[Bug sanitizer/105155] -fsanitize=signed-integer-overflow failed to check an overflow
jakub at gcc dot gnu.org
gcc-bugzilla@gcc.gnu.org
Tue Apr 5 10:57:19 GMT 2022
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105155
--- Comment #3 from Jakub Jelinek <jakub at gcc dot gnu.org> ---
-fsanitize=signed-integer-overflow
currently instruments (unlike e.g. the shift or division instrumentation) only
what falls through unfolded from the early passes (generic folding,
gimplification and up to switching into ssa form), with some
!TYPE_OVERFLOW_SANITIZED checks in match.pd; the reason for that is that there
are simply way too many spots in the FE that produce the arithmetics and we
need to ensure that sanitization doesn't break constant expressions.
We don't even instrument
int bar (int a) { return __INT_MAX__ + 1; }
but do:
int baz (int a) { int x = __INT_MAX__; return x + 1; }
(but there is a warning in the bar case).
E.g. to instrument it even in bar, we'd need to change e.g. in the C FE:
/* Treat expressions in initializers specially as they can't trap. */
if (int_const_or_overflow)
ret = (require_constant_value
? fold_build2_initializer_loc (location, resultcode, build_type,
op0, op1)
: fold_build2_loc (location, resultcode, build_type, op0, op1));
else
ret = build2 (resultcode, build_type, op0, op1);
such that if for the int_const_or_overflow && !require_constant_value case
ret has TREE_OVERFLOW on it and signed-integer-overflow is enabled, we'd
do build2 instead.
More information about the Gcc-bugs
mailing list