http://gcc.gnu.org/bugzilla/show_bug.cgi?id=59258
Bug ID: 59258 Summary: usan: ICE(segfault): stack-buffer-overflow with -fsanitize=undefined Product: gcc Version: 4.9.0 Status: UNCONFIRMED Keywords: ice-on-valid-code Severity: normal Priority: P3 Component: sanitizer Assignee: unassigned at gcc dot gnu.org Reporter: burnus at gcc dot gnu.org CC: dodji at gcc dot gnu.org, dvyukov at gcc dot gnu.org, jakub at gcc dot gnu.org, kcc at gcc dot gnu.org, mpolacek at gcc dot gnu.org I run into this with a bigger code and GCC 4.9 r205287 on x86-64-gnu-linux. Using an about one-week old GCC, it compiled successfully - but now it segfaults. I have now created a -fsanitize=address GCC build, which allowed me to reduce the code (before, I couldn't go smaller than about 64k). In any case, GCC now fails for: cc1plus -fsanitize=undefined for this 5-line program: class Parent { }; class RefNameDict : public Parent { explicit RefNameDict (bool uniqueNames); }; RefNameDict::RefNameDict (bool uniqueNames) { } Address sanitizer prints: ==8820==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7fffcc257f58 at pc 0x1768edf bp 0x7fffcc257e60 sp 0x7fffcc257e58 WRITE of size 8 at 0x7fffcc257f58 thread T0 #0 ubsan_create_data(char const*, unsigned int, ubsan_mismatch_data const*, ...) + 2493 in section .text #1 ubsan_expand_null_ifn(gimple_stmt_iterator_d) + 2283 in section .text #2 execute_sanopt() + 838 in section .text #3 (anonymous namespace)::pass_sanopt::execute() + 8 in section .text ... Address 0x7fffcc257f58 is located in stack of thread T0 at offset 184 in frame #0 ubsan_create_data(char const*, unsigned int, ubsan_mismatch_data const*, ...) + 15 in section .text This frame has 5 object(s): [32, 40) 'saved_args' [96, 104) 'v' [160, 184) 'fields' <== Memory access at offset 184 overflows this variable [224, 248) 'args' [288, 320) 'tmp_name'