public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug sanitizer/95430] New: [UBSAN] doesn't detect out of bounds in a simple case
@ 2020-05-30 2:44 haoxintu at gmail dot com
2020-06-01 7:25 ` [Bug c++/95430] GCC doesn't detect out of bounds runtime error " marxin at gcc dot gnu.org
2020-06-01 7:37 ` jakub at gcc dot gnu.org
0 siblings, 2 replies; 3+ messages in thread
From: haoxintu at gmail dot com @ 2020-05-30 2:44 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=95430
Bug ID: 95430
Summary: [UBSAN] doesn't detect out of bounds in a simple case
Product: gcc
Version: 11.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: sanitizer
Assignee: unassigned at gcc dot gnu.org
Reporter: haoxintu at gmail dot com
CC: dodji at gcc dot gnu.org, dvyukov at gcc dot gnu.org,
jakub at gcc dot gnu.org, kcc at gcc dot gnu.org, marxin at gcc dot gnu.org
Target Milestone: ---
This case test.cc
#include<iostream>
int main () {
int a[10];
int *p1 = a - 100; // UB
int *p2 = a + 100; // UB
std::cout << "ok" << std::endl;
return 0;
}
$g++ -fsanitize=undefined test.cc ; ./a.out
ok
While in Clang
$clang++ -fsanitize=undefined test.cc ; ./a.out
test.cc:5:17: runtime error: index -100 out of bounds for type 'int [10]'
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior test.cc:5:17 in
test.cc:6:17: runtime error: index 100 out of bounds for type 'int [10]'
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior test.cc:6:17 in
ok
My GCC version is
$g++ --version
g++ (GCC) 11.0.0 20200526 (experimental)
Copyright (C) 2020 Free Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
GCC doesn't trigger warning or runtime error in out of bounds in an array.
^ permalink raw reply [flat|nested] 3+ messages in thread
* [Bug c++/95430] GCC doesn't detect out of bounds runtime error in a simple case
2020-05-30 2:44 [Bug sanitizer/95430] New: [UBSAN] doesn't detect out of bounds in a simple case haoxintu at gmail dot com
@ 2020-06-01 7:25 ` marxin at gcc dot gnu.org
2020-06-01 7:37 ` jakub at gcc dot gnu.org
1 sibling, 0 replies; 3+ messages in thread
From: marxin at gcc dot gnu.org @ 2020-06-01 7:25 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=95430
Martin Liška <marxin at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |jsm28 at gcc dot gnu.org,
| |mpolacek at gcc dot gnu.org
Status|UNCONFIRMED |WAITING
Ever confirmed|0 |1
Last reconfirmed| |2020-06-01
--- Comment #1 from Martin Liška <marxin at gcc dot gnu.org> ---
You don't access the invalid pointers, so I guess it's not an invalid behavior.
^ permalink raw reply [flat|nested] 3+ messages in thread
* [Bug c++/95430] GCC doesn't detect out of bounds runtime error in a simple case
2020-05-30 2:44 [Bug sanitizer/95430] New: [UBSAN] doesn't detect out of bounds in a simple case haoxintu at gmail dot com
2020-06-01 7:25 ` [Bug c++/95430] GCC doesn't detect out of bounds runtime error " marxin at gcc dot gnu.org
@ 2020-06-01 7:37 ` jakub at gcc dot gnu.org
1 sibling, 0 replies; 3+ messages in thread
From: jakub at gcc dot gnu.org @ 2020-06-01 7:37 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=95430
--- Comment #2 from Jakub Jelinek <jakub at gcc dot gnu.org> ---
Already doing such address arithmetics is UB (though of course a + 10 is ok
above), but we don't have a warning for that and as I said in another PR, ubsan
could detect only the cases where the compiler can see at compile time the
exact object boundaries, and it would need to be soon before it is optimized
away (in the above testcase it isn't really used, in other cases it could be
changed into UB.
Perhaps we should just change ubsan_expand_ptr_ifn, if we don't know what the
base points at, use what we do right now (the cheap check), if we do and it
isn't something we should punt on (e.g. common symbols with
flag_unconstrained_commons, or maybe external decls (not sure if all or some
cases).
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2020-06-01 7:37 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-05-30 2:44 [Bug sanitizer/95430] New: [UBSAN] doesn't detect out of bounds in a simple case haoxintu at gmail dot com
2020-06-01 7:25 ` [Bug c++/95430] GCC doesn't detect out of bounds runtime error " marxin at gcc dot gnu.org
2020-06-01 7:37 ` jakub at gcc dot gnu.org
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).