[Bug sanitizer/115765] New: [13 Regression] signed integer overflow check missing

public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed

* [Bug sanitizer/115765] New: [13 Regression] signed integer overflow check missing
@ 2024-07-03  7:48 bic60176 at gmail dot com
  2024-07-03  8:05 ` [Bug sanitizer/115765] " jakub at gcc dot gnu.org
                   ` (2 more replies)
  0 siblings, 3 replies; 4+ messages in thread
From: bic60176 at gmail dot com @ 2024-07-03  7:48 UTC (permalink / raw)
  To: gcc-bugs

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=115765

            Bug ID: 115765
           Summary: [13 Regression] signed integer overflow check missing
           Product: gcc
           Version: 13.2.0
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: sanitizer
          Assignee: unassigned at gcc dot gnu.org
          Reporter: bic60176 at gmail dot com
                CC: dodji at gcc dot gnu.org, dvyukov at gcc dot gnu.org,
                    jakub at gcc dot gnu.org, kcc at gcc dot gnu.org
  Target Milestone: ---

Created attachment 58577
  --> https://gcc.gnu.org/bugzilla/attachment.cgi?id=58577&action=edit
testcase

OS: Ubuntu 22.04.3 LTS
We found a case that UBSAN failed to report signed integer overflow behavior
when compiling with gcc-13.2.0, gcc-12.3.0, gcc-11.4.0 at optimization levels
-O0.

$ ../compiler-builds/gcc-13.2.0_build/bin/gcc -fsanitize=undefined
-fsanitize=address -g -lgcc_s -I/home/csmith/include/csmith-2.3.0 -O0
testcase.c -o exec

$ timeout 1s ./exec 2>exec.err

$ cat exec.err

$ ../compiler-builds/gcc-14.1.0_build/bin/gcc -fsanitize=undefined
-fsanitize=address -g -lgcc_s -I/home/csmith/include/csmith-2.3.0 -O1
testcase.c -o exec

$ timeout 1s ./exec 2>exec.err

$ cat exec.err
testcase.c:6:24: runtime error: signed integer overflow: 65533 * 67286 cannot
be represented in type 'int'

^ permalink raw reply	[flat|nested] 4+ messages in thread

* [Bug sanitizer/115765] [13 Regression] signed integer overflow check missing
  2024-07-03  7:48 [Bug sanitizer/115765] New: [13 Regression] signed integer overflow check missing bic60176 at gmail dot com
@ 2024-07-03  8:05 ` jakub at gcc dot gnu.org
  2024-07-03  8:07 ` [Bug sanitizer/115765] [11/12/13 " rguenth at gcc dot gnu.org
  2024-07-19 13:26 ` [Bug sanitizer/115765] [12/13 " rguenth at gcc dot gnu.org
  2 siblings, 0 replies; 4+ messages in thread
From: jakub at gcc dot gnu.org @ 2024-07-03  8:05 UTC (permalink / raw)
  To: gcc-bugs

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=115765

--- Comment #1 from Jakub Jelinek <jakub at gcc dot gnu.org> ---
This is in dead code, something || 8 will always be 1 and when something
doesn't have side-effects, even -O0 performs some limited optimizations.

^ permalink raw reply	[flat|nested] 4+ messages in thread

* [Bug sanitizer/115765] [11/12/13 Regression] signed integer overflow check missing
  2024-07-03  7:48 [Bug sanitizer/115765] New: [13 Regression] signed integer overflow check missing bic60176 at gmail dot com
  2024-07-03  8:05 ` [Bug sanitizer/115765] " jakub at gcc dot gnu.org
@ 2024-07-03  8:07 ` rguenth at gcc dot gnu.org
  2024-07-19 13:26 ` [Bug sanitizer/115765] [12/13 " rguenth at gcc dot gnu.org
  2 siblings, 0 replies; 4+ messages in thread
From: rguenth at gcc dot gnu.org @ 2024-07-03  8:07 UTC (permalink / raw)
  To: gcc-bugs

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=115765

Richard Biener <rguenth at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
            Summary|[13 Regression] signed      |[11/12/13 Regression]
                   |integer overflow check      |signed integer overflow
                   |missing                     |check missing
   Target Milestone|---                         |11.5
   Last reconfirmed|                            |2024-07-03
      Known to fail|                            |13.3.0, 8.1.0, 9.5.0
      Known to work|                            |14.1.0, 15.0, 7.5.0
     Ever confirmed|0                           |1
             Status|UNCONFIRMED                 |NEW

--- Comment #2 from Richard Biener <rguenth at gcc dot gnu.org> ---
Confirmed, but it's fixed with GCC 14 for me and it worked last with GCC 7.

^ permalink raw reply	[flat|nested] 4+ messages in thread

* [Bug sanitizer/115765] [12/13 Regression] signed integer overflow check missing
  2024-07-03  7:48 [Bug sanitizer/115765] New: [13 Regression] signed integer overflow check missing bic60176 at gmail dot com
  2024-07-03  8:05 ` [Bug sanitizer/115765] " jakub at gcc dot gnu.org
  2024-07-03  8:07 ` [Bug sanitizer/115765] [11/12/13 " rguenth at gcc dot gnu.org
@ 2024-07-19 13:26 ` rguenth at gcc dot gnu.org
  2 siblings, 0 replies; 4+ messages in thread
From: rguenth at gcc dot gnu.org @ 2024-07-19 13:26 UTC (permalink / raw)
  To: gcc-bugs

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=115765

Richard Biener <rguenth at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
   Target Milestone|11.5                        |12.5

--- Comment #3 from Richard Biener <rguenth at gcc dot gnu.org> ---
GCC 11 branch is being closed.

^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2024-07-19 13:26 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2024-07-03  7:48 [Bug sanitizer/115765] New: [13 Regression] signed integer overflow check missing bic60176 at gmail dot com
2024-07-03  8:05 ` [Bug sanitizer/115765] " jakub at gcc dot gnu.org
2024-07-03  8:07 ` [Bug sanitizer/115765] [11/12/13 " rguenth at gcc dot gnu.org
2024-07-19 13:26 ` [Bug sanitizer/115765] [12/13 " rguenth at gcc dot gnu.org

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).