[Bug sanitizer/98608] New: missing sanitizer detection for arrays with invalid length defind using typeof

public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed

* [Bug sanitizer/98608] New: missing sanitizer detection for arrays with invalid length defind using typeof
@ 2021-01-08 21:39 muecker at gwdg dot de
  2021-01-11  8:14 ` [Bug sanitizer/98608] " marxin at gcc dot gnu.org
                   ` (2 more replies)
  0 siblings, 3 replies; 4+ messages in thread
From: muecker at gwdg dot de @ 2021-01-08 21:39 UTC (permalink / raw)
  To: gcc-bugs

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=98608

            Bug ID: 98608
           Summary: missing sanitizer detection for arrays with invalid
                    length defind using typeof
           Product: gcc
           Version: 11.0
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: sanitizer
          Assignee: unassigned at gcc dot gnu.org
          Reporter: muecker at gwdg dot de
                CC: dodji at gcc dot gnu.org, dvyukov at gcc dot gnu.org,
                    jakub at gcc dot gnu.org, kcc at gcc dot gnu.org, marxin at gcc dot gnu.org
  Target Milestone: ---

The following invalid code is not detected with -fsanitize=undefined

void f(int n, double (*x)[n])
{
        typeof(*x) y;
//      double y[n];
}

int main()
{
        f(-1, 0);
}

Using the definition without typedef yields:

src/test.c:5:9: runtime error: variable length array bound evaluates to
non-positive value -1

^ permalink raw reply	[flat|nested] 4+ messages in thread

* [Bug sanitizer/98608] missing sanitizer detection for arrays with invalid length defind using typeof
  2021-01-08 21:39 [Bug sanitizer/98608] New: missing sanitizer detection for arrays with invalid length defind using typeof muecker at gwdg dot de
@ 2021-01-11  8:14 ` marxin at gcc dot gnu.org
  2023-07-30 10:09 ` muecker at gwdg dot de
  2023-11-01 12:35 ` muecker at gwdg dot de
  2 siblings, 0 replies; 4+ messages in thread
From: marxin at gcc dot gnu.org @ 2021-01-11  8:14 UTC (permalink / raw)
  To: gcc-bugs

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=98608

Martin Liška <marxin at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
     Ever confirmed|0                           |1
             Status|UNCONFIRMED                 |NEW
                 CC|                            |mpolacek at gcc dot gnu.org
   Last reconfirmed|                            |2021-01-11

--- Comment #1 from Martin Liška <marxin at gcc dot gnu.org> ---
Confirmed.
@Marek: Can you please take a look?

^ permalink raw reply	[flat|nested] 4+ messages in thread

* [Bug sanitizer/98608] missing sanitizer detection for arrays with invalid length defind using typeof
  2021-01-08 21:39 [Bug sanitizer/98608] New: missing sanitizer detection for arrays with invalid length defind using typeof muecker at gwdg dot de
  2021-01-11  8:14 ` [Bug sanitizer/98608] " marxin at gcc dot gnu.org
@ 2023-07-30 10:09 ` muecker at gwdg dot de
  2023-11-01 12:35 ` muecker at gwdg dot de
  2 siblings, 0 replies; 4+ messages in thread
From: muecker at gwdg dot de @ 2023-07-30 10:09 UTC (permalink / raw)
  To: gcc-bugs

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=98608

--- Comment #2 from Martin Uecker <muecker at gwdg dot de> ---

The problem is actually the missing sanitizer instrumentation of the parameter
type. This is easy to fix, but then I run into the problem that a lot of code
has n == 0 in parameters. Having an option to avoid the instrumentation
(PR98609) might help.

^ permalink raw reply	[flat|nested] 4+ messages in thread

* [Bug sanitizer/98608] missing sanitizer detection for arrays with invalid length defind using typeof
  2021-01-08 21:39 [Bug sanitizer/98608] New: missing sanitizer detection for arrays with invalid length defind using typeof muecker at gwdg dot de
  2021-01-11  8:14 ` [Bug sanitizer/98608] " marxin at gcc dot gnu.org
  2023-07-30 10:09 ` muecker at gwdg dot de
@ 2023-11-01 12:35 ` muecker at gwdg dot de
  2 siblings, 0 replies; 4+ messages in thread
From: muecker at gwdg dot de @ 2023-11-01 12:35 UTC (permalink / raw)
  To: gcc-bugs

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=98608

--- Comment #3 from Martin Uecker <muecker at gwdg dot de> ---

PATCH (but unclear about n == 0)
https://gcc.gnu.org/pipermail/gcc-patches/2023-November/634896.html

^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2023-11-01 12:35 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-01-08 21:39 [Bug sanitizer/98608] New: missing sanitizer detection for arrays with invalid length defind using typeof muecker at gwdg dot de
2021-01-11  8:14 ` [Bug sanitizer/98608] " marxin at gcc dot gnu.org
2023-07-30 10:09 ` muecker at gwdg dot de
2023-11-01 12:35 ` muecker at gwdg dot de

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).