[Bug sanitizer/110676] New: builtin optimization prevents ASan from detecting OOB reads

[nrk at disroot dot org via Gcc-bugs]

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110676

            Bug ID: 110676
           Summary: builtin optimization prevents ASan from detecting OOB
                    reads
           Product: gcc
           Version: unknown
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: sanitizer
          Assignee: unassigned at gcc dot gnu.org
          Reporter: nrk at disroot dot org
                CC: dodji at gcc dot gnu.org, dvyukov at gcc dot gnu.org,
                    jakub at gcc dot gnu.org, kcc at gcc dot gnu.org, marxin at 
gcc dot gnu.org
  Target Milestone: ---

Minimal reproducible code-snippet:

#include <string.h>

int main(void)
{
        char s[1] = "A";
        return strlen(s);
}

Compile command: gcc -O0 -g3 -fsanitize=address,undefined
Expected behavior: ASan should catch the OOB access.
Reality: It gets optimized out and returns 0 always.
Note: adding `-fno-builtin` allows ASan to be effective.