https://gcc.gnu.org/bugzilla/show_bug.cgi?id=113628
Bug ID: 113628
Summary: -fsanitize=undefined failed to check a signed integer
overflow
Product: gcc
Version: 12.2.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: sanitizer
Assignee: unassigned at gcc dot gnu.org
Reporter: jiajing_zheng at 163 dot com
CC: dodji at gcc dot gnu.org, dvyukov at gcc dot gnu.org,
jakub at gcc dot gnu.org, kcc at gcc dot gnu.org
Target Milestone: ---
The following two files are equivalent(I took a motion of the loop invariant
expression of source.c and got mutation.c).
I checked both files using -fsanitize=undefined and the results showed that
'signed integer overflow' was given for mutation.c, but this message was
missing for source.c. This is the case in both release version 12.2.0 and
version 13.2.0.
jing@jing-ubuntu:~$ cat source.c
static int g_3 = 0b11000111000010111011011101000011;
static char g_51 = 2L;
static unsigned char g_106 = 252UL;
inline static void func_1(void) {
int i;
for (i = 0; i < 1; i++) {
// source statement:
g_3 *= (g_106 / (g_51 ? g_51 : 16653417461)) | (g_51 & g_3) + g_3;
}
for (g_3 = (-6); (g_3 != 29); ++g_3) {
}
}
int main(void) {
func_1();
return 0;
}
jing@jing-ubuntu:~/Desktop/issue$ cat mutation.c
static int g_3 = 0b11000111000010111011011101000011;
static char g_51 = 2L;
static unsigned char g_106 = 252UL;
inline static void func_1(void) {
int i;
// loop invariant motion:
int TVH = (g_106 / (g_51 ? g_51 : 16653417461));
for (i = 0; i < 1; i++) {
// mutation statement:
g_3 *= TVH | (g_51 & g_3) + g_3;
}
for (g_3 = (-6); (g_3 != 29); ++g_3) {
}
}
int main(void) {
func_1();
return 0;
}
results both in gcc version 12.2.0 and 13.2.0:
jing@jing-ubuntu:~$ gcc source.c -fsanitize=undefined -O0 && ./a.out
jing@jing-ubuntu:~$ gcc mutation.c -fsanitize=undefined -O0 && ./a.out
mutation.c:11:9: runtime error: signed integer overflow: -955533441 *
-955533501 cannot be represented in type 'int'
jing@jing-ubuntu:~$ gcc -v
Using built-in specs.
COLLECT_GCC=gcc
COLLECT_LTO_WRAPPER=/home/jing/gcc-12.2.0/usr/local/bin/../libexec/gcc/x86_64-pc-linux-gnu/12.2.0/lto-wrapper
Target: x86_64-pc-linux-gnu
Configured with: ../configure -enable-checking=release -enable-languages=c,c++
-disable-multilib
Thread model: posix
Supported LTO compression algorithms: zlib
gcc version 12.2.0 (GCC)
jing@jing-ubuntu:~$ gcc -v
Using built-in specs.
COLLECT_GCC=gcc
COLLECT_LTO_WRAPPER=/home/jing/gcc-13.2.0-install/libexec/gcc/x86_64-pc-linux-gnu/13.2.0/lto-wrapper
Target: x86_64-pc-linux-gnu
Configured with: ../configure --prefix=/home/jing/gcc-13.2.0-install
--enable-threads=posix -enable-checking=release -enable-languages=c,c++
-disable-multilib
Thread model: posix
Supported LTO compression algorithms: zlib
gcc version 13.2.0 (GCC)
