It's in ASan FAQ btw. On Fri, Jan 15, 2016 at 7:58 PM, Konstantin Serebryany <konstantin.s.serebry...@gmail.com> wrote: > +john > > Yea, if optimizations get rid of the buggy code before asan gets a chance to > instrument it -- the bug will be missed. > We've seen it before in many *trivial* examples. > It's unclear how many bugs we miss this way; some for sure. > > On Fri, Jan 15, 2016 at 8:51 AM, Hanno Böck <ha...@hboeck.de> wrote: >> >> Hi, >> >> I just saw this tweet by John Regehr: >> https://twitter.com/johnregehr/status/688033344580399104 >> >> He found a code example with a pretty obvious out of bounds stack read >> that asan doesn't catch with -O or -O2 (equivalent). I checked this >> with both current gcc and clang. >> >> This is a stripped down example: >> int main() { >> int b[1] = {0}; >> int a=-1; >> printf("%i\n", b[a]); >> } >> >> >> I am a bit surprised, because this looks like a poster child example of >> the kind of bug asan can find. But somehow the optimization >> seems to break the asan check here. >> >> I now wonder how many bugs keep being hidden because of this, as -O2 is >> a pretty common default setting for compilations. >> >> >> -- >> Hanno Böck >> http://hboeck.de/ >> >> mail/jabber: ha...@hboeck.de >> GPG: BBB51E42 >> >> -- >> You received this message because you are subscribed to the Google Groups >> "address-sanitizer" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to address-sanitizer+unsubscr...@googlegroups.com. >> For more options, visit https://groups.google.com/d/optout. > > > -- > You received this message because you are subscribed to the Google Groups > "address-sanitizer" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to address-sanitizer+unsubscr...@googlegroups.com. > For more options, visit https://groups.google.com/d/optout.
-- You received this message because you are subscribed to the Google Groups "address-sanitizer" group. To unsubscribe from this group and stop receiving emails from it, send an email to address-sanitizer+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
