From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 63533 invoked by alias); 14 Dec 2017 19:04:07 -0000 Mailing-List: contact gcc-patches-help@gcc.gnu.org; run by ezmlm Precedence: bulk List-Id: List-Archive: List-Post: List-Help: Sender: gcc-patches-owner@gcc.gnu.org Received: (qmail 63522 invoked by uid 89); 14 Dec 2017 19:04:06 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-1.9 required=5.0 tests=BAYES_00,SPF_HELO_PASS,T_RP_MATCHES_RCVD autolearn=ham version=3.3.2 spammy=interest X-HELO: mx1.redhat.com Received: from mx1.redhat.com (HELO mx1.redhat.com) (209.132.183.28) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Thu, 14 Dec 2017 19:04:05 +0000 Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 3C26AC0586A7; Thu, 14 Dec 2017 19:04:04 +0000 (UTC) Received: from localhost.localdomain (ovpn-112-2.rdu2.redhat.com [10.10.112.2]) by smtp.corp.redhat.com (Postfix) with ESMTP id 401DF6C923; Thu, 14 Dec 2017 19:04:03 +0000 (UTC) Subject: Re: [PATCH] set range for strlen(array) to avoid spurious -Wstringop-overflow (PR 83373 , PR 78450) To: Jakub Jelinek , Martin Sebor Cc: Gcc Patch List References: <6d39c9fb-7254-b34e-bf57-bb96f9a4f1d4@redhat.com> <92d32f0e-c270-30ba-0a03-2bb3be7bcee7@gmail.com> <0d19214d-afec-aee4-a824-73facd23e946@redhat.com> <20171214161854.GV2353@tucnak> <8b06b7d7-076c-4b43-c8c9-0a311168a41e@gmail.com> <20171214185530.GX2353@tucnak> From: Jeff Law Message-ID: <06301e58-9dac-e340-24b1-01781c3ee44b@redhat.com> Date: Thu, 14 Dec 2017 19:04:00 -0000 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.4.0 MIME-Version: 1.0 In-Reply-To: <20171214185530.GX2353@tucnak> Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-IsSubscribed: yes X-SW-Source: 2017-12/txt/msg00949.txt.bz2 On 12/14/2017 11:55 AM, Jakub Jelinek wrote: > On Thu, Dec 14, 2017 at 11:51:26AM -0700, Martin Sebor wrote: >>> Well, it would be nice to get sanitizers diagnose this at runtime. If we >>> know the array length at compile time, simply compare after the strlen >>> call the result and fail if it returns something above it. Or replace >>> the strlen call with strnlen for the compile time known size and add >>> instrumentation if strnlen returns the second argument. >> >> Sure, that sounds like a useful enhancement. I'll look into >> adding it as a follow-on patch unless you feel that it needs >> to be part of the same package. > > The problem is if we'll need changes to libubsan for that (which we'll > likely do), then those need to be upstreamed, and e.g. my attempts > to upstream simple patch to diagnose noreturn function returns is suspended > upstream because clang doesn't have that support (and I have no interest > in adding to to clang). > > In theory we could have some GCC only file in there, but then we'd be ABI > incompatible with them. So defer the sanitization side until Clang catches up? jeff