https://gcc.gnu.org/bugzilla/show_bug.cgi?id=115793
Bug ID: 115793
Summary: signed integer overflow check missing at optimization
levels -O2, -O3, and -Os
Product: gcc
Version: 14.1.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: sanitizer
Assignee: unassigned at gcc dot gnu.org
Reporter: bic60176 at gmail dot com
CC: dodji at gcc dot gnu.org, dvyukov at gcc dot gnu.org,
jakub at gcc dot gnu.org, kcc at gcc dot gnu.org
Target Milestone: ---
Created attachment 58593
--> https://gcc.gnu.org/bugzilla/attachment.cgi?id=58593&action=edit
testcase
OS: Ubuntu 22.04.3 LTS
We found a case that UBSAN not reporting signed integer overflow when compiling
with gcc-14.1.0 at optimization levels -O2, -O3, and -Os.
$ ../compiler-builds/gcc-14.1.0_build/bin/gcc -fsanitize=undefined
-fsanitize=address -g -lgcc_s -I/home/csmith/include/csmith-2.3.0 -O0
testcase.c -o exec
$ timeout 1s ./exec 2>exec.err
0
testcase.c:8:54: runtime error: signed integer overflow: 56506 * 42049 cannot
be represented in type 'int'
$ ../compiler-builds/gcc-14.1.0_build/bin/gcc -fsanitize=undefined
-fsanitize=address -g -lgcc_s -I/home/csmith/include/csmith-2.3.0 -O2
testcase.c -o exec
$ timeout 1s ./exec 2>exec.err
0
