Stack Overflow
Stack Overflow

Questions tagged [ubsan]

Undefined Behavior sanitizer (ubsan) is a fast undefined behavior detector for Clang and GCC. Various computations will be instrumented to detect undefined behavior at runtime.

Undefined Behavior sanitizer (ubsan) is a fast undefined behavior detector for C and C++ programs and enabled at compile time (but the checks are performed at runtime). It is available since Clang 3.2 and GCC 4.9.

See also:

65 questions
44
votes
3 answers

How can I break on UBSan reports in gdb and continue?

Recent versions of GCC and Clang feature Undefined Behavior Sanitizer (UBSan) which is a compile flag (-fsanitize=undefined) that adds runtime instrumentation code. On errors, a warning such as this one is shown: packet-ber.c:1917:23: runtime…
Lekensteyn
  • 64,486
  • 22
  • 159
  • 192
27
votes
2 answers

Using GCC Undefined Behavior Sanitizer

Today I have read an article about GCC Undefined Behavior Sanitizer (ubsan). However, when I follow steps there (add -fsanitize=undefined to my code), the compiler (GCC 4.9.2 on Ubuntu 15.04) says that some references are not defined: ||=== Build:…
Ilya
  • 728
  • 2
  • 8
  • 22
18
votes
2 answers

Where is the data race in this simple c++ code

Both clang++ and g++ sanitizers produce similar warning about data race for this simple code. Is it a false alarm? What is the problem? Code: #include struct A { void operator()() { } }; struct B { void operator()() { …
Özgür Murat Sağdıçoğlu
  • 3,173
  • 1
  • 14
  • 26
16
votes
3 answers

Why does enabling undefined behaviour sanitization interfere with optimizations?

Consider the following code: #include constexpr std::string_view f() { return "hello"; } static constexpr std::string_view g() { auto x = f(); return x.substr(1, 3); } int foo() { return g().length(); } If I compile it with…
einpoklum
  • 118,144
  • 57
  • 340
  • 684
14
votes
3 answers

Clang 8 with MinGW-w64: How do I use address- & UB sanitizers?

Clang 8 release notes have this promising line: Allow using Address Sanitizer and Undefined Behaviour Sanitizer on MinGW. However, I unable to figure out how to use those properly. I'm using Clang 8.0.0 with MSYS2 MinGW GCC. Exact details are at…
HolyBlackCat
  • 78,603
  • 9
  • 131
  • 207
13
votes
1 answer

Segmentation fault on gcc caused by lambda wrapper over variadic template function call

I've spent quite a few hours today trying to understand why this code segfaults on g++6.2 and g++7.0, while happily working as intended on clang++3.9 (and 4.0). I reduced the issue to a 85 lines self-contained code snippet, which does not segfault…
Vittorio Romeo
  • 90,666
  • 33
  • 258
  • 416
12
votes
2 answers

C++ UBSAN produces false positives with derived objects

I wanted to use UBSAN (undefined behavior sanitizer) but found it completely worthless as it reports to many false positives. E.g. a simple std::make_shared(42); is enough to trigger warnings like member access within address 0x00000236de70…
Flamefire
  • 5,313
  • 3
  • 35
  • 70
12
votes
2 answers

Why does -fsanitize=undefined cause "undefined reference to typeinfo"?

The following test-case, reduced from a real-world application, fails to link with -fsanitize=undefined (using GCC 6.1.1) but links fine without it. Can anyone tell me why? It seems to have something to do with the combination of Qt/QObject,…
John Lindgren
  • 777
  • 5
  • 14
10
votes
1 answer

Clang's UBSan & Function Pointer: Is this illegal?

I'm trying to call some C++ functions through a function pointer table which is exported as a C symbol from a shared object. The code is actually working but Clang's undefined behavior sanitizer (= UBSan) sees the call I made is illegal as…
Doofah
  • 384
  • 3
  • 12
9
votes
2 answers

Load of misaligned address and UBsan finding

This question is not about the definition of unaligned data accesses, but why memcpy silences the UBsan findings whereas type casting does not, despite generating the same assembly code. I have some example code to parse a protocol that sends a byte…
Charles
  • 953
  • 1
  • 8
  • 19
9
votes
1 answer

Runtime error: load of value 127, which is not a valid value for type 'bool'

I'm using g++ 4.9.2 on Debian 8, x86_64. I'm catching a Undefined Behavior sanitizer (UBsan) (-fsanitize=undefined) error: algebra.cpp:206:8: runtime error: load of value 127, which is not a valid value for type 'bool' The code is from the…
jww
  • 97,681
  • 90
  • 411
  • 885
8
votes
2 answers

Trigger a test failure when UBSAN (-fsanitize=undefined) finds undefined behaviour

I have a small unit test here which has undefined behaviour. Source code: #include TEST(test, test) { int k = 0x7fffffff; k += 1; // cause integer overflow } GTEST_API_ int main(int argc, char** argv) { …
Steve Lorimer
  • 27,059
  • 17
  • 118
  • 213
8
votes
1 answer

Call to function (unknown) through pointer to incorrect function type

I have a program that dynamically links against a library. The program passes a function pointer to that library, to execute. But the ubsan (Undefined Behavior Sanitizer) specified that the pointer is on an incorrect function type. And that occurs…
Galixe
  • 81
  • 3
8
votes
3 answers

How can I determine if UBSAN has been compiled in using clang or gcc?

We use the following code to determine if -fsanitize=address has been specified at compile time for clang and gcc. How do we determine if -fsanitize=undefined has been specified? bool isSanitized = false; #if defined(__has_feature) #if…
Jonathan Abrahams
  • 269
  • 1
  • 9
7
votes
2 answers

How to suppress some unsigned-integer-overflow errors from UBsan?

Most of my -fsanitize=unsigned-integer-overflow errors are bugs, but sometimes I explicitly use it as intended, which results in UBSan producing false positives. Is there a way to turn UBSan unsigned-integer-overflow check off for a particular…
gnzlbg
  • 7,135
  • 5
  • 53
  • 106
1
2 3 4 5