Open Quuxplusone opened 5 years ago
Quuxplusone
commented
5 years ago | Bugzilla Link | PR41519 |
| Status | NEW |
| Importance | P enhancement |
| Reported by | Micha Horlboge (m.horlboge@tu-braunschweig.de) |
| Reported on | 2019-04-16 14:43:29 -0700 |
| Last modified on | 2019-04-16 15:27:45 -0700 |
| Version | unspecified |
| Hardware | PC All |
| CC | dblaikie@gmail.com, efriedma@quicinc.com, hfinkel@anl.gov, htmldeveloper@gmail.com, llvm-bugs@lists.llvm.org |
| Fixed by commit(s) | |
| Attachments | |
| Blocks | |
| Blocked by | |
| See also |
Quuxplusone
commented
5 years ago If i use the ubsan, checks for out-of-bounds accesses at arrays works with the index operator, but if i use pointer arithmetics, it triggers one too late.
Quuxplusone
commented
5 years ago When i use the ubsan, it finds out-of-bounds accesses for arrays quite well
with the index operator, but if i use pointer arithmetics, it triggers the
error one too late.
E.g. an array int[3]: with [i], the error triggers at i = 3, but with *(array +
i) it triggers first at i = 4.Constructing a one-past-the-end pointer is valid, in general. And ubsan can't tell whether an arbitrary pointer dereference is valid. So this is sort of working as designed.
That said, ubsan could possibly be enhanced to handle a pointer arithmetic/dereference in cases where a pointer points into a known object, so I'll leave this open for now.