This is the mail archive of the
gcc-bugs@gcc.gnu.org
mailing list for the GCC project.
[Bug sanitizer/65081] -fsanitize=object-size fails with simple pointer arithm
- From: "jakub at gcc dot gnu.org" <gcc-bugzilla at gcc dot gnu dot org>
- To: gcc-bugs at gcc dot gnu dot org
- Date: Tue, 17 Feb 2015 10:38:14 +0000
- Subject: [Bug sanitizer/65081] -fsanitize=object-size fails with simple pointer arithm
- Auto-submitted: auto-generated
- References: <bug-65081-4 at http dot gcc dot gnu dot org/bugzilla/>
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=65081
Jakub Jelinek <jakub at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Target Milestone|6.0 |5.0
--- Comment #3 from Jakub Jelinek <jakub at gcc dot gnu.org> ---
I think we should just make the IFN_OBJECT_SIZE expansion smarter.
In particular, we pass 3 interesting arguments to IFN_OBJECT_SIZE:
addr, addr - base, __builtin_object_size (base, 0) (we use ptr, offset, size
names for those).
The latter two are sizetype, so unsigned, but really, if addr - base is
"negative", then we shouldn't call __ubsan_handle*.
Now, the question is what to treat as "negative". One possibility is just to
look at the sign of the second argument, cheaper, but might not be appropriate.
The other possibility is to check if ptr + offset < ptr and not warn in that
case, that is slower, but perhaps more precise. Of course the comparison would
need to be performed on integers, so (unsigned long) ptr > (unsigned long) ptr
+ offset or so. And, it could be done only after the initial comparison, so it
wouldn't affect programs not hit by this sanitizer bug before, other than
growing -fsanitize=undefined code size.