https://gcc.gnu.org/bugzilla/show_bug.cgi?id=98623
Bug ID: 98623 Summary: sanitizer does not diagnose when passing pointers to arrays of incorrect run-time length Product: gcc Version: 11.0 Status: UNCONFIRMED Severity: normal Priority: P3 Component: sanitizer Assignee: unassigned at gcc dot gnu.org Reporter: muecker at gwdg dot de CC: dodji at gcc dot gnu.org, dvyukov at gcc dot gnu.org, jakub at gcc dot gnu.org, kcc at gcc dot gnu.org, marxin at gcc dot gnu.org Target Milestone: --- In the following example, there is no run-time error with -fsanitize=undefined although the pointer types for the second argument are required to point to compatible types and it is UB when variably modified types have non-matching lengths when they are required to be compatible (6.7.6.2p6). From a practical point of view, this would very desirable as it would close the last loop-hole that prevents one from having proper bounds checking when using pointers to VLAs. (In this case, but not in general, it should also be possible to emit an error at compile time.) extern void f(int n, double (*x)[n]); int main() { double a[10]; f(9, &a); }