This is the mail archive of the gcc-bugs@gcc.gnu.org mailing list for the GCC project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

[Bug sanitizer/81604] New: Ubsan type reporting can be bogus in some cases


https://gcc.gnu.org/bugzilla/show_bug.cgi?id=81604

            Bug ID: 81604
           Summary: Ubsan type reporting can be bogus in some cases
           Product: gcc
           Version: 8.0
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: sanitizer
          Assignee: unassigned at gcc dot gnu.org
          Reporter: jakub at gcc dot gnu.org
                CC: dodji at gcc dot gnu.org, dvyukov at gcc dot gnu.org,
                    jakub at gcc dot gnu.org, kcc at gcc dot gnu.org, marxin at gcc dot gnu.org
  Target Milestone: ---

long a[10];

__attribute__((noinline, noclone)) long *
foo (int i)
{
  return &a[i];
}

__attribute__((noinline, noclone)) long
bar (long x, long y)
{
  return x * y;
}

int
main ()
{
  volatile int i = -1;
  volatile long l = __LONG_MAX__;
  long *volatile p;
  p = foo (i);
  l = bar (l, l);
  return 0;
}

with -fsanitize=undefined prints:
test.c:6:12: runtime error: index -1 out of bounds for type 'long int [10]'
test.c:12:12: runtime error: signed integer overflow: 9223372036854775807 *
9223372036854775807 cannot be represented in type 'long int [10]'

Note the incorrect 'long int [10]' on the second line, the computation is
obviously done in long int type instead.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]