https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91547
Bug ID: 91547
Summary: std::string_view find_last_not_of can trigger unsigned
integer overflow
Product: gcc
Version: 9.1.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: libstdc++
Assignee: unassigned at gcc dot gnu.org
Reporter: mateusz.szychowski at blackstarsoftware dot com
Target Milestone: ---
Created attachment 46752
--> https://gcc.gnu.org/bugzilla/attachment.cgi?id=46752&action=edit
Preprocessed source
Problem, it's easier to explain with a code snippet (I attached .ii file)
explanation:
std::string_view text = "aaaa";
size_t const pos = text.find_last_not_of("a");
Using Undefined Behavior Sanitizer makes second line print a warning about
unsigned integer overflow. This happens only if std::string_view::npos is
returned.
I'm building with clang++ (I don't think that GCC has
'-fsanitizer=unsigned-integer-overflow' option) and using libstdc++.
This error doesn't print with libc++, so I've assumed it's related to
libstdc++.
OS: Manjaro Linux (reproduced on Ubuntu 18.04 too, with GCC 8.3.0 and Clang
7.0.0)
Compilers: GCC 9.1.0, Clang 8.0.1
$ gcc -v
Using built-in specs.
COLLECT_GCC=/usr/bin/gcc
COLLECT_LTO_WRAPPER=/usr/lib/gcc/x86_64-pc-linux-gnu/9.1.0/lto-wrapper
Target: x86_64-pc-linux-gnu
Configured with: /build/gcc/src/gcc/configure --prefix=/usr --libdir=/usr/lib
--libexecdir=/usr/lib --mandir=/usr/share/man --infodir=/usr/share/info
--with-bugurl=https://bugs.archlinux.org/
--enable-languages=c,c++,ada,fortran,go,lto,objc,obj-c++ --enable-shared
--enable-threads=posix --with-system-zlib --with-isl --enable-__cxa_atexit
--disable-libunwind-exceptions --enable-clocale=gnu --disable-libstdcxx-pch
--disable-libssp --enable-gnu-unique-object --enable-linker-build-id
--enable-lto --enable-plugin --enable-install-libiberty
--with-linker-hash-style=gnu --enable-gnu-indirect-function --enable-multilib
--disable-werror --enable-checking=release --enable-default-pie
--enable-default-ssp --enable-cet=auto
Thread model: posix
gcc version 9.1.0 (GCC)
$ clang++ -v
clang version 8.0.1 (tags/RELEASE_801/final)
Target: x86_64-pc-linux-gnu
Thread model: posix
InstalledDir: /usr/bin
Found candidate GCC installation: /usr/bin/../lib/gcc/x86_64-pc-linux-gnu/8.3.0
Found candidate GCC installation: /usr/bin/../lib/gcc/x86_64-pc-linux-gnu/9.1.0
Found candidate GCC installation:
/usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/8.3.0
Found candidate GCC installation:
/usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/9.1.0
Found candidate GCC installation: /usr/lib/gcc/x86_64-pc-linux-gnu/8.3.0
Found candidate GCC installation: /usr/lib/gcc/x86_64-pc-linux-gnu/9.1.0
Found candidate GCC installation: /usr/lib64/gcc/x86_64-pc-linux-gnu/8.3.0
Found candidate GCC installation: /usr/lib64/gcc/x86_64-pc-linux-gnu/9.1.0
Selected GCC installation: /usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/9.1.0
Candidate multilib: .;@m64
Candidate multilib: 32;@m32
Selected multilib: .;@m64
Build command and output:
$ clang++ -v -save-temps -fsanitize=unsigned-integer-overflow -std=c++17
ubsan-string-view.cpp
clang version 8.0.1 (tags/RELEASE_801/final)
Target: x86_64-pc-linux-gnu
Thread model: posix
InstalledDir: /usr/bin
Found candidate GCC installation: /usr/bin/../lib/gcc/x86_64-pc-linux-gnu/8.3.0
Found candidate GCC installation: /usr/bin/../lib/gcc/x86_64-pc-linux-gnu/9.1.0
Found candidate GCC installation:
/usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/8.3.0
Found candidate GCC installation:
/usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/9.1.0
Found candidate GCC installation: /usr/lib/gcc/x86_64-pc-linux-gnu/8.3.0
Found candidate GCC installation: /usr/lib/gcc/x86_64-pc-linux-gnu/9.1.0
Found candidate GCC installation: /usr/lib64/gcc/x86_64-pc-linux-gnu/8.3.0
Found candidate GCC installation: /usr/lib64/gcc/x86_64-pc-linux-gnu/9.1.0
Selected GCC installation: /usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/9.1.0
Candidate multilib: .;@m64
Candidate multilib: 32;@m32
Selected multilib: .;@m64
"/usr/bin/clang-8" -cc1 -triple x86_64-pc-linux-gnu -E -save-temps=cwd
-disable-free -disable-llvm-verifier -discard-value-names -main-file-name
ubsan-string-view.cpp -mrelocation-model pic -pic-level 2 -pic-is-pie
-mthread-model posix -mdisable-fp-elim -fmath-errno -masm-verbose
-mconstructor-aliases -munwind-tables -fuse-init-array -target-cpu x86-64
-dwarf-column-info -debugger-tuning=gdb -v -resource-dir /usr/lib/clang/8.0.1
-internal-isystem
/usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/9.1.0/../../../../include/c++/9.1.0
-internal-isystem
/usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/9.1.0/../../../../include/c++/9.1.0/x86_64-pc-linux-gnu
-internal-isystem
/usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/9.1.0/../../../../include/c++/9.1.0/backward
-internal-isystem /usr/local/include -internal-isystem
/usr/lib/clang/8.0.1/include -internal-externc-isystem /include
-internal-externc-isystem /usr/include -std=c++17 -fdeprecated-macro
-fdebug-compilation-dir /home/muttley/git/test/ubsan-string-view -ferror-limit
19 -fmessage-length 172 -fsanitize=unsigned-integer-overflow
-fsanitize-recover=unsigned-integer-overflow -stack-protector 2
-fobjc-runtime=gcc -fcxx-exceptions -fexceptions -fdiagnostics-show-option
-fcolor-diagnostics -o ubsan-string-view.ii -x c++ ubsan-string-view.cpp
-faddrsig
clang -cc1 version 8.0.1 based upon LLVM 8.0.1 default target
x86_64-pc-linux-gnu
ignoring nonexistent directory "/include"
#include "..." search starts here:
#include <...> search starts here:
/usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/9.1.0/../../../../include/c++/9.1.0
/usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/9.1.0/../../../../include/c++/9.1.0/x86_64-pc-linux-gnu
/usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/9.1.0/../../../../include/c++/9.1.0/backward
/usr/local/include
/usr/lib/clang/8.0.1/include
/usr/include
End of search list.
"/usr/bin/clang-8" -cc1 -triple x86_64-pc-linux-gnu -emit-llvm-bc
-emit-llvm-uselists -save-temps=cwd -disable-free -disable-llvm-verifier
-discard-value-names -main-file-name ubsan-string-view.cpp -mrelocation-model
pic -pic-level 2 -pic-is-pie -mthread-model posix -mdisable-fp-elim
-fmath-errno -masm-verbose -mconstructor-aliases -munwind-tables
-fuse-init-array -target-cpu x86-64 -dwarf-column-info -debugger-tuning=gdb -v
-resource-dir /usr/lib/clang/8.0.1 -std=c++17 -fdeprecated-macro
-fdebug-compilation-dir /home/muttley/git/test/ubsan-string-view -ferror-limit
19 -fmessage-length 172 -fsanitize=unsigned-integer-overflow
-fsanitize-recover=unsigned-integer-overflow -stack-protector 2
-fobjc-runtime=gcc -fcxx-exceptions -fexceptions -fdiagnostics-show-option
-fcolor-diagnostics -disable-llvm-passes -o ubsan-string-view.bc -x
c++-cpp-output ubsan-string-view.ii -faddrsig
clang -cc1 version 8.0.1 based upon LLVM 8.0.1 default target
x86_64-pc-linux-gnu
#include "..." search starts here:
End of search list.
"/usr/bin/clang-8" -cc1 -triple x86_64-pc-linux-gnu -S -save-temps=cwd
-disable-free -disable-llvm-verifier -discard-value-names -main-file-name
ubsan-string-view.cpp -mrelocation-model pic -pic-level 2 -pic-is-pie
-mthread-model posix -mdisable-fp-elim -fmath-errno -masm-verbose
-mconstructor-aliases -munwind-tables -fuse-init-array -target-cpu x86-64
-dwarf-column-info -debugger-tuning=gdb -v -resource-dir /usr/lib/clang/8.0.1
-std=c++17 -fdebug-compilation-dir /home/muttley/git/test/ubsan-string-view
-ferror-limit 19 -fmessage-length 172 -fsanitize=unsigned-integer-overflow
-fsanitize-recover=unsigned-integer-overflow -stack-protector 2
-fobjc-runtime=gcc -fdiagnostics-show-option -fcolor-diagnostics -o
ubsan-string-view.s -x ir ubsan-string-view.bc -faddrsig
clang -cc1 version 8.0.1 based upon LLVM 8.0.1 default target
x86_64-pc-linux-gnu
"/usr/bin/clang-8" -cc1as -triple x86_64-pc-linux-gnu -filetype obj
-main-file-name ubsan-string-view.cpp -target-cpu x86-64 -dwarf-version=4
-mrelocation-model pic -mrelax-all -o ubsan-string-view.o ubsan-string-view.s
"/usr/bin/ld" -pie --eh-frame-hdr -m elf_x86_64 -dynamic-linker
/lib64/ld-linux-x86-64.so.2 -o a.out
/usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/9.1.0/../../../../lib64/Scrt1.o
/usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/9.1.0/../../../../lib64/crti.o
/usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/9.1.0/crtbeginS.o
-L/usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/9.1.0
-L/usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/9.1.0/../../../../lib64
-L/usr/bin/../lib64 -L/lib/../lib64 -L/usr/lib/../lib64
-L/usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/9.1.0/../../.. -L/usr/bin/../lib
-L/lib -L/usr/lib --whole-archive
/usr/lib/clang/8.0.1/lib/linux/libclang_rt.ubsan_standalone-x86_64.a
--no-whole-archive
--dynamic-list=/usr/lib/clang/8.0.1/lib/linux/libclang_rt.ubsan_standalone-x86_64.a.syms
--whole-archive
/usr/lib/clang/8.0.1/lib/linux/libclang_rt.ubsan_standalone_cxx-x86_64.a
--no-whole-archive
--dynamic-list=/usr/lib/clang/8.0.1/lib/linux/libclang_rt.ubsan_standalone_cxx-x86_64.a.syms
ubsan-string-view.o -lstdc++ -lm --no-as-needed -lpthread -lrt -lm -ldl -lgcc_s
-lgcc -lc -lgcc_s -lgcc
/usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/9.1.0/crtendS.o
/usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/9.1.0/../../../../lib64/crtn.o
Runtime output:
$ ./a.out
/usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/9.1.0/../../../../include/c++/9.1.0/bits/string_view.tcc:199:17:
runtime error: unsigned integer overflow: 0 - 1 cannot be represented in type
'std::basic_string_view::size_type' (aka 'unsigned long')
