public inbox for gcc-bugs@sourceware.org help / color / mirror / Atom feed
From: "rguenth at gcc dot gnu.org" <gcc-bugzilla@gcc.gnu.org> To: gcc-bugs@gcc.gnu.org Subject: [Bug middle-end/103483] [12 regression] context-sensitive ranges change triggers stringop-overread Date: Wed, 09 Mar 2022 14:11:00 +0000 [thread overview] Message-ID: <bug-103483-4-JDnIlD5EkL@http.gcc.gnu.org/bugzilla/> (raw) In-Reply-To: <bug-103483-4@http.gcc.gnu.org/bugzilla/> https://gcc.gnu.org/bugzilla/show_bug.cgi?id=103483 --- Comment #22 from Richard Biener <rguenth at gcc dot gnu.org> --- There isn't going to be a good solution that makes all folks happy - we'd either have false negatives or false positives. It is true that we're accumulating more and more cases where the user gets the impression we want to warn about int a[16]; void foo (size_t len) { memset (a, 0, len); } like warning: memset called with unbound 'len' argument to buffer of size 16 for example we do not diagnose int a[2]; void foo (unsigned len) { if (len == 1 || len == 20) __builtin_memset (a, 0, len); } even though with len == 20 this is out of bounds. Instead we only diagnose if both possible accesses are out of bounds but we fail to see that in the 'else' case we do not call memset at all. What's the real difference to the len == 1 case that makes us to not emit the diagnostics here? What we traditionally consider as "always" and "maybe" is also blurry with more and more IPA optimization (functions are always only "maybe" executed). What static analyzers and fuzzers do is isolate every possible path, sensible or not, and diagnose those. We're getting closer to that (but every non-sensical isolated path also consumes object space).
next prev parent reply other threads:[~2022-03-09 14:11 UTC|newest] Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top 2021-11-30 4:27 [Bug c++/103483] New: constexpr basic_string " john at mcfarlane dot name 2021-11-30 4:39 ` [Bug c++/103483] context-sensitive ranges change " pinskia at gcc dot gnu.org 2021-11-30 12:11 ` redi at gcc dot gnu.org 2021-11-30 17:56 ` [Bug middle-end/103483] " msebor at gcc dot gnu.org 2021-11-30 18:13 ` msebor at gcc dot gnu.org 2021-11-30 22:33 ` john at mcfarlane dot name 2021-12-01 16:38 ` aldyh at gcc dot gnu.org 2021-12-01 16:53 ` redi at gcc dot gnu.org 2021-12-01 23:38 ` pinskia at gcc dot gnu.org 2021-12-01 23:44 ` pinskia at gcc dot gnu.org 2021-12-02 22:14 ` msebor at gcc dot gnu.org 2021-12-09 23:24 ` cvs-commit at gcc dot gnu.org 2021-12-10 22:10 ` jason at gcc dot gnu.org 2021-12-11 0:56 ` msebor at gcc dot gnu.org 2021-12-11 22:43 ` jason at gcc dot gnu.org 2022-01-17 22:44 ` [Bug middle-end/103483] [12 regression] " jason at gcc dot gnu.org 2022-01-17 23:10 ` amacleod at redhat dot com 2022-01-18 0:47 ` msebor at gcc dot gnu.org 2022-01-28 2:02 ` pinskia at gcc dot gnu.org 2022-01-28 5:03 ` jason at gcc dot gnu.org 2022-01-28 6:38 ` law at gcc dot gnu.org 2022-01-28 7:48 ` redi at gcc dot gnu.org 2022-01-28 15:23 ` law at gcc dot gnu.org 2022-03-09 14:11 ` rguenth at gcc dot gnu.org [this message] 2022-03-14 23:58 ` msebor at gcc dot gnu.org 2022-05-06 8:32 ` [Bug middle-end/103483] [12/13 " jakub at gcc dot gnu.org 2022-10-19 9:43 ` rguenth at gcc dot gnu.org 2023-05-08 12:23 ` [Bug middle-end/103483] [12/13/14 " rguenth at gcc dot gnu.org
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=bug-103483-4-JDnIlD5EkL@http.gcc.gnu.org/bugzilla/ \ --to=gcc-bugzilla@gcc.gnu.org \ --cc=gcc-bugs@gcc.gnu.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).