[Bug sanitizer/108894] -fsanitize=bounds missing bounds provided by __builtin_dynamic_object_size()

["qinzhao at gcc dot gnu.org" <gcc-bugzilla@gcc.gnu.org>]

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=108894

qinzhao at gcc dot gnu.org changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |qinzhao at gcc dot gnu.org

--- Comment #7 from qinzhao at gcc dot gnu.org ---
(In reply to Jakub Jelinek from comment #5)
> As for whether -fstrict-flex-arrays= should or shouldn't affect
> -fsanitize=bounds, making it gradually equivalent to
> -fsanitize=bounds-strict, that is a question, perhaps if
> -fstrict-flex-arrays= is considered as changing the exactly applicable
> language standard, with that option it might change what is and is not
> undefined behavior.
> Siddhesh/Qing, what do you think?
from the doc:
"
-fsanitize=bounds
This option enables instrumentation of array bounds. Various out of bounds
accesses are detected. Flexible array members, flexible array member-like
arrays, and initializers of variables with static storage are not instrumented.

-fsanitize=bounds-strict
This option enables strict instrumentation of array bounds. Most out of bounds
accesses are detected, including flexible array members and flexible array
member-like arrays. Initializers of variables with static storage are not
instrumented.
"

the situation is very similar to the previous:

-Warray-bounds
-Warray-bounds=2

Per our previous discussion on  -Warray-bounds and -Warray-bounds=2 and
-fstrict-flex-arrays=N, I think it's very reasonable to handle the
-fsanitize=bounds and -fsanitize=bounds-strict + -fstrict-flex-arrays=N
similarly, i.e:

1. let -fstrict-flex-arrays=N to control the behavior of -fsanitize=bounds;
2. -fsanitize=bounds-strict actually is an alias of -fsanitize=bounds
-fstrict-flex-arrays=2,  i.e, it treats [], [0] as flexible array members, but
treat [1], [4], as regular arrays.