From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 5102 invoked by alias); 19 Sep 2014 16:21:13 -0000 Mailing-List: contact gcc-bugs-help@gcc.gnu.org; run by ezmlm Precedence: bulk List-Id: List-Archive: List-Post: List-Help: Sender: gcc-bugs-owner@gcc.gnu.org Received: (qmail 4507 invoked by uid 55); 19 Sep 2014 16:21:07 -0000 From: "joseph at codesourcery dot com" To: gcc-bugs@gcc.gnu.org Subject: [Bug c/63303] Pointer subtraction is broken when using -fsanitize=undefined Date: Fri, 19 Sep 2014 16:21:00 -0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: gcc X-Bugzilla-Component: c X-Bugzilla-Version: 4.9.1 X-Bugzilla-Keywords: X-Bugzilla-Severity: normal X-Bugzilla-Who: joseph at codesourcery dot com X-Bugzilla-Status: UNCONFIRMED X-Bugzilla-Priority: P3 X-Bugzilla-Assigned-To: unassigned at gcc dot gnu.org X-Bugzilla-Target-Milestone: --- X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 7bit X-Bugzilla-URL: http://gcc.gnu.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-SW-Source: 2014-09/txt/msg01966.txt.bz2 https://gcc.gnu.org/bugzilla/show_bug.cgi?id=63303 --- Comment #7 from joseph at codesourcery dot com --- Yes, I consider it a bug in malloc that it produces objects 2GB or more in size on 32-bit systems (because of the one-past-end address, the largest size that can't produce undefined behavior in the user program is 2GB minus one byte). Unfortunately I expect some 32-bit applications rely on such large allocations, so if we changed malloc (please report a bug to glibc Bugzilla) we'd need a way (feature test macro?) for people to continue to build programs to use the old malloc, as well as to avoid breaking existing binaries.