public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug libstdc++/64632] New: runtime error: member call on address 0x0000004318a8 which does not point to an object of type 'ios_base'
@ 2015-01-16 16:10 trippels at gcc dot gnu.org
2015-01-19 17:43 ` [Bug libstdc++/64632] " burnus at gcc dot gnu.org
` (5 more replies)
0 siblings, 6 replies; 7+ messages in thread
From: trippels at gcc dot gnu.org @ 2015-01-16 16:10 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=64632
Bug ID: 64632
Summary: runtime error: member call on address 0x0000004318a8
which does not point to an object of type 'ios_base'
Product: gcc
Version: 5.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: libstdc++
Assignee: unassigned at gcc dot gnu.org
Reporter: trippels at gcc dot gnu.org
Created attachment 34465
--> https://gcc.gnu.org/bugzilla/attachment.cgi?id=34465&action=edit
testcase
markus@x4 ~ % g++ -fsanitize=undefined -O2 bench.cpp
markus@x4 ~ % ./a.out
size array vector_point vector_iters deque
list set multiset
/usr/lib/gcc/x86_64-pc-linux-gnu/5.0.0/include/g++-v5/bits/ios_base.h:1037:16:
runtime error: member call on address 0x0000004318a8 which does not point to an
object of type 'ios_base'
0x0000004318a0: note: object is base class subobject at offset 8 within object
of type 'std::ostream'
00 00 00 00 a8 17 ce 25 ca 7f 00 00 d0 17 ce 25 ca 7f 00 00 06 00 00 00 00
00 00 00 00 00 00 00
^ ~~~~~~~~~~~~~~~~~~~~~~~
vptr for '<unknown>' base class of
'std::ostream'
/usr/lib/gcc/x86_64-pc-linux-gnu/5.0.0/include/g++-v5/iomanip:210:7: runtime
error: member call on address 0x0000004318a8 which does not point to an object
of type 'ios_base'
0x0000004318a0: note: object is base class subobject at offset 8 within object
of type 'std::ostream'
00 00 00 00 a8 17 ce 25 ca 7f 00 00 d0 17 ce 25 ca 7f 00 00 06 00 00 00 00
00 00 00 00 00 00 00
^ ~~~~~~~~~~~~~~~~~~~~~~~
vptr for '<unknown>' base class of
'std::ostream'
10 0.23 0.23 0.41 0.77
1.57 0.97 1.44
^C
markus@x4 ~ % clang++ -fsanitize=undefined -O2 bench.cpp
markus@x4 ~ % ./a.out
size array vector_point vector_iters deque
list set multiset
/usr/lib64/gcc/x86_64-pc-linux-gnu/5.0.0/include/g++-v5/bits/ios_base.h:102:24:
runtime error: load of value 4294967035, which is not a valid value for type
'std::_Ios_Fmtflags'
/usr/lib64/gcc/x86_64-pc-linux-gnu/5.0.0/include/g++-v5/bits/ios_base.h:82:67:
runtime error: load of value 4294967035, which is not a valid value for type
'std::_Ios_Fmtflags'
10 0.26 0.28 0.51 2.13
3.81 1.26 2.04
^C
^ permalink raw reply [flat|nested] 7+ messages in thread
* [Bug libstdc++/64632] runtime error: member call on address 0x0000004318a8 which does not point to an object of type 'ios_base'
2015-01-16 16:10 [Bug libstdc++/64632] New: runtime error: member call on address 0x0000004318a8 which does not point to an object of type 'ios_base' trippels at gcc dot gnu.org
@ 2015-01-19 17:43 ` burnus at gcc dot gnu.org
2015-01-19 18:15 ` redi at gcc dot gnu.org
` (4 subsequent siblings)
5 siblings, 0 replies; 7+ messages in thread
From: burnus at gcc dot gnu.org @ 2015-01-19 17:43 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=64632
Tobias Burnus <burnus at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |burnus at gcc dot gnu.org
--- Comment #1 from Tobias Burnus <burnus at gcc dot gnu.org> ---
Smaller test case:
#include <fstream>
int main() {
std::ofstream m_outFile;
m_outFile.open("test");
return m_outFile.good();
}
Gives:
foo.cc:6:24: runtime error: member call on address 0x7fff6ba3da28 which does
not point to an object of type 'basic_ios'
0x7fff6ba3d930: note: object is base class subobject at offset 248 within
object of type 'std::basic_ofstream<char, std::char_traits<char> >'
^ permalink raw reply [flat|nested] 7+ messages in thread
* [Bug libstdc++/64632] runtime error: member call on address 0x0000004318a8 which does not point to an object of type 'ios_base'
2015-01-16 16:10 [Bug libstdc++/64632] New: runtime error: member call on address 0x0000004318a8 which does not point to an object of type 'ios_base' trippels at gcc dot gnu.org
2015-01-19 17:43 ` [Bug libstdc++/64632] " burnus at gcc dot gnu.org
@ 2015-01-19 18:15 ` redi at gcc dot gnu.org
2015-01-20 15:28 ` jakub at gcc dot gnu.org
` (3 subsequent siblings)
5 siblings, 0 replies; 7+ messages in thread
From: redi at gcc dot gnu.org @ 2015-01-19 18:15 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=64632
--- Comment #2 from Jonathan Wakely <redi at gcc dot gnu.org> ---
This just does the same std::ios_base::_M_streambuf_state member directly
rather than through the basic_ios<char>::rdstate() member function (compile
with -fno-access-control)
#include <fstream>
int main()
{
std::ofstream f;
std::ios_base& base = f;
return base._M_streambuf_state;
}
ub.cc:6:15: runtime error: member access within address 0x7fff3d4e47e8 which
does not point to an object of type 'ios_base'
0x7fff3d4e46f0: note: object is base class subobject at offset 248 within
object of type 'std::basic_ofstream<char, std::char_traits<char> >'
00 00 00 00 f8 c2 37 36 c2 7f 00 00 40 c1 37 36 c2 7f 00 00 00 00 00 00 00
00 00 00 00 00 00 00
^
I don't see how this can possibly go wrong ... it just accesses a member of a
base class. It makes no difference if you don't use the reference to base:
std::ofstream f;
return f._M_streambuf_state;
Or use a pointer instead of reference:
std::ofstream f;
std::ios_base* base = &f;
return base->_M_streambuf_state;
I don't think this is a libstdc++ issue.
^ permalink raw reply [flat|nested] 7+ messages in thread
* [Bug libstdc++/64632] runtime error: member call on address 0x0000004318a8 which does not point to an object of type 'ios_base'
2015-01-16 16:10 [Bug libstdc++/64632] New: runtime error: member call on address 0x0000004318a8 which does not point to an object of type 'ios_base' trippels at gcc dot gnu.org
2015-01-19 17:43 ` [Bug libstdc++/64632] " burnus at gcc dot gnu.org
2015-01-19 18:15 ` redi at gcc dot gnu.org
@ 2015-01-20 15:28 ` jakub at gcc dot gnu.org
2015-01-20 15:58 ` [Bug sanitizer/64632] " jakub at gcc dot gnu.org
` (2 subsequent siblings)
5 siblings, 0 replies; 7+ messages in thread
From: jakub at gcc dot gnu.org @ 2015-01-20 15:28 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=64632
Jakub Jelinek <jakub at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |jakub at gcc dot gnu.org
--- Comment #3 from Jakub Jelinek <jakub at gcc dot gnu.org> ---
Seems if I compile the testcases with clang++ -S -fsanitize=vptr instead of g++
-S -fsanitize=vptr and then link against gcc 5.0 libubsan, it emits the same
runtime error. If I link against llvm 3.5.0 libubsan the g++ -fsanitize=vptr
-S compiled test, it works. So I think this must be a library issue.
^ permalink raw reply [flat|nested] 7+ messages in thread
* [Bug sanitizer/64632] runtime error: member call on address 0x0000004318a8 which does not point to an object of type 'ios_base'
2015-01-16 16:10 [Bug libstdc++/64632] New: runtime error: member call on address 0x0000004318a8 which does not point to an object of type 'ios_base' trippels at gcc dot gnu.org
` (2 preceding siblings ...)
2015-01-20 15:28 ` jakub at gcc dot gnu.org
@ 2015-01-20 15:58 ` jakub at gcc dot gnu.org
2015-01-20 20:40 ` jakub at gcc dot gnu.org
2015-01-20 21:09 ` jakub at gcc dot gnu.org
5 siblings, 0 replies; 7+ messages in thread
From: jakub at gcc dot gnu.org @ 2015-01-20 15:58 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=64632
Jakub Jelinek <jakub at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|UNCONFIRMED |ASSIGNED
Last reconfirmed| |2015-01-20
Assignee|unassigned at gcc dot gnu.org |jakub at gcc dot gnu.org
Ever confirmed|0 |1
--- Comment #4 from Jakub Jelinek <jakub at gcc dot gnu.org> ---
Created attachment 34501
--> https://gcc.gnu.org/bugzilla/attachment.cgi?id=34501&action=edit
gcc5-pr64632.patch
Untested fix.
^ permalink raw reply [flat|nested] 7+ messages in thread
* [Bug sanitizer/64632] runtime error: member call on address 0x0000004318a8 which does not point to an object of type 'ios_base'
2015-01-16 16:10 [Bug libstdc++/64632] New: runtime error: member call on address 0x0000004318a8 which does not point to an object of type 'ios_base' trippels at gcc dot gnu.org
` (3 preceding siblings ...)
2015-01-20 15:58 ` [Bug sanitizer/64632] " jakub at gcc dot gnu.org
@ 2015-01-20 20:40 ` jakub at gcc dot gnu.org
2015-01-20 21:09 ` jakub at gcc dot gnu.org
5 siblings, 0 replies; 7+ messages in thread
From: jakub at gcc dot gnu.org @ 2015-01-20 20:40 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=64632
--- Comment #5 from Jakub Jelinek <jakub at gcc dot gnu.org> ---
Author: jakub
Date: Tue Jan 20 20:39:52 2015
New Revision: 219912
URL: https://gcc.gnu.org/viewcvs?rev=219912&root=gcc&view=rev
Log:
PR sanitizer/64632
* ubsan/ubsan_type_hash.cc: Cherry pick upstream r224972.
* g++.dg/ubsan/pr64632.C: New test.
Added:
trunk/gcc/testsuite/g++.dg/ubsan/pr64632.C
Modified:
trunk/gcc/testsuite/ChangeLog
trunk/libsanitizer/ChangeLog
trunk/libsanitizer/ubsan/ubsan_type_hash.cc
^ permalink raw reply [flat|nested] 7+ messages in thread
* [Bug sanitizer/64632] runtime error: member call on address 0x0000004318a8 which does not point to an object of type 'ios_base'
2015-01-16 16:10 [Bug libstdc++/64632] New: runtime error: member call on address 0x0000004318a8 which does not point to an object of type 'ios_base' trippels at gcc dot gnu.org
` (4 preceding siblings ...)
2015-01-20 20:40 ` jakub at gcc dot gnu.org
@ 2015-01-20 21:09 ` jakub at gcc dot gnu.org
5 siblings, 0 replies; 7+ messages in thread
From: jakub at gcc dot gnu.org @ 2015-01-20 21:09 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=64632
Jakub Jelinek <jakub at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|ASSIGNED |RESOLVED
Resolution|--- |FIXED
--- Comment #6 from Jakub Jelinek <jakub at gcc dot gnu.org> ---
Should be fixed now.
^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2015-01-20 21:09 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2015-01-16 16:10 [Bug libstdc++/64632] New: runtime error: member call on address 0x0000004318a8 which does not point to an object of type 'ios_base' trippels at gcc dot gnu.org
2015-01-19 17:43 ` [Bug libstdc++/64632] " burnus at gcc dot gnu.org
2015-01-19 18:15 ` redi at gcc dot gnu.org
2015-01-20 15:28 ` jakub at gcc dot gnu.org
2015-01-20 15:58 ` [Bug sanitizer/64632] " jakub at gcc dot gnu.org
2015-01-20 20:40 ` jakub at gcc dot gnu.org
2015-01-20 21:09 ` jakub at gcc dot gnu.org
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).