Opened 6 years ago
Last modified 5 years ago
#12913 assigned Bugs
Undefined behaviour in serialization library
| Reported by: | John Maddock | Owned by: | Robert Ramey |
|---|---|---|---|
| Milestone: | To Be Determined | Component: | serialization |
| Version: | Boost Development Trunk | Severity: | Problem |
| Keywords: | Cc: |
Description
Hi Robert,
while testing multiprecision with clang's sanitizers I found some undefined behaviour in the serialization lib. The issue can be seen by running serialization's own tests with undefined-behaviour sanitizer turned on - in fact nearly all the tests fail, but most of the failures look like issues with the tests rather than the library. However building test_binary_xml_archive with clang++ -fsanitize=address -fsanitize=undefined -fno-sanitize-recover=undefined results in:
../../../boost/archive/detail/interface_oarchive.hpp:47:16: runtime error: downcast of address 0x7ffd0a934990 which does not point to an object of type 'boost::archive::xml_oarchive'
0x7ffd0a934990: note: object is of type 'boost::archive::xml_oarchive_impl<boost::archive::xml_oarchive>'
fd 7f 00 00 78 ae d3 9c d6 7f 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
^~~~~~~~~~~~~~~~~~~~~~~
vptr for 'boost::archive::xml_oarchive_impl<boost::archive::xml_oarchive>'
SUMMARY: AddressSanitizer: undefined-behavior ../../../boost/archive/detail/interface_oarchive.hpp:47:16 in
Which looks like a genuine issue to me.
Note:
See TracTickets
for help on using tickets.
"most of the failures look like issues with the tests" and examples as well.
Unfortunately, when making the tests and examples, I totally ignored the issue of object lifetime. Actually it should be addressed in the documentation itself since de-serialization of a pointer creates a new object which may be without an owner. It's odd that no one has complained about this. I sometimes wonder if this causes problems for some people. In any case, it prevents me from running the "sanitizers" which I would have liked to be able to do. Making alterations to support this would take a very large amount of time which is hard to justify for the serialization library these days. I'm wondering when it will be replaced.
This particular error is kind of interesting. According to the message, the complaint is in trying to downcast an object of type xml_oarchive_impl<xml_oarchive> to an object of type xml_oarchive. But I'm quite sure that xml_oarchive has xml_oarchive_impl<xml_oarchive> as a base class. So I can't really understand the message and I'm not really sure what to do about it - if anything.
Thanks for pointing this out - I'll leave this open in case I stumble upon something which sheds light on it.