https://gcc.gnu.org/bugzilla/show_bug.cgi?id=116984
qinzhao at gcc dot gnu.org changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |qinzhao at gcc dot gnu.org
--- Comment #10 from qinzhao at gcc dot gnu.org ---
(In reply to Kees Cook from comment #4)
> (In reply to Andrew Pinski from comment #1)
> > I don't think so since &p->array[negative] is undefined behavior even inside
> > a dynamic boz.
>
> Without counted_by, that is true. With counted_by all out of bounds
> calculations are defined to result in a 0 bdos.
The negative "counted_by" values will be treated as "zero" value, then the
corresponding SIZE of the FAM is zero.
However, the "counted_by" value should NOT impact the array index, therefore,
for
&p->array[negative]
since the index of the array is NEGATIVE, it's reasonable for the sanitizer to
report the error.
so, from my understanding, the behavior of the testing case is correct.
