[Bug c/78891] Array out of bound access generates wrong code in O2 or higher optimizations
marxin at gcc dot gnu.org
gcc-bugzilla@gcc.gnu.org
Wed Dec 21 19:07:00 GMT 2016
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=78891
Martin Liška <marxin at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |marxin at gcc dot gnu.org
--- Comment #2 from Martin Liška <marxin at gcc dot gnu.org> ---
Let's consider following runnable test-case:
$ cat pr78891.c
void readArray(unsigned char *p);
int main(void)
{
unsigned char array[16];
unsigned short index;
readArray(array);
for(index = 0;((*(array+index) == 0x0) && (index < 16)); ++index);
return (index < 16) ? 1 : 0;
}
$ cat pr78891-2.c
void readArray(unsigned char *ptr)
{
__builtin_bzero (ptr, 16);
}
$ gcc pr78891.c pr78891-2.c -O2 && valgrind ./a.out
==28173== Memcheck, a memory error detector
==28173== Copyright (C) 2002-2015, and GNU GPL'd, by Julian Seward et al.
==28173== Using Valgrind-3.11.0 and LibVEX; rerun with -h for copyright info
==28173== Command: ./a.out
==28173==
==28173== Conditional jump or move depends on uninitialised value(s)
==28173== at 0x4003E7: main (in /home/marxin/Programming/testcases/a.out)
$ gcc pr78891.c pr78891-2.c -O2 -fsanitize=undefined && ./a.out
pr78891.c:10:19: runtime error: load of address 0x7fff856791b0 with
insufficient space for an object of type 'unsigned char'
0x7fff856791b0: note: pointer points here
00 00 00 00 00 00 00 00 00 00 00 00 b0 06 40 00 00 00 00 00 a0 05 40 00 00
00 00 00 91 c2 ea 1a
^
Both undefined behavior sanitizer and valgrind can detect the undefined
behavior. Thus I'm closing as invalid.
More information about the Gcc-bugs
mailing list