https://gcc.gnu.org/bugzilla/show_bug.cgi?id=62089
Bug ID: 62089 Summary: Sanitizer may fail to instrument struct accesses Product: gcc Version: 4.10.0 Status: UNCONFIRMED Severity: normal Priority: P3 Component: sanitizer Assignee: unassigned at gcc dot gnu.org Reporter: y.gribov at samsung dot com CC: dodji at gcc dot gnu.org, dvyukov at gcc dot gnu.org, jakub at gcc dot gnu.org, kcc at gcc dot gnu.org Asan does not emit memory checks in copy_fs_struct function and thus fails to detect invalid access (the code based upon fs_struct.c from Linux kernel): #include <sanitizer/asan_interface.h> struct vfsmount {}; struct dentry {}; struct path { struct vfsmount *mnt; struct dentry *dentry; }; struct fs_struct { int users; int lock; int seq; int umask; int in_exec; struct path root, pwd; }; void __attribute__((noinline, noclone)) copy_fs_struct(struct fs_struct *a, struct fs_struct *b) { a->root = b->root; } struct fs_struct a, b; int main () { __asan_poison_memory_region (&a.root, sizeof (a.root)); copy_fs_struct (&a, &b); return 0; }