[Bug tree-optimization/107395] New: Missed warning opportunity on bultin string optimization

[Bug tree-optimization/107395] New: Missed warning opportunity on bultin string optimization

[nrk at disroot dot org]

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107395

            Bug ID: 107395
           Summary: Missed warning opportunity on bultin string
                    optimization
           Product: gcc
           Version: 12.2.0
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: tree-optimization
          Assignee: unassigned at gcc dot gnu.org
          Reporter: nrk at disroot dot org
  Target Milestone: ---

In the first case, it optimizes the strlen call with 0, with the assumption
that
for a single byte array to be a valid string, it has to be 0 len; while it can
clearly see that *s != '\0'

In the 2nd case, it optimizes the call out to 2, which is correct.
But in the 3rd case (with missing nul-byte) it figures something is wrong and
just goes ahead an let's the libc strlen deal with it.

In both cases (f and f3) it should be possible (I assume without too much
effort, given that f3 seems to be aware of something going wrong) to detect
that strlen is being called with a non-nul-terminated byte array and issue a
warning.

Perhaps a good candidate for -Wstringop-overread ?

        #include <string.h>

        size_t f(void) {
                char s[1] = "h";
                return strlen(s); /* "optimized out" to 0 */
        }

        size_t f2(void) {
                char s[] = "hi";
                return strlen(s); /* optimized out to 2 */
        }

        size_t f3(void) {
                char s[2] = "hi";
                return strlen(s); /* calls strlen */
        }


Tested with gcc 12.2, compiled with -O2 (https://godbolt.org/z/1KW7qna1E)

[Bug tree-optimization/107395] Missed warning opportunity on builtin string optimization

[marxin at gcc dot gnu.org]

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107395

Martin Liška <marxin at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |marxin at gcc dot gnu.org

--- Comment #1 from Martin Liška <marxin at gcc dot gnu.org> ---
Note C++ warns about it:

$ g++ pr107395.c -c
pr107395.c: In function ‘size_t f()’:
pr107395.c:4:29: error: initializer-string for ‘char [1]’ is too long
[-fpermissive]
    4 |                 char s[1] = "h";
      |                             ^~~
pr107395.c: In function ‘size_t f3()’:
pr107395.c:14:29: error: initializer-string for ‘char [2]’ is too long
[-fpermissive]
   14 |                 char s[2] = "hi";
      |                             ^~~~

[Bug tree-optimization/107395] Missed warning opportunity on builtin string optimization

[nrk at disroot dot org]

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107395

--- Comment #2 from nrk at disroot dot org ---
That c++ warning is unrelated to the bug report, it's warning about
initialization; which you can easily replace them with { 'h' } and { 'h', 'i' }
to silence; but not warning about the fact that non-null-terminated byte array
is being passed to function which expects a string.

https://godbolt.org/z/o3ov5qEoa