[Bug sanitizer/109980] New: Bogus Wstringop-overflow and Wstringop-overread warnings when attribute `access` is applied to struct arg

public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed

* [Bug sanitizer/109980] New: Bogus Wstringop-overflow and Wstringop-overread warnings when attribute `access` is applied to struct arg
@ 2023-05-26  7:47 hacatu5000 at gmail dot com
  2023-05-27  1:39 ` [Bug sanitizer/109980] " pinskia at gcc dot gnu.org
  0 siblings, 1 reply; 2+ messages in thread
From: hacatu5000 at gmail dot com @ 2023-05-26  7:47 UTC (permalink / raw)
  To: gcc-bugs

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=109980

            Bug ID: 109980
           Summary: Bogus Wstringop-overflow and Wstringop-overread
                    warnings when attribute `access` is applied to struct
                    arg
           Product: gcc
           Version: 13.1.1
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: sanitizer
          Assignee: unassigned at gcc dot gnu.org
          Reporter: hacatu5000 at gmail dot com
                CC: dodji at gcc dot gnu.org, dvyukov at gcc dot gnu.org,
                    jakub at gcc dot gnu.org, kcc at gcc dot gnu.org, marxin at gcc dot gnu.org
  Target Milestone: ---

I'm getting incorrect warnings for some functions using the `access` attribute.
 I've managed to reduce the code that produces the error to this:

========== access.c ==========
typedef struct{
    int value, decoy;
} S;

[[gnu::access(read_write, 1)]]
int S_rw(S *self){
    return self->value += 1;
}

[[gnu::access(read_only, 1)]]
int S_ro(const S *self){
    return self->value;
}

int S_test(S *tmps){
    return tmps[1].value && S_rw(tmps + 1) && S_ro(tmps + 1);
}
====================

========== compiler options (13.1.1 20230429 x86_64-pc-linux-gnu) ==========
gcc -std=c2x -fsanitize=object-size -O1 -c access.c
====================

========== output ==========
access.c: In function ‘S_test’:
access.c:16:33: warning: ‘S_rw’ accessing 8 bytes in a region of size 4
[-Wstringop-overflow=]
   16 |         return tmps[1].value && S_rw(tmps + 1) && S_ro(tmps + 1);
      |                                 ^~~~~~~~~~~~~~
access.c:6:5: note: in a call to function ‘S_rw’ declared with attribute
‘access (read_write, 1)’
    6 | int S_rw(S *self){
      |     ^~~~
access.c:16:51: warning: ‘S_ro’ reading 8 bytes from a region of size 4
[-Wstringop-overread]
   16 |         return tmps[1].value && S_rw(tmps + 1) && S_ro(tmps + 1);
      |                                                   ^~~~~~~~~~~~~~
access.c:2:13: note: source object ‘value’ of size 4
    2 |         int value, decoy;
      |             ^~~~~
access.c:11:5: note: in a call to function ‘S_ro’ declared with attribute
‘access (read_only, 1)’
   11 | int S_ro(const S *self){
      |
====================

These incorrect warnings occur regardless of -Wall, -Wextra, and
-fno-strict-aliasing.  However, the warnings go away if I remove ANY OF:
- the field `decoy`
- the `access` annotations
- the `tmps[1].value` argument to `&&`
- `-fsanitize=object-size`
- `-O1`

This looks extremely similar to
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105689
but I do not get bogus warnings at `-O2`, only with `-fsanitize=object-size`
(an `-O1`).  In fact, these warnings GO AWAY when I use both
`-fsanitize=object-size` and `-O2`.
Additionally, I'm seeing invalid -Wstringop-overread, not just
-Wstringop-overflow, although the latter is probably caused by the same CSE bug
that causes these very similar warnings in slightly different circumstances.

^ permalink raw reply	[flat|nested] 2+ messages in thread

* [Bug sanitizer/109980] Bogus Wstringop-overflow and Wstringop-overread warnings when attribute `access` is applied to struct arg
  2023-05-26  7:47 [Bug sanitizer/109980] New: Bogus Wstringop-overflow and Wstringop-overread warnings when attribute `access` is applied to struct arg hacatu5000 at gmail dot com
@ 2023-05-27  1:39 ` pinskia at gcc dot gnu.org
  0 siblings, 0 replies; 2+ messages in thread
From: pinskia at gcc dot gnu.org @ 2023-05-27  1:39 UTC (permalink / raw)
  To: gcc-bugs

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=109980

Andrew Pinski <pinskia at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
     Ever confirmed|0                           |1
             Status|UNCONFIRMED                 |NEW
   Last reconfirmed|                            |2023-05-27

--- Comment #1 from Andrew Pinski <pinskia at gcc dot gnu.org> ---
Confirmed.

Note the -O2 difference just comes from inlining.
So you could get away with just this for getting the warning:
```
typedef struct{
    int value, decoy;
} S;

[[gnu::access(read_write, 1)]]
int S_rw(S *self);

[[gnu::access(read_only, 1)]]
int S_ro(const S *self);

int S_test(S *tmps){
    return tmps[1].value && S_rw(tmps + 1) && S_ro(tmps + 1);
}
```

^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2023-05-27  1:39 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-05-26  7:47 [Bug sanitizer/109980] New: Bogus Wstringop-overflow and Wstringop-overread warnings when attribute `access` is applied to struct arg hacatu5000 at gmail dot com
2023-05-27  1:39 ` [Bug sanitizer/109980] " pinskia at gcc dot gnu.org

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).