[Bug sanitizer/65081] -fsanitize=object-size fails with simple pointer arithm

mpolacek at gcc dot gnu.org gcc-bugzilla@gcc.gnu.org
Tue Feb 17 09:39:00 GMT 2015


https://gcc.gnu.org/bugzilla/show_bug.cgi?id=65081

Marek Polacek <mpolacek at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |mpolacek at gcc dot gnu.org

--- Comment #1 from Marek Polacek <mpolacek at gcc dot gnu.org> ---
-fno-inline removes the runtime error because __builtin_object_size then can't
determine the size of the object, and -fsanitize=object-size is dependent on
__bos.
E.g., run this slightly modified (printf line added) code:

struct intro
{
  int a;
  char pad_[1];
};

struct intro b;

struct intro *
alloc ()
{
  struct intro *i = &b;
  return i + 1;
}

int
main (void)
{
  struct intro *i = alloc () - 1;
  __builtin_printf ("%zd\n", __builtin_object_size (&i->a, 0));
  i->a = 1;
}

$ xgcc -O e.c; ./a.out 
8
$ xgcc -O e.c -fno-inline; ./a.out 
-1

-1 means that __bos wasn't able to determine the size of an object.



More information about the Gcc-bugs mailing list