[cfe-dev] Why does integer overflow sanitizer exits the program with zero exit code
Riyad Parvez via cfe-dev
cfe-dev at lists.llvm.org
Fri Oct 23 07:08:34 PDT 2015
Thanks for the reply.
I am developing a fuzzer and interested to find overflows. Is there any way
to detect when errors are detected? To explain more, I have instrumented
the binary to see which functions are called in run-time. What are the
functions that are called when overflow is detected? When these functions
are called I will know overflow is detected.
On Thu, Oct 22, 2015 at 8:08 PM, Kostya Serebryany <kcc at google.com> wrote:
>
>
> On Thu, Oct 22, 2015 at 11:52 AM, Riyad Parvez via cfe-dev <
> cfe-dev at lists.llvm.org> wrote:
>
>> Hi All,
>>
>> With "-fsanitize=integer" flag, when an overflow is detected the program
>> is terminated with zero exit code.
>>
>
> You can change this behavior by using env. var.
> UBSAN_OPTIONS=halt_on_error=1
>
>
I've tried this; didn't work.
> (Not sure if this is properly documented anywhere. Alexey? )
>
>
>> But with "-fsanitize=address" flag, the program terminates with non-zero
>> exit code. I think the address sanitizer behavior of non-zero exit code is
>> more intuitive since the program did exit in error. Is there any reason
>> integer overflow sanitizer exits the program with zero exit code?
>>
>
> One of the reasons, maybe:
> Programs are more often ubsan-unclean than asan-unclean, and halting on
> every ubsan message makes it harder to deploy the tool.
>
>
>>
>> Thanks,
>> Riyad
>>
>> _______________________________________________
>> cfe-dev mailing list
>> cfe-dev at lists.llvm.org
>> http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-dev
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/cfe-dev/attachments/20151023/c20d1fd0/attachment.html>
More information about the cfe-dev
mailing list