This is the mail archive of the
gcc@gcc.gnu.org
mailing list for the GCC project.
Re: array bounds, sanitizer, safe programming, and cilk array notation
- From: Joseph Myers <joseph at codesourcery dot com>
- To: Martin Uecker <uecker at eecs dot berkeley dot edu>
- Cc: gcc Mailing List <gcc at gcc dot gnu dot org>, Jeff Law <law at redhat dot com>, Jakub Jelinek <jakub at redhat dot com>, Marek Polacek <polacek at redhat dot com>, Florian Weimer <fw at deneb dot enyo dot de>, "Balaji V. Iyer" <balaji dot v dot iyer at intel dot com>
- Date: Tue, 27 Jan 2015 00:07:58 +0000
- Subject: Re: array bounds, sanitizer, safe programming, and cilk array notation
- Authentication-results: sourceware.org; auth=none
- References: <20150126115359 dot 295659da at lemur>
On Mon, 26 Jan 2015, Martin Uecker wrote:
> extern void bar2(int (*x)[5]);
> int c = 4;
> int y[c];
> bar2(&y); // not diagnosed (found by asan)
This is the undefined behavior "If the two array types are used in a
context which requires them to be compatible, it is undefined behavior if
the two size specifiers evaluate to unequal values." (C11 6.7.6.2#6).
Yes, it would make sense for ubsan to detect this. Generally, most forms
of runtime undefined behavior listed in J.2 should have ubsan detection
unless hard to detect / detected by some other sanitizer such as asan.
Does adding new forms of sanitization require upstream libsanitizer
changes as well or can arbitrary ubsan checks be added without needing
libsanitizer changes?
--
Joseph S. Myers
joseph@codesourcery.com