https://gcc.gnu.org/bugzilla/show_bug.cgi?id=95279
--- Comment #16 from joseph at codesourcery dot com ---
On Wed, 3 Jun 2020, pinskia at gcc dot gnu.org wrote:
> https://gcc.gnu.org/bugzilla/show_bug.cgi?id=95279
>
> --- Comment #15 from Andrew Pinski ---
> (In reply to jos...@codesourcery.co
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=95279
--- Comment #15 from Andrew Pinski ---
(In reply to jos...@codesourcery.com from comment #14)
> I think it's invalid to refer to element (size_t)-1 of an array; that the
> actual integer value used has to be within the range of available array
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=95279
--- Comment #14 from joseph at codesourcery dot com ---
I think it's invalid to refer to element (size_t)-1 of an array; that the
actual integer value used has to be within the range of available array
elements.
It's entirely possible that suc
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=95279
Jakub Jelinek changed:
What|Removed |Added
CC||jason at gcc dot gnu.org,
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=95279
--- Comment #12 from Marc Glisse ---
(In reply to Jakub Jelinek from comment #10)
> 1 + (size_t) -1 give 0
It wasn't obvious to me that the operation was supposed to happen in some C/C++
type (they don't say which one) or in a mathematical, infi
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=95279
--- Comment #11 from Jakub Jelinek ---
(In reply to Jakub Jelinek from comment #9)
> pointer-overflow is a cheap check without any context, for ptr + off
> it will do
> uintptr_t res = (uintptr_t) ptr + off;
> if (((intptr_t) res) < 0 ? res > (ui
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=95279
--- Comment #10 from Jakub Jelinek ---
(In reply to Marc Glisse from comment #8)
> (In reply to Jakub Jelinek from comment #4)
> > There is nothing wrong on addition of -1, whether signed or cast to
> > size_t/uintptr_t, to a pointer,
>
> Lookin
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=95279
--- Comment #9 from Jakub Jelinek ---
(In reply to Frantisek Sumsal from comment #7)
> Maybe I'm missing something here, but isn't detecting pointer overflows
> (even in cases where it's apparently not an undefined behavior) the sole
> purpose of
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=95279
--- Comment #8 from Marc Glisse ---
(In reply to Jakub Jelinek from comment #4)
> There is nothing wrong on addition of -1, whether signed or cast to
> size_t/uintptr_t, to a pointer,
Looking at the standard (I am not a pro at that), one could e
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=95279
--- Comment #7 from Frantisek Sumsal ---
Maybe I'm missing something here, but isn't detecting pointer overflows (even
in cases where it's apparently not an undefined behavior) the sole purpose of
-fsanitize=pointer-overflow (which, to my knowled
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=95279
--- Comment #6 from Jakub Jelinek ---
How would you know if there is or isn't an object at that those addresses?
Sure, if you in #c4 change p + 1 into p, then it is undefined behavior, but as
I said, UndefinedBehaviorSanitizer has no way to dete
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=95279
--- Comment #5 from Andrey Vihrov ---
Assuming that there indeed is no object at address 0x406310, wouldn't 6.5.6.8
from the C11 standard apply?
> [...] If both the pointer operand and the result point to elements of the same
> array object, or
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=95279
Jakub Jelinek changed:
What|Removed |Added
Status|UNCONFIRMED |RESOLVED
Resolution|---
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=95279
--- Comment #3 from Frantisek Sumsal ---
Original issue: https://github.com/systemd/systemd/issues/15583
Patch: https://github.com/systemd/systemd/pull/15860
Code in question:
https://github.com/systemd/systemd/blob/master/src/libsystemd/sd-bus/b
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=95279
--- Comment #2 from Andrew Pinski ---
Can you show the code inside systemd (and the patch to fix it)? Because
const void *p = (uint8_t*)0x406310;
size_t s = -1;
r = (uint8_t*)p + s;
That is well defined.
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=95279
--- Comment #1 from Andrew Pinski ---
I don't see why this is undefined???
16 matches
Mail list logo
