+john Yea, if optimizations get rid of the buggy code before asan gets a chance to instrument it -- the bug will be missed. We've seen it before in many *trivial* examples. It's unclear how many bugs we miss this way; some for sure.
On Fri, Jan 15, 2016 at 8:51 AM, Hanno Böck <ha...@hboeck.de> wrote: > Hi, > > I just saw this tweet by John Regehr: > https://twitter.com/johnregehr/status/688033344580399104 > > He found a code example with a pretty obvious out of bounds stack read > that asan doesn't catch with -O or -O2 (equivalent). I checked this > with both current gcc and clang. > > This is a stripped down example: > int main() { > int b[1] = {0}; > int a=-1; > printf("%i\n", b[a]); > } > > > I am a bit surprised, because this looks like a poster child example of > the kind of bug asan can find. But somehow the optimization > seems to break the asan check here. > > I now wonder how many bugs keep being hidden because of this, as -O2 is > a pretty common default setting for compilations. > > > -- > Hanno Böck > http://hboeck.de/ > > mail/jabber: ha...@hboeck.de > GPG: BBB51E42 > > -- > You received this message because you are subscribed to the Google Groups > "address-sanitizer" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to address-sanitizer+unsubscr...@googlegroups.com. > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "address-sanitizer" group. To unsubscribe from this group and stop receiving emails from it, send an email to address-sanitizer+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
