Hello,
the following C++ test case:
struct pollfd
{
int fd;
short int events;
short int revents;
};
struct Pollfd : public pollfd { };
struct Pollfd myfd[10];
int test (void)
{
return __builtin_object_size ((struct pollfd *)myfd, 1);
}
ends up returning 8 from the "test" routine, not 80.
In the real-world application this test case was extracted from,
this causes a call:
poll(myfd, count, 0); // 1 < count < 10
to fail with a "Buffer overflow detected" message at run-time
when building with _FORTIFY_SOURCE = 2 against glibc. [ Here,
there is no explicit cast, but it is implied by the prototype
of the "poll" routine. ]
(Note that in the real-world application, the derived struct Pollfd
has some member functions to construct and pretty-print the structure,
but has no additional data members.)
>From the __builtin_object_size documentation, it's not immediately
clear to me whether this is supposed to work or not:
If the least significant
bit is clear, objects are whole variables, if it is set, a closest
surrounding subobject is considered the object a pointer points to.
Is the presence of the above cast (explicit or implicit) supposed to
modify the notion of "closest surrounding subobject"?
Bye,
Ulrich
--
Dr. Ulrich Weigand
GNU/Linux compilers and toolchain
[email protected]
