[Bug sanitizer/110704] New: When ubsan reports an error, asan reports a leak in cp-demangle.c

Mon, 17 Jul 2023 08:26:46 -0700 

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110704

            Bug ID: 110704
           Summary: When ubsan reports an error, asan reports a leak in
                    cp-demangle.c
           Product: gcc
           Version: 13.0
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: sanitizer
          Assignee: unassigned at gcc dot gnu.org
          Reporter: marc.mutz at hotmail dot com
                CC: dodji at gcc dot gnu.org, dvyukov at gcc dot gnu.org,
                    jakub at gcc dot gnu.org, kcc at gcc dot gnu.org, marxin at 
gcc dot gnu.org
  Target Milestone: ---

When, in a combined asan+ubsan build, ubsan reports an error, then I
consistently see a follow-up asan error. Example:

1: tests/auto/corelib/kernel/qobject/tst_qobject.cpp:8324:25: runtime error:
downcast of address 0x7f3dd6cfe4e0 which does not point to an object of type
'Object'
1: 0x7f3dd6cfe4e0: note: object is of type 'QObject'
1:  00 00 00 00  80 3e d2 e1 3d 7f 00 00  c0 f5 e5 01 c0 60 00 00  00 00 20 00
00 00 00 00  00 00 00 00
1:               ^~~~~~~~~~~~~~~~~~~~~~~
1:               vptr for 'QObject'
1: PASS   : tst_QObject::declarativeData()
1: PASS   : tst_QObject::asyncCallbackHelper()
1: PASS   : tst_QObject::cleanupTestCase()
1: Totals: 114 passed, 0 failed, 0 skipped, 0 blacklisted, 3081ms
1: ********* Finished testing of tst_QObject *********
1: 
1: =================================================================
1: ==2734888==ERROR: LeakSanitizer: detected memory leaks
1: 
1: Direct leak of 192 byte(s) in 8 object(s) allocated from:
1:     #0 0x7f3de9bbd685 in __interceptor_realloc
../../../../gcc/libsanitizer/asan/asan_malloc_linux.cpp:85
1:     #1 0x7f3ddc4be8fa in d_growable_string_resize
x86_64-pc-linux-gnu/libstdc++-v3/libsupc++/cp-demangle.c:4277
1:     #2 0x7f3ddc4be8fa in d_growable_string_append_buffer
x86_64-pc-linux-gnu/libstdc++-v3/libsupc++/cp-demangle.c:4301
1:     #3 0x7f3ddc4be8fa in d_growable_string_callback_adapter
x86_64-pc-linux-gnu/libstdc++-v3/libsupc++/cp-demangle.c:4318
1: 
1: SUMMARY: AddressSanitizer: 192 byte(s) leaked in 8 allocation(s).

I can reproduce this on GCC 11 and GCC 13.0.1. It always seems to be 8 objects
and 192 bytes. I can't remember another instance with different numbers.

Expected behaviour: ubsan does not introduce asan leaks.

Reply via email to