[Bug c++/103483] New: constexpr basic_string triggers stringop-overread

public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed

From: "john at mcfarlane dot name" <gcc-bugzilla@gcc.gnu.org>
To: gcc-bugs@gcc.gnu.org
Subject: [Bug c++/103483] New: constexpr basic_string triggers stringop-overread
Date: Tue, 30 Nov 2021 04:27:56 +0000	[thread overview]
Message-ID: <bug-103483-4@http.gcc.gnu.org/bugzilla/> (raw)

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=103483

            Bug ID: 103483
           Summary: constexpr basic_string triggers stringop-overread
           Product: gcc
           Version: 12.0
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: c++
          Assignee: unassigned at gcc dot gnu.org
          Reporter: john at mcfarlane dot name
  Target Milestone: ---

As of 9a27acc30a34b7854db32eac562306cebac6fa1e, "Make full use of
context-sensitive ranges in access warnings.", this source.cpp

#include <string>
template <int a> void c(int d) {
  char buffer[a] = {};
  std::string(buffer, buffer+d);
}
int main() { c<1>(1); }

with command line: `~/gcc-head/bin/g++ -Werror=stringop-overread -O1 -std=c++20
source.cpp` emits:

/home/john/ws/wide/cnl/build/source.cpp
In file included from /home/john/gcc-head/include/c++/12.0.0/string:40,
                 from /home/john/ws/wide/cnl/build/source.cpp:1:
In static member function ‘static constexpr std::char_traits<char>::char_type*
std::char_traits<char>::copy(std::char_traits<char>::char_type*, const
std::char_traits<char>::char_type*, std::size_t)’,
    inlined from ‘static void std::__cxx11::basic_string<_CharT, _Traits,
_Alloc>::_S_copy(_CharT*, const _CharT*, std::__cxx11::basic_string<_CharT,
_Traits, _Alloc>::size_type) [with _CharT = char; _Traits =
std::char_traits<char>; _Alloc = std::allocator<char>]’ at
/home/john/gcc-head/include/c++/12.0.0/bits/basic_string.h:361:21,
    inlined from ‘static void std::__cxx11::basic_string<_CharT, _Traits,
_Alloc>::_S_copy_chars(_CharT*, _CharT*, _CharT*) [with _CharT = char; _Traits
= std::char_traits<char>; _Alloc = std::allocator<char>]’ at
/home/john/gcc-head/include/c++/12.0.0/bits/basic_string.h:403:16,
    inlined from ‘void std::__cxx11::basic_string<_CharT, _Traits,
_Alloc>::_M_construct(_InIterator, _InIterator, std::forward_iterator_tag)
[with _FwdIterator = char*; _CharT = char; _Traits = std::char_traits<char>;
_Alloc = std::allocator<char>]’ at
/home/john/gcc-head/include/c++/12.0.0/bits/basic_string.tcc:225:25,
    inlined from ‘void std::__cxx11::basic_string<_CharT, _Traits,
_Alloc>::_M_construct_aux(_InIterator, _InIterator, std::__false_type) [with
_InIterator = char*; _CharT = char; _Traits = std::char_traits<char>; _Alloc =
std::allocator<char>]’ at
/home/john/gcc-head/include/c++/12.0.0/bits/basic_string.h:257:23,
    inlined from ‘void std::__cxx11::basic_string<_CharT, _Traits,
_Alloc>::_M_construct(_InIterator, _InIterator) [with _InIterator = char*;
_CharT = char; _Traits = std::char_traits<char>; _Alloc =
std::allocator<char>]’ at
/home/john/gcc-head/include/c++/12.0.0/bits/basic_string.h:276:20,
    inlined from ‘std::__cxx11::basic_string<_CharT, _Traits,
_Alloc>::basic_string(_InputIterator, _InputIterator, const _Alloc&) [with
_InputIterator = char*; <template-parameter-2-2> = void; _CharT = char; _Traits
= std::char_traits<char>; _Alloc = std::allocator<char>]’ at
/home/john/gcc-head/include/c++/12.0.0/bits/basic_string.h:645:16,
    inlined from ‘void c(int) [with int a = 1]’ at
/home/john/ws/wide/cnl/build/source.cpp:4:8:
/home/john/gcc-head/include/c++/12.0.0/bits/char_traits.h:355:56: error: ‘void*
__builtin_memcpy(void*, const void*, long unsigned int)’ reading between 2 and
2147483647 bytes from a region of size 1 [-Werror=stringop-overread]
  355 |         return static_cast<char_type*>(__builtin_memcpy(__s1, __s2,
__n));
      |                                       
~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~
/home/john/ws/wide/cnl/build/source.cpp: In function ‘void c(int) [with int a =
1]’:
/home/john/ws/wide/cnl/build/source.cpp:3:8: note: source object ‘buffer’ of
size 1
    3 |   char buffer[a] = {};
      |        ^~~~~~
cc1plus: some warnings being treated as errors

Still emitting this warning as of SHA 909b30a17e71253772d2cb174d0dae6d0b8c9401
Compiler Explorer: https://godbolt.org/z/n9cqarErc
Also emits array-bounds warning with `-Wall -Wno-stringop-overread`.
If this is a dupe of an 88443 issue, I'm not sure which one.

next             reply	other threads:[~2021-11-30  4:27 UTC|newest]

Thread overview: 28+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-11-30  4:27 john at mcfarlane dot name [this message]
2021-11-30  4:39 ` [Bug c++/103483] context-sensitive ranges change " pinskia at gcc dot gnu.org
2021-11-30 12:11 ` redi at gcc dot gnu.org
2021-11-30 17:56 ` [Bug middle-end/103483] " msebor at gcc dot gnu.org
2021-11-30 18:13 ` msebor at gcc dot gnu.org
2021-11-30 22:33 ` john at mcfarlane dot name
2021-12-01 16:38 ` aldyh at gcc dot gnu.org
2021-12-01 16:53 ` redi at gcc dot gnu.org
2021-12-01 23:38 ` pinskia at gcc dot gnu.org
2021-12-01 23:44 ` pinskia at gcc dot gnu.org
2021-12-02 22:14 ` msebor at gcc dot gnu.org
2021-12-09 23:24 ` cvs-commit at gcc dot gnu.org
2021-12-10 22:10 ` jason at gcc dot gnu.org
2021-12-11  0:56 ` msebor at gcc dot gnu.org
2021-12-11 22:43 ` jason at gcc dot gnu.org
2022-01-17 22:44 ` [Bug middle-end/103483] [12 regression] " jason at gcc dot gnu.org
2022-01-17 23:10 ` amacleod at redhat dot com
2022-01-18  0:47 ` msebor at gcc dot gnu.org
2022-01-28  2:02 ` pinskia at gcc dot gnu.org
2022-01-28  5:03 ` jason at gcc dot gnu.org
2022-01-28  6:38 ` law at gcc dot gnu.org
2022-01-28  7:48 ` redi at gcc dot gnu.org
2022-01-28 15:23 ` law at gcc dot gnu.org
2022-03-09 14:11 ` rguenth at gcc dot gnu.org
2022-03-14 23:58 ` msebor at gcc dot gnu.org
2022-05-06  8:32 ` [Bug middle-end/103483] [12/13 " jakub at gcc dot gnu.org
2022-10-19  9:43 ` rguenth at gcc dot gnu.org
2023-05-08 12:23 ` [Bug middle-end/103483] [12/13/14 " rguenth at gcc dot gnu.org

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=bug-103483-4@http.gcc.gnu.org/bugzilla/ \
    --to=gcc-bugzilla@gcc.gnu.org \
    --cc=gcc-bugs@gcc.gnu.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).