https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110814
Bug ID: 110814 Summary: Address Sanitizer misses 'global-buffer-overflow' for const arrays Product: gcc Version: 13.1.0 Status: UNCONFIRMED Severity: normal Priority: P3 Component: sanitizer Assignee: unassigned at gcc dot gnu.org Reporter: egor_suvorov at mail dot ru CC: dodji at gcc dot gnu.org, dvyukov at gcc dot gnu.org, jakub at gcc dot gnu.org, kcc at gcc dot gnu.org, marxin at gcc dot gnu.org Target Milestone: --- Consider the following code (https://godbolt.org/z/ddz6q8xra): const int a[1]; int b[1]; int main() { int x = a[1]; // line 4 int y = b[1]; // line 5 } Here GCC's ASan fails in the line 5 only, completely missing array overflow for 'a' in line 4: ==1==ERROR: AddressSanitizer: global-buffer-overflow on address 0x000000404124 at pc 0x0000004011ad bp 0x7fffbe0976e0 sp 0x7fffbe0976d8 READ of size 4 at 0x000000404124 thread T0 #0 0x4011ac in main /app/example.c:5 #1 0x7f01c82ad082 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x24082) (BuildId: 1878e6b475720c7c51969e69ab2d276fae6d1dee) #2 0x4010ad in _start (/app/output.s+0x4010ad) (BuildId: 8b89d3acf504057c132647f3c9558b7377ff8ce0) 0x000000404124 is located 0 bytes after global variable 'b' defined in '/app/example.c:2:5' (0x404120) of size 4 SUMMARY: AddressSanitizer: global-buffer-overflow /app/example.c:5 in main The only different between lines 4 and 5 is that 'a' is const. Clang's ASan correctly catches the error in line 4.