From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: by sourceware.org (Postfix, from userid 48) id 5752F3858D38; Wed, 11 Jan 2023 12:34:33 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 5752F3858D38 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gcc.gnu.org; s=default; t=1673440473; bh=UGReFGa1vOqXnZqoT2BPbCHOEqn8VSjd7Lbkv5OlTJA=; h=From:To:Subject:Date:In-Reply-To:References:From; b=IaO8tt1M/+kE+lunlI8PQeHIFShI31EXq5LLc7A20Z8ipMhaKebzJdEUEfTe2rWZZ g4yZ1rh3YeFiA8Vj6sJ5e4trSUZ28fRF0mj5qAtnkZVt+FvsnFwFUE6DbeCOvhZYUp rrLTdSiawlFs6TmTwbCc/7+JVCopmIb5phekOcew= From: "rguenth at gcc dot gnu.org" To: gcc-bugs@gcc.gnu.org Subject: [Bug tree-optimization/108366] [12/13 Regression] Spurious stringop overflow, possibly alias-related since r12-145-gd1d01a66012a93cc Date: Wed, 11 Jan 2023 12:34:32 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: gcc X-Bugzilla-Component: tree-optimization X-Bugzilla-Version: 12.2.0 X-Bugzilla-Keywords: diagnostic, missed-optimization X-Bugzilla-Severity: normal X-Bugzilla-Who: rguenth at gcc dot gnu.org X-Bugzilla-Status: NEW X-Bugzilla-Resolution: X-Bugzilla-Priority: P3 X-Bugzilla-Assigned-To: unassigned at gcc dot gnu.org X-Bugzilla-Target-Milestone: 12.3 X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: keywords cf_reconfirmed_on bug_status everconfirmed Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: http://gcc.gnu.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 List-Id: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=3D108366 Richard Biener changed: What |Removed |Added ---------------------------------------------------------------------------- Keywords| |missed-optimization Last reconfirmed| |2023-01-11 Status|UNCONFIRMED |NEW Ever confirmed|0 |1 --- Comment #4 from Richard Biener --- Warns from #1 0x00000000013bc420 in warn_for_access (loc=3D2147485003,=20 func=3D, exp=3D,=20 opt=3D761, range=3D0x7fffffffd560, size=3D,= =20 write=3Dtrue, read=3Dfalse, maybe=3Dfalse) at /home/rguenther/src/gcc-12-branch/gcc/gimple-ssa-warn-access.cc:995 (gdb) l 990 } 991 992 if (write) 993 { 994 if (tree_int_cst_equal (range[0], range[1])) 995 warned =3D (func 996 ? warning_n (loc, opt, tree_to_uhwi (range[0]), 997 (maybe 998 ? G_("%qD may write %E byte into a region " 999 "of size %E") (gdb) p debug_gimple_stmt (exp) # .MEM_2 =3D VDEF <.MEM_23> memset (&MEM [(void *)&actual], 65, 128); on a path where actual.m_outline =3D=3D nullptr for some unknown reason we reload actual.m_outline in the loop, likely because storing to it is thought to clobber actual.m_outline (which is initialized from a new expression). Note 'actual' escapes the function via the printf call and 'new' can inspect/clobber globals. We're also "bad" in computing points-to info because of the memset(buffer.data(), 'A', new_size); which with char* data() { if (m_outline) return m_outline; return reinterpret_cast(m_inline); } simply clobbers the whole object (with our points-to analysis). Helping the compiler and doing auto *b =3D buffer.m_outline; for (unsigned i =3D 0; i < 128; ++i) b[i] =3D 0; allows it to optimize and avoid the diagnostic. Using buffer.m_outline in the memset instead of buffer.data () would probably work as well.=