[TySan] False positives accessing base class member variables #125079

gbMattN · 2025-01-30T15:59:39Z

class Base{
public:
    void* first;
    void* second;
};

class Derrived : public Base{};

Derrived derr;

int main(){
    derr.second = nullptr;
    return 0;
}

Results in the following false positive

==191047==ERROR: TypeSanitizer: type-aliasing-violation on address 0x64fe5b465d00 (pc 0x64fe5ab0df8f bp 0x7ffc691b0050 sp 0x7ffc691af7f8 tid 191047)
WRITE of size 8 at 0x64fe5b465d00 with type p1 void (in Base at offset 8) accesses part of an existing object of type Derrived that starts at offset -8
    #0 0x64fe5ab0df8e in main inherited_member.cpp:12:17

The text was updated successfully, but these errors were encountered:

gbMattN · 2025-01-30T16:47:12Z

Checking what we go into isAliasingLegal with, the TD we are accessing with is p1 void (in Base at offset 8). We were 8 bytes into the type in shadow memory, which is Derrived. The first member TD of Derrived is Base. So it looks like the values we have are correct, the checks just aren't catching this for some reason.

gbMattN self-assigned this Jan 30, 2025

llvmbot added the new issue label Jan 30, 2025

gbMattN added compiler-rt compiler-rt:tysan Type sanitizer false-positive Warning fires when it should not and removed new issue labels Jan 30, 2025

EugeneZelenko removed the compiler-rt label Jan 30, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[TySan] False positives accessing base class member variables #125079

[TySan] False positives accessing base class member variables #125079

gbMattN commented Jan 30, 2025

gbMattN commented Jan 30, 2025

[TySan] False positives accessing base class member variables #125079

[TySan] False positives accessing base class member variables #125079

Comments

gbMattN commented Jan 30, 2025

gbMattN commented Jan 30, 2025