public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug sanitizer/111063] New: [UBSAN] Implement "-inf is outside the range of representable values of type 'unsigned long'" to be on par with Clang
@ 2023-08-18 10:58 burnus at gcc dot gnu.org
2023-08-20 7:13 ` [Bug sanitizer/111063] " pinskia at gcc dot gnu.org
` (3 more replies)
0 siblings, 4 replies; 5+ messages in thread
From: burnus at gcc dot gnu.org @ 2023-08-18 10:58 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=111063
Bug ID: 111063
Summary: [UBSAN] Implement "-inf is outside the range of
representable values of type 'unsigned long'" to be on
par with Clang
Product: gcc
Version: 14.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: sanitizer
Assignee: unassigned at gcc dot gnu.org
Reporter: burnus at gcc dot gnu.org
CC: dodji at gcc dot gnu.org, dvyukov at gcc dot gnu.org,
jakub at gcc dot gnu.org, kcc at gcc dot gnu.org, marxin at gcc dot gnu.org
Target Milestone: ---
Jonathan Wakely wrote in bug 110860 comment 10:
-----------<cut>-------------------------
GCC's ubsan doesn't seem to diagnose this rule:
"A prvalue of a floating-point type can be converted to a prvalue of an integer
type. The conversion truncates; that is, the fractional part is discarded. The
behavior is undefined if the truncated value cannot be represented in the
destination type."
There's no ubsan diagnostic for:
unsigned long i = -HUGE_VAL;
So it doesn't complain about adding log10(0) to a size_t.
-----------<cut>-------------------------
That diagnostic exists in Clang as reported by
Paul Dreik in bug 110860 comment 8:
-----------<cut>-------------------------
When 0 is passed, log10 returns -inf, which can not be converted to an integer.
I had a bit of problem to reproduce this with gcc, but it worked with clang.
The following program:
#include <cstdio>
#include <format>
#include <string_view>
int main(int argc, char* argv[]) {
[[maybe_unused]] auto x = std::format("{:.292f}", 0.f);
}
causes the following output when compiled with clang-16 using
-fsanitize=undefined -fno-sanitize-recover=all -g -O0:
/opt/compiler-explorer/gcc-snapshot/lib/gcc/x86_64-linux-gnu/14.0.0/../../../../include/c++/14.0.0/format:1496:15:
runtime error: -inf is outside the range of representable values of type
'unsigned long'
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior
/opt/compiler-explorer/gcc-snapshot/lib/gcc/x86_64-linux-gnu/14.0.0/../../../../include/c++/14.0.0/format:1496:15
in
Link to reproducer (expected to go stale quick, had to use clang trunk to get a
sufficiently new libstdc++): https://godbolt.org/z/8aGf7YGWs
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug sanitizer/111063] [UBSAN] Implement "-inf is outside the range of representable values of type 'unsigned long'" to be on par with Clang
2023-08-18 10:58 [Bug sanitizer/111063] New: [UBSAN] Implement "-inf is outside the range of representable values of type 'unsigned long'" to be on par with Clang burnus at gcc dot gnu.org
@ 2023-08-20 7:13 ` pinskia at gcc dot gnu.org
2023-08-20 7:14 ` pinskia at gcc dot gnu.org
` (2 subsequent siblings)
3 siblings, 0 replies; 5+ messages in thread
From: pinskia at gcc dot gnu.org @ 2023-08-20 7:13 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=111063
Andrew Pinski <pinskia at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|UNCONFIRMED |RESOLVED
Resolution|--- |INVALID
--- Comment #1 from Andrew Pinski <pinskia at gcc dot gnu.org> ---
-fsanitize=float-cast-overflow is there, just not turned on by
-fsanitize=undefined .
https://gcc.gnu.org/onlinedocs/gcc-13.2.0/gcc/Instrumentation-Options.html#index-fsanitize_003dfloat-cast-overflow
The reasoning on why it is NOT part of -fsanitize=undefined for GCC is located
in this email:
https://gcc.gnu.org/pipermail/gcc-patches/2014-May/388356.html
Specificially this:
```
As with divide-by-zero, this should not be part of -fsanitize=undefined
because under Annex F this is not undefined behavior (instead it raises
"invalid" and returns an unspecified value, C11 F.4).
```
That is it is not exactly undefined behavior ...
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug sanitizer/111063] [UBSAN] Implement "-inf is outside the range of representable values of type 'unsigned long'" to be on par with Clang
2023-08-18 10:58 [Bug sanitizer/111063] New: [UBSAN] Implement "-inf is outside the range of representable values of type 'unsigned long'" to be on par with Clang burnus at gcc dot gnu.org
2023-08-20 7:13 ` [Bug sanitizer/111063] " pinskia at gcc dot gnu.org
@ 2023-08-20 7:14 ` pinskia at gcc dot gnu.org
2023-08-22 12:12 ` redi at gcc dot gnu.org
2023-08-22 12:33 ` jakub at gcc dot gnu.org
3 siblings, 0 replies; 5+ messages in thread
From: pinskia at gcc dot gnu.org @ 2023-08-20 7:14 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=111063
--- Comment #2 from Andrew Pinski <pinskia at gcc dot gnu.org> ---
Also I tested GCC 13.2.0 with -fsanitize=float-cast-overflow and GCC does
produce an error message at runtime for the original testcase too.
/opt/compiler-explorer/gcc-13.2.0/include/c++/13.2.0/format:1489:38: runtime
error: -inf is outside the range of representable values of type 'int'
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug sanitizer/111063] [UBSAN] Implement "-inf is outside the range of representable values of type 'unsigned long'" to be on par with Clang
2023-08-18 10:58 [Bug sanitizer/111063] New: [UBSAN] Implement "-inf is outside the range of representable values of type 'unsigned long'" to be on par with Clang burnus at gcc dot gnu.org
2023-08-20 7:13 ` [Bug sanitizer/111063] " pinskia at gcc dot gnu.org
2023-08-20 7:14 ` pinskia at gcc dot gnu.org
@ 2023-08-22 12:12 ` redi at gcc dot gnu.org
2023-08-22 12:33 ` jakub at gcc dot gnu.org
3 siblings, 0 replies; 5+ messages in thread
From: redi at gcc dot gnu.org @ 2023-08-22 12:12 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=111063
Jonathan Wakely <redi at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |NEW
Resolution|INVALID |---
Last reconfirmed| |2023-08-22
Ever confirmed|0 |1
--- Comment #3 from Jonathan Wakely <redi at gcc dot gnu.org> ---
For C++ it's undefined behaviour. Annex F of the C standard doesn't apply to
C++.
Either the sanitizer should be enabled for C++, or the docs should say that G++
applies the rules of Annex F to floating-point types even where the standard
says it's UB.
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug sanitizer/111063] [UBSAN] Implement "-inf is outside the range of representable values of type 'unsigned long'" to be on par with Clang
2023-08-18 10:58 [Bug sanitizer/111063] New: [UBSAN] Implement "-inf is outside the range of representable values of type 'unsigned long'" to be on par with Clang burnus at gcc dot gnu.org
` (2 preceding siblings ...)
2023-08-22 12:12 ` redi at gcc dot gnu.org
@ 2023-08-22 12:33 ` jakub at gcc dot gnu.org
3 siblings, 0 replies; 5+ messages in thread
From: jakub at gcc dot gnu.org @ 2023-08-22 12:33 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=111063
--- Comment #4 from Jakub Jelinek <jakub at gcc dot gnu.org> ---
Yet, even for C++ both the compiler middle-end and users assume they can do say
0.0 / 0.0 and get a NaN, not UB etc. Even for the conversions, the generated
code or library functions just set the resulting integer to minimum or maximum
value of the type depending on what is closer to the value.
So, I think it is good that -fsanitize=undefined doesn't include
-fsanitize=float-divide-by-zero,float-cast-overflow.
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2023-08-22 12:33 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-08-18 10:58 [Bug sanitizer/111063] New: [UBSAN] Implement "-inf is outside the range of representable values of type 'unsigned long'" to be on par with Clang burnus at gcc dot gnu.org
2023-08-20 7:13 ` [Bug sanitizer/111063] " pinskia at gcc dot gnu.org
2023-08-20 7:14 ` pinskia at gcc dot gnu.org
2023-08-22 12:12 ` redi at gcc dot gnu.org
2023-08-22 12:33 ` jakub at gcc dot gnu.org
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).