http://gcc.gnu.org/bugzilla/show_bug.cgi?id=60861
Bug ID: 60861 Summary: out of bounds access of global var in .rodata/.bss not detected Product: gcc Version: 4.8.2 Status: UNCONFIRMED Severity: normal Priority: P3 Component: sanitizer Assignee: unassigned at gcc dot gnu.org Reporter: jan.sm...@alcatel-lucent.com CC: dodji at gcc dot gnu.org, dvyukov at gcc dot gnu.org, jakub at gcc dot gnu.org, kcc at gcc dot gnu.org gcc version 4.8.2 (Debian 4.8.2-16) gcc test.c -O2 -fsanitize=address -o test int depth = 3; //int testGlobalOutOfBoundsRODATAVar[2] = {1}; /* data: works (asan_report_load4 present) */ const int testGlobalOutOfBoundsRODATAVar[1] = {1}; /* rodata: doesn't work (no asan_report_load4 present) */ //int testGlobalOutOfBoundsRODATAVar[1] = {0}; /* bss : works (asan_report_load4 present) */ //int testGlobalOutOfBoundsRODATAVar[1]; /* bss : doesn't work !??? (asan_report_load4 present!) */ int test(void) { return testGlobalOutOfBoundsRODATAVar[depth]; // boom } int main(void) { return test(); }