> On Jun 18, 2025, at 17:57, Siddhesh Poyarekar <siddh...@gotplt.org> wrote: > > On 2025-06-18 17:46, Qing Zhao wrote: >> Okay, I guess that I didn’t put enough attention on the above example >> previously, sorry about that... >> Read it multiple times this time, my question is for the following code >> portion: >> objsz = __builtin_dynamic_object_size (ptr, 0); >> __memcpy_chk (ptr, src, sz, objsz); >> When program get to the this point, “ptr” is freed and invalid already, is >> the program still considered as a valid program when the first argument to >> the call to __memcpy_chk is an invalid pointer but the 3rd parameter is 0? > > AFAICT, strictly according to the standards it should not be considered valid > since any use of an invalid pointer (not just dereferencing it) is considered > undefined behaviour. However in practice it doesn't result in an invalid > access because of SZ=0.
Then should we follow the standards here? i.e, even though the program does not result in an invalid access because of SZ=0, the program has undefined behavior due to the use of invalid pointer? Qing > > Sid
