This is the mail archive of the
gcc-bugs@gcc.gnu.org
mailing list for the GCC project.
[Bug sanitizer/63697] New: -fsanitize=undefined doesn't detect some subtraction overflows
- From: "jakub at gcc dot gnu.org" <gcc-bugzilla at gcc dot gnu dot org>
- To: gcc-bugs at gcc dot gnu dot org
- Date: Fri, 31 Oct 2014 09:04:27 +0000
- Subject: [Bug sanitizer/63697] New: -fsanitize=undefined doesn't detect some subtraction overflows
- Auto-submitted: auto-generated
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=63697
Bug ID: 63697
Summary: -fsanitize=undefined doesn't detect some subtraction
overflows
Product: gcc
Version: 4.9.2
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: sanitizer
Assignee: jakub at gcc dot gnu.org
Reporter: jakub at gcc dot gnu.org
CC: dodji at gcc dot gnu.org, dvyukov at gcc dot gnu.org,
jakub at gcc dot gnu.org, kcc at gcc dot gnu.org
__attribute__((noinline, noclone)) int
foo1 (int x, int y)
{
return x - y;
}
__attribute__((noinline, noclone)) int
foo2 (int x, int y)
{
unsigned int xa = (unsigned int) x - (__INT_MAX__ - 3);
xa &= 3;
x = __INT_MAX__ - 3 + xa;
unsigned int ya = y + 1U;
ya &= 1;
y = ya - 1;
return x - y;
}
int
main ()
{
int xm1, y;
for (xm1 = __INT_MAX__ - 4; xm1 < __INT_MAX__; xm1++)
for (y = -1; y <= 0; y++)
if (foo1 (xm1 + 1, y) != (int) (xm1 + 1U - y)
|| foo2 (xm1 + 1, y) != (int) (xm1 + 1U - y))
__builtin_abort ();
return 0;
}
detects, due to bug in VRP, at -O2 -fsanitize=undefined just the overflow in
foo1, but not the one in foo2.