Skip to content

-fsanitize=pointer-overflow fails to detect overflow with pointer to VLA #124358

New issue
New issue
Open
Open
-fsanitize=pointer-overflow fails to detect overflow with pointer to VLA#124358
Labels
compiler-rt:asanAddress sanitizerfalse-negative
@efriedma-quic

Description

@efriedma-quic
efriedma-quic
opened on Jan 24, 2025

Testcase:

void f(void g(void*, void*)) {
  int x = 2;
  unsigned long long y = 0x8000000000000000;
  int a[2][2];
  int (*aa)[x] = a;
  g(&aa[y], aa+y);
}
void g(void*, void*){}
int main(){ f(g); }

Compiling with -fsanitize=pointer-overflow, no error is triggered by the resulting program. It should trigger on the subscripting/pointer arithmetic (like it does with a constant array, or if the offfset is 0x4000000000000000).

Metadata

Metadata

Assignees

No one assigned

    Labels

    compiler-rt:asanAddress sanitizerfalse-negative

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions