https://gcc.gnu.org/bugzilla/show_bug.cgi?id=103730
Bug ID: 103730
Summary: ubsan: store with insufficient space for an object of
type
Product: gcc
Version: 12.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: sanitizer
Assignee: unassigned at gcc dot gnu.org
Reporter: jan.smets at nokia dot com
CC: dodji at gcc dot gnu.org, dvyukov at gcc dot gnu.org,
jakub at gcc dot gnu.org, kcc at gcc dot gnu.org, marxin at
gcc dot gnu.org
Target Milestone: ---
Following testcase produces an ubsan runtime error in GCC 10.2/11.3/trunk
gcc test.c -o /tmp/test -O2 -Wall -Wextra -fsanitize=undefined && /tmp/test
typedef int (logger_args_to_string)(void *event, void *pEntry);
typedef struct logger_msginfo
{
#if 1 // OK when excluded
void *test;
#endif
logger_args_to_string *Fn;
} logger_msginfo;
logger_msginfo x;
logger_msginfo *logger = &x;
void call( void )
{
logger->Fn = (logger_args_to_string*) 0x1234; // Happy
((logger_msginfo *) & logger[0])->Fn = (logger_args_to_string*) 0x1234; //
Happy
((logger_msginfo *) & logger)->Fn = (logger_args_to_string*) 0x1234; //
store with insufficient space... , trunk gives array-bounds warning here too -
but not on the line above.
}
int main(void) {
call();
return 0;
}
