[llvm-dev] [Sanitizer] Sanitizer does not identify violation
Mahesh Attarde via llvm-dev
llvm-dev at lists.llvm.org
Sat Nov 4 12:01:19 PDT 2017
Hello fellas,
Recently i was working on bug, which is simplified as follow.
===================================================================================================================
Code:
#include<iostream>
int thisShallError(int b[10]){
int gaurdTop = 0xF0F0;
int c[16] = {0};
int gaurdDown[16];
gaurdDown[0] = 0x0F0F;
return c[16] | b[11];
}
int main(){
int mb[32]={0};
mb[11] = 0xF0F0;
std::cout<<std::hex << thisShallError(mb);
return 0;
}
Warning:
4 : <source>:4:9: warning: unused variable 'gaurdTop'
[-Wunused-variable] <https://godbolt.org/#>
int gaurdTop = 0xF0F0;
^
8 : <source>:8:12: warning: array index 16 is past the end of the
array (which contains 16 elements) [-Warray-bounds]
<https://godbolt.org/#>
return c[16] | b[11];
^ ~~
5 : <source>:5:5: note: array 'c' declared here <https://godbolt.org/#>
int c[16] = {0};
^
2 warnings generated.
Compiler exited with result code 0
===============================================================================
Things to note here.
1. variable b's size is know at compile time and i was expecting error just
like c [third warning]
2. thisShallError accepts size of array as 10 but it is clearly declared
with 32. Should we do something. [Given fact that Array will decay to
pointer but sanitizer may warn, if possible]
I want to confirm if this is bug or not,sanitizer has no false positive
rule scenario??, will happy to patch it myself :)
Thanks
Mahesh
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-dev/attachments/20171105/3c6c34de/attachment.html>
More information about the llvm-dev
mailing list