public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed
From: "msebor at gcc dot gnu.org" <gcc-bugzilla@gcc.gnu.org>
To: gcc-bugs@gcc.gnu.org
Subject: [Bug middle-end/103483] context-sensitive ranges change triggers stringop-overread
Date: Thu, 02 Dec 2021 22:14:28 +0000	[thread overview]
Message-ID: <bug-103483-4-KVKVovojP6@http.gcc.gnu.org/bugzilla/> (raw)
In-Reply-To: <bug-103483-4@http.gcc.gnu.org/bugzilla/>

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=103483

Martin Sebor <msebor at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
           Keywords|missed-optimization         |

--- Comment #10 from Martin Sebor <msebor at gcc dot gnu.org> ---
Using -O2 doesn't avoid the warning in general.  The following C test case
reproduces an equivalent warning at all optimization levels (with GCC 11 it
triggers a -Warray-bounds only).  The warning works as designed.  If you don't
want these warnings to trigger on these cases we need change the design,
starting with outlining the conditions under which they should trigger.  As it
is, they all trigger for every invalid call in the IL, whether it's in the
source code of the original test case, or in the standard library headers (like
in the case of std::string) inlined into user code, or whether it's isolated by
the compiler.  Fiddling with optimization levels, disabling them for system
headers, or other heuristics won't prevent them under other conditions.

$ cat t.c && gcc -O2 -S -Wall -fdump-tree-optimized=/dev/stdout
-Wno-array-bounds t.c
static inline __attribute__ ((always_inline))
void f (char *d, const char *s, __SIZE_TYPE__ n)
{
  if (n == 1)
    *d = *s;
  else
    __builtin_memcpy (d, s, n);
}

static inline  __attribute__ ((always_inline))
void ff (char *d, const char *s0, const char *s1)
{
  f (d, s0, s1 - s0);
}

void g (void*);

void h (int n)
{
  char a[1] = "";
  char b[16];
  if (n)
    ff (b, a, a + n);
  g (b);
}

;; Function h (h, funcdef_no=2, decl_uid=1990, cgraph_uid=3, symbol_order=2)

Removing basic block 7
void h (int n)
{
  char b[16];
  char a[1];
  sizetype _1;

  <bb 2> [local count: 1073741824]:
  a = "";
  if (n_5(D) != 0)
    goto <bb 3>; [50.00%]
  else
    goto <bb 6>; [50.00%]

  <bb 3> [local count: 536870913]:
  _1 = (sizetype) n_5(D);
  if (_1 == 1)
    goto <bb 4>; [51.12%]
  else
    goto <bb 5>; [48.88%]

  <bb 4> [local count: 274448412]:
  MEM[(char *)&b] = 0;
  goto <bb 6>; [100.00%]

  <bb 5> [local count: 262422500]:
  __builtin_memcpy (&b, &a, _1);

  <bb 6> [local count: 1073741824]:
  g (&b);
  a ={v} {CLOBBER};
  b ={v} {CLOBBER};
  return;

}


In function ‘f’,
    inlined from ‘ff’ at t.c:13:3,
    inlined from ‘h’ at t.c:23:5:
t.c:7:5: warning: ‘__builtin_memcpy’ reading 2 or more bytes from a region of
size 1 [-Wstringop-overread]
    7 |     __builtin_memcpy (d, s, n);
      |     ^~~~~~~~~~~~~~~~~~~~~~~~~~
t.c: In function ‘h’:
t.c:20:8: note: source object ‘a’ of size 1
   20 |   char a[1] = "";
      |        ^

  parent reply	other threads:[~2021-12-02 22:14 UTC|newest]

Thread overview: 28+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-11-30  4:27 [Bug c++/103483] New: constexpr basic_string " john at mcfarlane dot name
2021-11-30  4:39 ` [Bug c++/103483] context-sensitive ranges change " pinskia at gcc dot gnu.org
2021-11-30 12:11 ` redi at gcc dot gnu.org
2021-11-30 17:56 ` [Bug middle-end/103483] " msebor at gcc dot gnu.org
2021-11-30 18:13 ` msebor at gcc dot gnu.org
2021-11-30 22:33 ` john at mcfarlane dot name
2021-12-01 16:38 ` aldyh at gcc dot gnu.org
2021-12-01 16:53 ` redi at gcc dot gnu.org
2021-12-01 23:38 ` pinskia at gcc dot gnu.org
2021-12-01 23:44 ` pinskia at gcc dot gnu.org
2021-12-02 22:14 ` msebor at gcc dot gnu.org [this message]
2021-12-09 23:24 ` cvs-commit at gcc dot gnu.org
2021-12-10 22:10 ` jason at gcc dot gnu.org
2021-12-11  0:56 ` msebor at gcc dot gnu.org
2021-12-11 22:43 ` jason at gcc dot gnu.org
2022-01-17 22:44 ` [Bug middle-end/103483] [12 regression] " jason at gcc dot gnu.org
2022-01-17 23:10 ` amacleod at redhat dot com
2022-01-18  0:47 ` msebor at gcc dot gnu.org
2022-01-28  2:02 ` pinskia at gcc dot gnu.org
2022-01-28  5:03 ` jason at gcc dot gnu.org
2022-01-28  6:38 ` law at gcc dot gnu.org
2022-01-28  7:48 ` redi at gcc dot gnu.org
2022-01-28 15:23 ` law at gcc dot gnu.org
2022-03-09 14:11 ` rguenth at gcc dot gnu.org
2022-03-14 23:58 ` msebor at gcc dot gnu.org
2022-05-06  8:32 ` [Bug middle-end/103483] [12/13 " jakub at gcc dot gnu.org
2022-10-19  9:43 ` rguenth at gcc dot gnu.org
2023-05-08 12:23 ` [Bug middle-end/103483] [12/13/14 " rguenth at gcc dot gnu.org

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=bug-103483-4-KVKVovojP6@http.gcc.gnu.org/bugzilla/ \
    --to=gcc-bugzilla@gcc.gnu.org \
    --cc=gcc-bugs@gcc.gnu.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).