From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gcc-bugzilla@gcc.gnu.org>
Received: by sourceware.org (Postfix, from userid 48)
	id 90A04385734A; Wed, 26 Oct 2022 10:43:21 +0000 (GMT)
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 90A04385734A
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gcc.gnu.org;
	s=default; t=1666781013;
	bh=Ojp7mj82kaWsRlpKOoj/ZlLUwRNw21gh0wPLMtqjRWw=;
	h=From:To:Subject:Date:In-Reply-To:References:From;
	b=ZqXfW9mAdkFiY9SI1wB5Edh25imxuEX+E6mpkltegoqVeema1Vdy4c4+Z8gZ1PKQX
	 vkV153mhjVyN8tRrTxDXkFLJuRNahbmHNfsZYRC0l0TU3Qe9sKWIA9CMpA7oebj1WZ
	 iDEGQFj0XxwS3gYjP2g9HMO9Flyr3YZYRrR8jKso=
From: "marxin at gcc dot gnu.org" <gcc-bugzilla@gcc.gnu.org>
To: gcc-bugs@gcc.gnu.org
Subject: [Bug sanitizer/107410] ASan failed to detect a  heap-buffer-overflow
Date: Wed, 26 Oct 2022 10:43:19 +0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: gcc
X-Bugzilla-Component: sanitizer
X-Bugzilla-Version: 13.0
X-Bugzilla-Keywords: 
X-Bugzilla-Severity: normal
X-Bugzilla-Who: marxin at gcc dot gnu.org
X-Bugzilla-Status: RESOLVED
X-Bugzilla-Resolution: INVALID
X-Bugzilla-Priority: P3
X-Bugzilla-Assigned-To: unassigned at gcc dot gnu.org
X-Bugzilla-Target-Milestone: ---
X-Bugzilla-Flags: 
X-Bugzilla-Changed-Fields: resolution bug_status
Message-ID: <bug-107410-4-TdhsJz8f8m@http.gcc.gnu.org/bugzilla/>
In-Reply-To: <bug-107410-4@http.gcc.gnu.org/bugzilla/>
References: <bug-107410-4@http.gcc.gnu.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: http://gcc.gnu.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
List-Id: <gcc-bugs.sourceware.org>

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=3D107410

Martin Li=C5=A1ka <marxin at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
         Resolution|---                         |INVALID
             Status|UNCONFIRMED                 |RESOLVED

--- Comment #2 from Martin Li=C5=A1ka <marxin at gcc dot gnu.org> ---
Well, the test-case is very fragile and we tend to optimize out another UBS=
AN
stuff (c[i] =3D 2;).=20

Please provide a test-case that addresses the buffer-overflow due does not
contain an UBSAN:

$ gcc-12 broken.c -fsanitize=3Dundefined -w && ./a.out
broken.c:15:6: runtime error: index 19 out of bounds for type 'char [2]'
broken.c:15:10: runtime error: store to address 0x7fffffffd5bd with
insufficient space for an object of type 'char'
0x7fffffffd5bd: note: pointer points here
 d5 ff ff ff 7f 00 00  00 20 01 00 00 00 00 00  e8 d6 ff ff ff 7f 00 00  01=
 00
00 00 00 00 00 00  b0
             ^=20
broken.c:17:8: runtime error: index 19 out of bounds for type 'char [2]'
broken.c:17:8: runtime error: load of address 0x7fffffffd5bd with insuffici=
ent
space for an object of type 'char'
0x7fffffffd5bd: note: pointer points here
 d5 ff ff ff 02 00 00  00 20 01 00 00 00 00 00  e8 d6 ff ff ff 7f 00 00  01=
 00
00 00 00 00 00 00  b0
             ^=