[Bug c/68065] Size calculations for VLAs can overflow

2015-10-28 Thread ch3root at openwall dot com
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=68065 --- Comment #15 from Alexander Cherepanov --- On 2015-10-29 02:38, joseph at codesourcery dot com wrote: >>> I think it's undefined at the point where a type exceeds the limit on the >>> size of an object (half the address space minus one byte) >

[Bug c/68065] Size calculations for VLAs can overflow

2015-10-28 Thread joseph at codesourcery dot com
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=68065 --- Comment #14 from joseph at codesourcery dot com --- On Wed, 28 Oct 2015, ch3root at openwall dot com wrote: > https://gcc.gnu.org/bugzilla/show_bug.cgi?id=68065 > > --- Comment #13 from Alexander Cherepanov --- > On 2015-10-27 20:09, josep

[Bug c/68065] Size calculations for VLAs can overflow

2015-10-28 Thread ch3root at openwall dot com
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=68065 --- Comment #13 from Alexander Cherepanov --- On 2015-10-27 20:09, joseph at codesourcery dot com wrote: > I think it's undefined at the point where a type exceeds the limit on the > size of an object (half the address space minus one byte) Wait

[Bug c/68065] Size calculations for VLAs can overflow

2015-10-28 Thread ebotcazou at gcc dot gnu.org
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=68065 Eric Botcazou changed: What|Removed |Added CC||ebotcazou at gcc dot gnu.org --- Comment

[Bug c/68065] Size calculations for VLAs can overflow

2015-10-28 Thread joseph at codesourcery dot com
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=68065 --- Comment #11 from joseph at codesourcery dot com --- On Wed, 28 Oct 2015, ch3root at openwall dot com wrote: > --- Comment #10 from Alexander Cherepanov --- > On 2015-10-27 20:09, joseph at codesourcery dot com wrote: > > I think it's undefi

[Bug c/68065] Size calculations for VLAs can overflow

2015-10-28 Thread ch3root at openwall dot com
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=68065 --- Comment #10 from Alexander Cherepanov --- On 2015-10-27 20:09, joseph at codesourcery dot com wrote: > I think it's undefined at the point where a type exceeds the limit on the > size of an object This would probably be the most reasonable a

[Bug c/68065] Size calculations for VLAs can overflow

2015-10-27 Thread danielmicay at gmail dot com
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=68065 Daniel Micay changed: What|Removed |Added CC||danielmicay at gmail dot com --- Comment

[Bug c/68065] Size calculations for VLAs can overflow

2015-10-27 Thread joseph at codesourcery dot com
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=68065 --- Comment #8 from joseph at codesourcery dot com --- I think it's undefined at the point where a type exceeds the limit on the size of an object (half the address space minus one byte), whether or not sizeof is used or any object with that ty

[Bug c/68065] Size calculations for VLAs can overflow

2015-10-27 Thread ch3root at openwall dot com
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=68065 --- Comment #7 from Alexander Cherepanov --- On 2015-10-27 03:15, joseph at codesourcery dot com wrote: >> VLA size overflow is very similar to overflow in "new". Shouldn't it be >> handled in a similar way? > > I'm thinking of it as essentially

[Bug c/68065] Size calculations for VLAs can overflow

2015-10-26 Thread joseph at codesourcery dot com
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=68065 --- Comment #6 from joseph at codesourcery dot com --- On Tue, 27 Oct 2015, ch3root at openwall dot com wrote: > > VLA size overflow, however, is undefined behavior at runtime, not compile > > time, hence a matter for ubsan. > > VLA size overfl

[Bug c/68065] Size calculations for VLAs can overflow

2015-10-26 Thread ch3root at openwall dot com
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=68065 --- Comment #5 from Alexander Cherepanov --- On 2015-10-27 02:27, joseph at codesourcery dot com wrote: > https://gcc.gnu.org/bugzilla/show_bug.cgi?id=68065 > > --- Comment #4 from joseph at codesourcery dot com dot com> --- > On Mon, 26 Oct 201

[Bug c/68065] Size calculations for VLAs can overflow

2015-10-26 Thread joseph at codesourcery dot com
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=68065 --- Comment #4 from joseph at codesourcery dot com --- On Mon, 26 Oct 2015, ch3root at openwall dot com wrote: > The core issue is an overflow in size computations which is not limited to > VLA. > You can as easily get a crash with non-VLA-arra

[Bug c/68065] Size calculations for VLAs can overflow

2015-10-26 Thread ch3root at openwall dot com
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=68065 --- Comment #3 from Alexander Cherepanov --- (In reply to jos...@codesourcery.com from comment #2) > This seems like a matter for -fsanitize=undefined UBSAN is intended to help with invalid programs but this code looks like valid. Hence diagnos

[Bug c/68065] Size calculations for VLAs can overflow

2015-10-23 Thread joseph at codesourcery dot com
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=68065 --- Comment #2 from joseph at codesourcery dot com --- This seems like a matter for -fsanitize=undefined as I suggested in .

[Bug c/68065] Size calculations for VLAs can overflow

2015-10-23 Thread pinskia at gcc dot gnu.org
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=68065 --- Comment #1 from Andrew Pinski --- VLA also does not detect stack overflows either.