https://gcc.gnu.org/bugzilla/show_bug.cgi?id=66661
Bug ID: 66661
Summary: incorrect memory access in optimization with flexible
array member
Product: gcc
Version: 5.1.1
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: c
Assignee: unassigned at gcc dot gnu.org
Reporter: P at draigBrady dot com
Target Milestone: ---
On a heap allocated structure, direct access to flexible array members with
optimization at -O2 can result in reads to memory beyond the heap object.
I.E. gcc assumes alignment/padding is allocated when accessing flexible array
members. The attached file is a summary of the code involved though does _not_
reproduce the issue.
To reproduce one can:
git clone --depth=1 git://git.sv.gnu.org/coreutils.git
cd coreutils/
git checkout 53883af0
export LSAN_OPTIONS=exitcode=0
./bootstrap && ./configure --quiet && \
make -j8 AM_CFLAGS='-fsanitize=address -fsanitize=undefined'
src/chmod a+rx ..
Also attached is the disassembly of the problematic code,
and for comparison good code achieved by using a (char*) cast
on the flexi array to force byte at a time access.
