public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug sanitizer/110814] New: Address Sanitizer misses 'global-buffer-overflow' for const arrays
@ 2023-07-26 12:08 egor_suvorov at mail dot ru
2023-07-27 7:13 ` [Bug sanitizer/110814] " rguenth at gcc dot gnu.org
0 siblings, 1 reply; 2+ messages in thread
From: egor_suvorov at mail dot ru @ 2023-07-26 12:08 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110814
Bug ID: 110814
Summary: Address Sanitizer misses 'global-buffer-overflow' for
const arrays
Product: gcc
Version: 13.1.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: sanitizer
Assignee: unassigned at gcc dot gnu.org
Reporter: egor_suvorov at mail dot ru
CC: dodji at gcc dot gnu.org, dvyukov at gcc dot gnu.org,
jakub at gcc dot gnu.org, kcc at gcc dot gnu.org, marxin at gcc dot gnu.org
Target Milestone: ---
Consider the following code (https://godbolt.org/z/ddz6q8xra):
const int a[1];
int b[1];
int main() {
int x = a[1]; // line 4
int y = b[1]; // line 5
}
Here GCC's ASan fails in the line 5 only, completely missing array overflow for
'a' in line 4:
==1==ERROR: AddressSanitizer: global-buffer-overflow on address 0x000000404124
at pc 0x0000004011ad bp 0x7fffbe0976e0 sp 0x7fffbe0976d8
READ of size 4 at 0x000000404124 thread T0
#0 0x4011ac in main /app/example.c:5
#1 0x7f01c82ad082 in __libc_start_main
(/lib/x86_64-linux-gnu/libc.so.6+0x24082) (BuildId:
1878e6b475720c7c51969e69ab2d276fae6d1dee)
#2 0x4010ad in _start (/app/output.s+0x4010ad) (BuildId:
8b89d3acf504057c132647f3c9558b7377ff8ce0)
0x000000404124 is located 0 bytes after global variable 'b' defined in
'/app/example.c:2:5' (0x404120) of size 4
SUMMARY: AddressSanitizer: global-buffer-overflow /app/example.c:5 in main
The only different between lines 4 and 5 is that 'a' is const. Clang's ASan
correctly catches the error in line 4.
^ permalink raw reply [flat|nested] 2+ messages in thread
* [Bug sanitizer/110814] Address Sanitizer misses 'global-buffer-overflow' for const arrays
2023-07-26 12:08 [Bug sanitizer/110814] New: Address Sanitizer misses 'global-buffer-overflow' for const arrays egor_suvorov at mail dot ru
@ 2023-07-27 7:13 ` rguenth at gcc dot gnu.org
0 siblings, 0 replies; 2+ messages in thread
From: rguenth at gcc dot gnu.org @ 2023-07-27 7:13 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110814
Richard Biener <rguenth at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Ever confirmed|0 |1
Last reconfirmed| |2023-07-27
Status|UNCONFIRMED |NEW
--- Comment #1 from Richard Biener <rguenth at gcc dot gnu.org> ---
Confirmed. We optimize a[1] to zero during gimplification so ASAN doesn't get
a chance to see it.
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2023-07-27 7:13 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-07-26 12:08 [Bug sanitizer/110814] New: Address Sanitizer misses 'global-buffer-overflow' for const arrays egor_suvorov at mail dot ru
2023-07-27 7:13 ` [Bug sanitizer/110814] " rguenth at gcc dot gnu.org
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).