public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug sanitizer/115156] New: [14 Regression] passing zero to __builtin_clzl() check missing
@ 2024-05-19 8:47 bic60176 at gmail dot com
2024-05-19 9:47 ` [Bug sanitizer/115156] " pinskia at gcc dot gnu.org
` (2 more replies)
0 siblings, 3 replies; 4+ messages in thread
From: bic60176 at gmail dot com @ 2024-05-19 8:47 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=115156
Bug ID: 115156
Summary: [14 Regression] passing zero to __builtin_clzl() check
missing
Product: gcc
Version: 14.1.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: sanitizer
Assignee: unassigned at gcc dot gnu.org
Reporter: bic60176 at gmail dot com
CC: dodji at gcc dot gnu.org, dvyukov at gcc dot gnu.org,
jakub at gcc dot gnu.org, kcc at gcc dot gnu.org
Target Milestone: ---
OS: Ubuntu 22.04.3 LTS
UBSAN missed checking if zero is passed to __builtin_clzl() when compiling with
gcc-14.1.0.
testcase:
```
#include<stdint.h>
void main() {
int32_t b = 0;
(__builtin_clzl(b), 3) && b;
// __builtin_clzl(b); /* gcc-14 can detect this one */
}
```
$ ../compiler-builds/gcc-14.1.0_build/bin/gcc -fsanitize=undefined -g -lgcc_s
testcase.c -o exec
$ ./exec 2>exec.err
$ cat exec.err
$ ../compiler-builds/gcc-13.2.0_build/bin/gcc -fsanitize=undefined -g -lgcc_s
testcase.c -o exec
$ ./exec 2>exec.err
$ cat exec.err
testcase.c:5:4: runtime error: passing zero to clz(), which is not a valid
argument
^ permalink raw reply [flat|nested] 4+ messages in thread
* [Bug sanitizer/115156] [14 Regression] passing zero to __builtin_clzl() check missing
2024-05-19 8:47 [Bug sanitizer/115156] New: [14 Regression] passing zero to __builtin_clzl() check missing bic60176 at gmail dot com
@ 2024-05-19 9:47 ` pinskia at gcc dot gnu.org
2024-05-19 9:47 ` [Bug sanitizer/115156] [14/15 " pinskia at gcc dot gnu.org
2024-05-19 15:14 ` jakub at gcc dot gnu.org
2 siblings, 0 replies; 4+ messages in thread
From: pinskia at gcc dot gnu.org @ 2024-05-19 9:47 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=115156
--- Comment #1 from Andrew Pinski <pinskia at gcc dot gnu.org> ---
I am not 100% sure this if this case matters as the return value of
__builtin_clzl is very much unused.
^ permalink raw reply [flat|nested] 4+ messages in thread
* [Bug sanitizer/115156] [14/15 Regression] passing zero to __builtin_clzl() check missing
2024-05-19 8:47 [Bug sanitizer/115156] New: [14 Regression] passing zero to __builtin_clzl() check missing bic60176 at gmail dot com
2024-05-19 9:47 ` [Bug sanitizer/115156] " pinskia at gcc dot gnu.org
@ 2024-05-19 9:47 ` pinskia at gcc dot gnu.org
2024-05-19 15:14 ` jakub at gcc dot gnu.org
2 siblings, 0 replies; 4+ messages in thread
From: pinskia at gcc dot gnu.org @ 2024-05-19 9:47 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=115156
Andrew Pinski <pinskia at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Target Milestone|--- |14.2
Summary|[14 Regression] passing |[14/15 Regression] passing
|zero to __builtin_clzl() |zero to __builtin_clzl()
|check missing |check missing
^ permalink raw reply [flat|nested] 4+ messages in thread
* [Bug sanitizer/115156] [14/15 Regression] passing zero to __builtin_clzl() check missing
2024-05-19 8:47 [Bug sanitizer/115156] New: [14 Regression] passing zero to __builtin_clzl() check missing bic60176 at gmail dot com
2024-05-19 9:47 ` [Bug sanitizer/115156] " pinskia at gcc dot gnu.org
2024-05-19 9:47 ` [Bug sanitizer/115156] [14/15 " pinskia at gcc dot gnu.org
@ 2024-05-19 15:14 ` jakub at gcc dot gnu.org
2 siblings, 0 replies; 4+ messages in thread
From: jakub at gcc dot gnu.org @ 2024-05-19 15:14 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=115156
Jakub Jelinek <jakub at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |rguenth at gcc dot gnu.org
--- Comment #2 from Jakub Jelinek <jakub at gcc dot gnu.org> ---
Started with r14-1880-g827e208fa64771f15fc8e53970a2297e637277b5
Note, the functions in question are const, so they can be dead code eliminated
at any time, and the UBSAN instrumentation in this case is done only in the
ubsan pass, so if it gets folded away before that it won't be instrumented.
At -O1 or higher it would be a clear non-bug, with optimizations sanitizers
often diagnose only UB in code that isn't dead, in this case a question is why
we are folding this at -O0.
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2024-05-19 15:14 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2024-05-19 8:47 [Bug sanitizer/115156] New: [14 Regression] passing zero to __builtin_clzl() check missing bic60176 at gmail dot com
2024-05-19 9:47 ` [Bug sanitizer/115156] " pinskia at gcc dot gnu.org
2024-05-19 9:47 ` [Bug sanitizer/115156] [14/15 " pinskia at gcc dot gnu.org
2024-05-19 15:14 ` jakub at gcc dot gnu.org
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).