sync>) at
/home/fiucha/tools/gcc.objdir/x86_64-linux-gnu/libstdc++-v3/include/bits/basic_ios.tcc:132
#44930 0x77ce72db in std::basic_ostream
>::basic_ostream (__sb=, __vtt_parm=0x0, __in_chrg=1,
this=0x557cc980 ) at
/home/fiucha/tools/gcc.objdir/x86_64-linux-gnu/libstdc++-v3/include/ostream:85
#44931 std::basic_ostream >::basic_ostream
(this=0x557cc980 , __sb=0x77f92460
<__gnu_internal::buf_cout_sync>) at
/home/fiucha/tools/gcc.objdir/x86_64-linux-gnu/libstdc++-v3/include/ostream:85
#44932 0x77ca39c3 in std::ios_base::Init::Init (this=)
at /home/fiucha/tools/gcc/libstdc++-v3/libsupc++/new:175
#44933
[Bug sanitizer/100439] stack overflow running ubsan
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=100439
--- Comment #11 from Florin Iucha ---
Updated Makefile for clang12:
#---
ALL: bin/test_hello
.PHONY: clean
CXX=/opt/clang12-for-tng/bin/clang++
CXXFLAGS=-m64 -g -std=c++20 --gcc-toolchain=/opt/gcc11-for-tng
-fsanitize=undefined -fno-omit-frame-pointer
LDFLAGS=-L/opt/gcc11-for-tng/lib64 -Wl,-rpath,/opt/gcc11-for-tng/lib64
-fsanitize=undefined
GOOGLE_TEST_PATH=googletest/googletest
GOOGLE_TEST_OBJECTS=obj/gtest.o obj/gtest_main.o obj/gtest-port.o
obj/gtest-filepath.o obj/gtest-death-test.o obj/gtest-test-part.o
obj/gtest-printers.o
obj/test_hello.o: test_hello.cpp
$(CXX) $(CXXFLAGS) -o $@ -I$(GOOGLE_TEST_PATH)/include -c $<
obj/gtest.o: $(GOOGLE_TEST_PATH)/src/gtest.cc
$(CXX) $(CXXFLAGS) -o $@ -I$(GOOGLE_TEST_PATH)/include
-I$(GOOGLE_TEST_PATH) -c $<
obj/gtest%.o: $(GOOGLE_TEST_PATH)/src/gtest%.cc
$(CXX) $(CXXFLAGS) -o $@ -I$(GOOGLE_TEST_PATH)/include
-I$(GOOGLE_TEST_PATH) -c $<
bin/test_hello: obj/test_hello.o $(GOOGLE_TEST_OBJECTS)
$(CXX) -o $@ $(LDFLAGS) $^ -lpthread
clean:
$(RM) bin/test_hello obj/*.o
# -
The content of the test file:
#include
#include
TEST(Hello, World)
{
ASSERT_EQ(43, std::stoi("42"));
}
[Bug sanitizer/100439] stack overflow running ubsan
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=100439 --- Comment #10 from Florin Iucha --- I am able to reproduce something similar by building GCC11 from snapshot 11-20210626 (96358cbbe6e6447519a155301b6acb1624c0) and then using Clang12 (12.0.1-rc4) ubsan: #234 0x7f9769d39670 in __cxxabiv1::__si_class_type_info::__do_dyncast(long, __cxxabiv1::__class_type_info::__sub_kind, __cxxabiv1::__[0/48169] e_info const*, void const*, __cxxabiv1::__class_type_info const*, void const*, __cxxabiv1::__class_type_info::__dyncast_result&) const /home/fiuch a/tools/gcc.objdir/x86_64-linux-gnu/libstdc++-v3/libsupc++/../../../../gcc/libstdc++-v3/libsupc++/si_class_type_info.cc:52:13 #235 0x7f9769d379e8 in __dynamic_cast /home/fiucha/tools/gcc.objdir/x86_64-linux-gnu/libstdc++-v3/libsupc++/../../../../gcc/libstdc++-v3/libsu pc++/dyncast.cc:74:28 #236 0x5dd0b6 in __ubsan::checkDynamicType(void*, void*, unsigned long) /home/fiucha/tools/llvm12/compiler-rt/lib/ubsan/ubsan_type_hash_itaniu m.cpp:233:5 #237 0x5dbf11 in HandleDynamicTypeCacheMiss(__ubsan::DynamicTypeCacheMissData*, unsigned long, unsigned long, __ubsan::ReportOptions) /home/fiucha/tools/llvm12/compiler-rt/lib/ubsan/ubsan_handlers_cxx.cpp:36:7 #238 0x5dbee9 in __ubsan_handle_dynamic_type_cache_miss /home/fiucha/tools/llvm12/compiler-rt/lib/ubsan/ubsan_handlers_cxx.cpp:87:3 #239 0x60b931 in std::type_info::operator==(std::type_info const&) const /opt/gcc11-for-tng/lib/gcc/x86_64-linux-gnu/11.1.1/../../../../include/c++/11.1.1/typeinfo:122:16 #240 0x7f9769d39670 in __cxxabiv1::__si_class_type_info::__do_dyncast(long, __cxxabiv1::__class_type_info::__sub_kind, __cxxabiv1::__class_type_info const*, void const*, __cxxabiv1::__class_type_info const*, void const*, __cxxabiv1::__class_type_info::__dyncast_result&) const /home/fiucha/tools/gcc.objdir/x86_64-linux-gnu/libstdc++-v3/libsupc++/../../../../gcc/libstdc++-v3/libsupc++/si_class_type_info.cc:52:13 #241 0x7f9769d379e8 in __dynamic_cast /home/fiucha/tools/gcc.objdir/x86_64-linux-gnu/libstdc++-v3/libsupc++/../../../../gcc/libstdc++-v3/libsu pc++/dyncast.cc:74:28 #242 0x5dd0b6 in __ubsan::checkDynamicType(void*, void*, unsigned long) /home/fiucha/tools/llvm12/compiler-rt/lib/ubsan/ubsan_type_hash_itaniu m.cpp:233:5 #243 0x5dbf11 in HandleDynamicTypeCacheMiss(__ubsan::DynamicTypeCacheMissData*, unsigned long, unsigned long, __ubsan::ReportOptions) /home/fi ucha/tools/llvm12/compiler-rt/lib/ubsan/ubsan_handlers_cxx.cpp:36:7 #244 0x5dbee9 in __ubsan_handle_dynamic_type_cache_miss /home/fiucha/tools/llvm12/compiler-rt/lib/ubsan/ubsan_handlers_cxx.cpp:87:3 #245 0x60b931 in std::type_info::operator==(std::type_info const&) const /opt/gcc11-for-tng/lib/gcc/x86_64-linux-gnu/11.1.1/../../../../includ e/c++/11.1.1/typeinfo:122:16 #246 0x7f9769d39670 in __cxxabiv1::__si_class_type_info::__do_dyncast(long, __cxxabiv1::__class_type_info::__sub_kind, __cxxabiv1::__class_typ e_info const*, void const*, __cxxabiv1::__class_type_info const*, void const*, __cxxabiv1::__class_type_info::__dyncast_result&) const /home/fiuch a/tools/gcc.objdir/x86_64-linux-gnu/libstdc++-v3/libsupc++/../../../../gcc/libstdc++-v3/libsupc++/si_class_type_info.cc:52:13 #247 0x7f9769d379e8 in __dynamic_cast /home/fiucha/tools/gcc.objdir/x86_64-linux-gnu/libstdc++-v3/libsupc++/../../../../gcc/libstdc++-v3/libsu pc++/dyncast.cc:74:28 #248 0x5dd0b6 in __ubsan::checkDynamicType(void*, void*, unsigned long) /home/fiucha/tools/llvm12/compiler-rt/lib/ubsan/ubsan_type_hash_itaniu m.cpp:233:5 #249 0x5dbf11 in HandleDynamicTypeCacheMiss(__ubsan::DynamicTypeCacheMissData*, unsigned long, unsigned long, __ubsan::ReportOptions) /home/fi ucha/tools/llvm12/compiler-rt/lib/ubsan/ubsan_handlers_cxx.cpp:36:7 SUMMARY: AddressSanitizer: stack-overflow /home/fiucha/tools/llvm12/compiler-rt/lib/sanitizer_common/sanitizer_posix_libcdep.cpp:278 in __sanitize r::IsAccessibleMemoryRange(unsigned long, unsigned long) ==2162813==ABORTING This doesn't fail on a simple hello_ub.cpp example - but on a complex module using Google test, again.
[Bug sanitizer/100439] stack overflow running ubsan
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=100439 --- Comment #9 from Florin Iucha --- I was not able to reproduce the observation using the native compiler and system glibc.
[Bug sanitizer/100439] stack overflow running ubsan
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=100439 --- Comment #8 from Martin Liška --- > Note this happens when GCC and GLIBC are built with crosstool-ng > (https://crosstool-ng.github.io/); I will attach the configuration file used > to generate the toolchain. Well, that's something I'm not going to build :/ So am I correct that it does not happen with native compiler and system glibc library?
[Bug sanitizer/100439] stack overflow running ubsan
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=100439 --- Comment #7 from Florin Iucha --- Created attachment 50809 --> https://gcc.gnu.org/bugzilla/attachment.cgi?id=50809=edit crosstool-ng configuration file
[Bug sanitizer/100439] stack overflow running ubsan
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=100439 --- Comment #6 from Florin Iucha --- With the test file above, and this Makefile: --8< --8< --8< --8< --8< --8< --8< --8< --8< --8< --8< --8< ALL: bin/test_hello .PHONY: clean CXX=/opt/tng-gcc11-glibc-linux5.4/bin/x86_64-tng-linux-gnu-g++ CXXFLAGS=-m64 -g -std=c++20 -fsanitize=undefined -fno-omit-frame-pointer LDFLAGS=-Wl,-rpath -Wl,/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib -Wl,-dynamic-linker /opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib/ld-linux-x86-64.so.2 -fsanitize=undefined GOOGLE_TEST_PATH=googletest/googletest GOOGLE_TEST_OBJECTS=obj/gtest.o obj/gtest_main.o obj/gtest-port.o obj/gtest-filepath.o obj/gtest-death-test.o obj/gtest-test-part.o obj/gtest-printers.o obj/test_hello.o: test_hello.cpp $(CXX) $(CXXFLAGS) -o $@ -I$(GOOGLE_TEST_PATH)/include -c $< obj/gtest.o: $(GOOGLE_TEST_PATH)/src/gtest.cc $(CXX) $(CXXFLAGS) -o $@ -I$(GOOGLE_TEST_PATH)/include -I$(GOOGLE_TEST_PATH) -c $< obj/gtest%.o: $(GOOGLE_TEST_PATH)/src/gtest%.cc $(CXX) $(CXXFLAGS) -o $@ -I$(GOOGLE_TEST_PATH)/include -I$(GOOGLE_TEST_PATH) -c $< bin/test_hello: obj/test_hello.o $(GOOGLE_TEST_OBJECTS) $(CXX) -o $@ $(LDFLAGS) $^ -lpthread clean: $(RM) bin/test_hello obj/*.o --8< --8< --8< --8< --8< --8< --8< --8< --8< --8< --8< --8< Cloning google test: $ git clone https://github.com/google/googletest (The HEAD now is at f5e592d8ee5ffb1d9af5be7f715ce3576b8bf9c4) Building: $ make /opt/tng-gcc11-glibc-linux5.4/bin/x86_64-tng-linux-gnu-g++ -m64 -g -std=c++20 -fsanitize=undefined -fno-omit-frame-pointer -o obj/test_hello.o -Igoogletest/googletest/include -c test_hello.cpp /opt/tng-gcc11-glibc-linux5.4/bin/x86_64-tng-linux-gnu-g++ -m64 -g -std=c++20 -fsanitize=undefined -fno-omit-frame-pointer -o obj/gtest.o -Igoogletest/googletest/include -Igoogletest/googletest -c googletest/googletest/src/gtest.cc /opt/tng-gcc11-glibc-linux5.4/bin/x86_64-tng-linux-gnu-g++ -m64 -g -std=c++20 -fsanitize=undefined -fno-omit-frame-pointer -o obj/gtest_main.o -Igoogletest/googletest/include -Igoogletest/googletest -c googletest/googletest/src/gtest_main.cc /opt/tng-gcc11-glibc-linux5.4/bin/x86_64-tng-linux-gnu-g++ -m64 -g -std=c++20 -fsanitize=undefined -fno-omit-frame-pointer -o obj/gtest-port.o -Igoogletest/googletest/include -Igoogletest/googletest -c googletest/googletest/src/gtest-port.cc /opt/tng-gcc11-glibc-linux5.4/bin/x86_64-tng-linux-gnu-g++ -m64 -g -std=c++20 -fsanitize=undefined -fno-omit-frame-pointer -o obj/gtest-filepath.o -Igoogletest/googletest/include -Igoogletest/googletest -c googletest/googletest/src/gtest-filepath.cc /opt/tng-gcc11-glibc-linux5.4/bin/x86_64-tng-linux-gnu-g++ -m64 -g -std=c++20 -fsanitize=undefined -fno-omit-frame-pointer -o obj/gtest-death-test.o -Igoogletest/googletest/include -Igoogletest/googletest -c googletest/googletest/src/gtest-death-test.cc /opt/tng-gcc11-glibc-linux5.4/bin/x86_64-tng-linux-gnu-g++ -m64 -g -std=c++20 -fsanitize=undefined -fno-omit-frame-pointer -o obj/gtest-test-part.o -Igoogletest/googletest/include -Igoogletest/googletest -c googletest/googletest/src/gtest-test-part.cc /opt/tng-gcc11-glibc-linux5.4/bin/x86_64-tng-linux-gnu-g++ -m64 -g -std=c++20 -fsanitize=undefined -fno-omit-frame-pointer -o obj/gtest-printers.o -Igoogletest/googletest/include -Igoogletest/googletest -c googletest/googletest/src/gtest-printers.cc /opt/tng-gcc11-glibc-linux5.4/bin/x86_64-tng-linux-gnu-g++ -o bin/test_hello -Wl,-rpath -Wl,/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib -Wl,-dynamic-linker /opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib/ld-linux-x86-64.so.2 -fsanitize=undefined obj/test_hello.o obj/gtest.o obj/gtest_main.o obj/gtest-port.o obj/gtest-filepath.o obj/gtest-death-test.o obj/gtest-test-part.o obj/gtest-printers.o -lpthread Running: $ ./bin/test_hello zsh: segmentation fault (core dumped) ./bin/test_hello Debugging: (gdb) b __dynamic_cast Breakpoint 1 at 0x4095c0 (gdb) ignore 1 3 Will ignore next 3 crossings of breakpoint 1. (gdb) run ... Breakpoint 1, 0x77ea92fd in __dynamic_cast () from /opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib/libstdc++.so.6 (gdb) bt #0 0x77ea92fd in __dynamic_cast () from /opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib/libstdc++.so.6 #1 0x7736be36 in ?? () from /opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib/libubsan.so.1 #2 0x7736ae7a in ?? () from /opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib/libubsan.so.1 #3 0x7736b3b2 in __ubsan_handle_dynamic_type_cache_miss () from /opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib/libubsan.so.1 #4 0x0045fdaa in std::type_info::operator== (this=0x77f97068 , __arg=...) at /opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/include/c++/11.1.1/typeinfo:122 #5 0x77eab007 in
[Bug sanitizer/100439] stack overflow running ubsan
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=100439 --- Comment #5 from Florin Iucha --- It is a "CMake object library" - not a static library. I will prepare a more self-contained test case shortly.
[Bug sanitizer/100439] stack overflow running ubsan
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=100439 --- Comment #4 from Martin Liška --- The test-case links to some static libraries: lib/libgmock_maind.a please provide full steps how to reproduce that?
[Bug sanitizer/100439] stack overflow running ubsan
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=100439 --- Comment #3 from Florin Iucha --- Tried it with current HEAD of https://github.com/google/googletest (f5e592d8ee5ffb1d9af5be7f715ce3576b8bf9c4), with the cmake patched to add "-fsanitize=undefined -fno-omit-frame-pointer -std=c++2a" and the behavior is reproducible there.
[Bug sanitizer/100439] stack overflow running ubsan
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=100439
--- Comment #2 from Florin Iucha ---
This is for regular x86-64; we're using a cross-compiler sysroot to avoid
dependency on system libraries and be able to run the binary on different Linux
distributions.
I can't reproduce the problem on a "hello, world" C++ program, but I was able
to reproduce it on a minimal Google test:
--8< --8< --8< --8< --8< --8< --8< --8< --8< --8< --8< --8<
#include
#include
TEST(Hello, World)
{
ASSERT_EQ(43, std::stoi("42"));
}
--8< --8< --8< --8< --8< --8< --8< --8< --8< --8< --8< --8<
Built using:
/opt/tng-gcc11-glibc-linux5.4/bin/x86_64-tng-linux-gnu-g++ -m64 -g -std=c++20
-fsanitize=undefined -fno-omit-frame-pointer -o hello.o -c hello.cpp
/opt/tng-gcc11-glibc-linux5.4/bin/x86_64-tng-linux-gnu-g++ -o hello -Wl,-rpath
-Wl,/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib
-Wl,-dynamic-linker
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib/ld-linux-x86-64.so.2
-fsanitize=undefined hello.o
/opt/tng-gcc11-glibc-linux5.4/bin/x86_64-tng-linux-gnu-g++ -m64 -g -std=c++20
-fsanitize=undefined -fno-omit-frame-pointer -o test_hello.o
-I/home/fiucha/.conan/data/gtest/20201109/amd/tng/package/150f650d359c1c443c3bb8ac2ffee0bdec61d239/include
-c test_hello.cpp
/opt/tng-gcc11-glibc-linux5.4/bin/x86_64-tng-linux-gnu-g++ -o test_hello
-Wl,-rpath -Wl,/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib
-Wl,-dynamic-linker
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib/ld-linux-x86-64.so.2
-fsanitize=undefined test_hello.o
/home/fiucha/.conan/data/gtest/20201109/amd/tng/package/150f650d359c1c443c3bb8ac2ffee0bdec61d239/lib/libgmock_maind.a
/home/fiucha/.conan/data/gtest/20201109/amd/tng/package/150f650d359c1c443c3bb8ac2ffee0bdec61d239/lib/libgmockd.a
/home/fiucha/.conan/data/gtest/20201109/amd/tng/package/150f650d359c1c443c3bb8ac2ffee0bdec61d239/lib/libgtestd.a
-lpthread
./test_hello
zsh: segmentation fault (core dumped) ./test_hello
Running under gdb:
(gdb) b __dynamic_cast
Breakpoint 1 at 0x40a620
(gdb) run
Breakpoint 1, 0x77ea92fd in __dynamic_cast () from
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib/libstdc++.so.6
(gdb) bt
#0 0x77ea92fd in __dynamic_cast () from
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib/libstdc++.so.6
#1 0x77eef6ff in bool std::has_facet >(std::locale
const&) ()
from
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib/libstdc++.so.6
#2 0x77ee6977 in std::basic_ios
>::_M_cache_locale(std::locale const&) ()
from
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib/libstdc++.so.6
#3 0x77ee6c01 in std::basic_ios
>::init(std::basic_streambuf >*) ()
from
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib/libstdc++.so.6
#4 0x77ef6c6d in std::basic_ostream
>::basic_ostream(std::basic_streambuf >*) ()
from
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib/libstdc++.so.6
#5 0x77eb335b in std::ios_base::Init::Init() () from
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib/libstdc++.so.6
#6 0x0040af7b in __static_initialization_and_destruction_0
(__initialize_p=1, __priority=65535)
at
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/include/c++/11.1.1/iostream:74
#7 0x0040b1d3 in _GLOBAL__sub_I__ZN16Hello_World_Test10test_info_E ()
at test_hello.cpp:8
#8 0x0053c5f5 in __libc_csu_init (argc=argc@entry=1,
argv=argv@entry=0x7fffe8b8, envp=0x7fffe8c8) at elf-init.c:89
#9 0x771aa76d in __libc_start_main (main=0x40f8b9 ,
argc=1, argv=0x7fffe8b8, init=0x53c5b0 <__libc_csu_init>,
fini=, rtld_fini=, stack_end=0x7fffe8a8)
at ../csu/libc-start.c:279
#10 0x0040ac4a in _start () at ../sysdeps/x86_64/start.S:120
(gdb) ignore 1 999
Will ignore next 999 crossings of breakpoint 1.
(gdb) c
Continuing.
Program received signal SIGSEGV, Segmentation fault.
0x7736ae75 in ?? () from
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib/libubsan.so.1
(gdb) info breakpoints
Num Type Disp Enb AddressWhat
1 breakpoint keep y 0x77ea92fd <__dynamic_cast>
breakpoint already hit 7488 times
ignore next 9992512 hits
[Bug sanitizer/100439] stack overflow running ubsan
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=100439 Richard Biener changed: What|Removed |Added Ever confirmed|0 |1 Status|UNCONFIRMED |WAITING Last reconfirmed||2021-05-06 --- Comment #1 from Richard Biener --- What target is this for? Can you share the test program?
