https://gcc.gnu.org/bugzilla/show_bug.cgi?id=77891
Bug ID: 77891 Summary: Signed overflow sanitizer doesn't catch multiplication overflows due to promotion Product: gcc Version: 6.2.0 Status: UNCONFIRMED Severity: normal Priority: P3 Component: sanitizer Assignee: unassigned at gcc dot gnu.org Reporter: myriachan at gmail dot com CC: dodji at gcc dot gnu.org, dvyukov at gcc dot gnu.org, jakub at gcc dot gnu.org, kcc at gcc dot gnu.org Target Milestone: --- -fsanitize=signed-integer-overflow doesn't catch multiplication overflows that occur in signed types due to promotion rules. This can happen when you use an unsigned type that is exactly half the width of "signed int". That's usually "unsigned short". The following should generate two runtime errors when compiled with -fsanitize=signed-integer-overflow, but instead only one error occurs: #include <cstdio> int main() { std::printf("unsigned short\n"); std::fflush(stdout); unsigned short x = 65535; x *= x; std::printf("signed int\n"); std::fflush(stdout); signed int y = 65535; y *= y; return 0; } myria@machine:~/tests$ g++ -m64 -std=gnu++11 -Wstrict-overflow -ftrapv -fstrict-overflow -fsanitize=signed-integer-overflow overflow.cpp -lpthread -ldl -o overflow64 myria@machine:~/tests$ ./overflow64 unsigned short signed int overflow.cpp:13:15: runtime error: signed integer overflow: 65535 * 65535 cannot be represented in type 'int' Clang does pick up the overflow, though: myria@machine:~/tests$ clang++-3.8 -m64 -std=gnu++11 -stdlib=libc++ -fsanitize=signed-integer-overflow overflow.cpp -o overflow64 myria@machine:~/tests$ ./overflow64 unsigned short overflow.cpp:8:11: runtime error: signed integer overflow: 65535 * 65535 cannot be represented in type 'int' signed int overflow.cpp:13:11: runtime error: signed integer overflow: 65535 * 65535 cannot be represented in type 'int'