From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: by sourceware.org (Postfix, from userid 48) id 701A53858D35; Sat, 15 Jul 2023 18:28:05 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 701A53858D35 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gcc.gnu.org; s=default; t=1689445685; bh=X2cYdGs08GDQvCmk36NjCdvW6P4WCx25vaGE7kYKoHg=; h=From:To:Subject:Date:From; b=ZyaWfjh0j020A5zpvc4KXJ9TOV6njiMV5yEu8BDP7TbNjG63m5NqXwOmY9xmCFDGd F02j2/j1zM9ThkHhAf5lV1RVaT0U8G3T5VpMkYpzQdK+BNHgocKxuDoVjC08/dEuo1 /IatpWtwVLlZGvUjURHWBcaeikJnGxFm3+mkuhSI= From: "nrk at disroot dot org" To: gcc-bugs@gcc.gnu.org Subject: [Bug sanitizer/110676] New: builtin optimization prevents ASan from detecting OOB reads Date: Sat, 15 Jul 2023 18:28:05 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: gcc X-Bugzilla-Component: sanitizer X-Bugzilla-Version: unknown X-Bugzilla-Keywords: X-Bugzilla-Severity: normal X-Bugzilla-Who: nrk at disroot dot org X-Bugzilla-Status: UNCONFIRMED X-Bugzilla-Resolution: X-Bugzilla-Priority: P3 X-Bugzilla-Assigned-To: unassigned at gcc dot gnu.org X-Bugzilla-Target-Milestone: --- X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: bug_id short_desc product version bug_status bug_severity priority component assigned_to reporter cc target_milestone Message-ID: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: http://gcc.gnu.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 List-Id: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=3D110676 Bug ID: 110676 Summary: builtin optimization prevents ASan from detecting OOB reads Product: gcc Version: unknown Status: UNCONFIRMED Severity: normal Priority: P3 Component: sanitizer Assignee: unassigned at gcc dot gnu.org Reporter: nrk at disroot dot org CC: dodji at gcc dot gnu.org, dvyukov at gcc dot gnu.org, jakub at gcc dot gnu.org, kcc at gcc dot gnu.org, marxi= n at gcc dot gnu.org Target Milestone: --- Minimal reproducible code-snippet: #include int main(void) { char s[1] =3D "A"; return strlen(s); } Compile command: gcc -O0 -g3 -fsanitize=3Daddress,undefined Expected behavior: ASan should catch the OOB access. Reality: It gets optimized out and returns 0 always. Note: adding `-fno-builtin` allows ASan to be effective.=