From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gcc-bugzilla@gcc.gnu.org>
Received: by sourceware.org (Postfix, from userid 48)
	id ABEFE3858D20; Thu, 29 Feb 2024 10:30:13 +0000 (GMT)
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org ABEFE3858D20
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gcc.gnu.org;
	s=default; t=1709202613;
	bh=kfzlzJpiogBSWuf6OVBxCWzzjpjhKn3WXjkcs1StlFs=;
	h=From:To:Subject:Date:In-Reply-To:References:From;
	b=YFhre1LyQ/zdDWGB/YwoV1/05oEt+VIBtFwnTD/4s386c6DIcnD+1OKHbM+SdS19y
	 gt2uHTuJegPqFFVGw8pJPWfNVKMN2vs2anGelRV8a/9Ddp5gMGDESiA5GmCEvrz0+m
	 uv2XHuDyekgesxAwTM12zwFB1YRXERlImy94kGvk=
From: "ro at gcc dot gnu.org" <gcc-bugzilla@gcc.gnu.org>
To: gcc-bugs@gcc.gnu.org
Subject: [Bug analyzer/110483] [14 Regression] Several
 gcc.dg/analyzer/out-of-bounds-diagram-*.c tests FAIL
Date: Thu, 29 Feb 2024 10:30:12 +0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: gcc
X-Bugzilla-Component: analyzer
X-Bugzilla-Version: 14.0
X-Bugzilla-Keywords: testsuite-fail
X-Bugzilla-Severity: normal
X-Bugzilla-Who: ro at gcc dot gnu.org
X-Bugzilla-Status: REOPENED
X-Bugzilla-Resolution: 
X-Bugzilla-Priority: P3
X-Bugzilla-Assigned-To: dmalcolm at gcc dot gnu.org
X-Bugzilla-Target-Milestone: 14.0
X-Bugzilla-Flags: 
X-Bugzilla-Changed-Fields: everconfirmed cf_reconfirmed_on resolution
 bug_status
Message-ID: <bug-110483-4-3M2qAs4BNE@http.gcc.gnu.org/bugzilla/>
In-Reply-To: <bug-110483-4@http.gcc.gnu.org/bugzilla/>
References: <bug-110483-4@http.gcc.gnu.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: http://gcc.gnu.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
List-Id: <gcc-bugs.sourceware.org>

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=3D110483

Rainer Orth <ro at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
     Ever confirmed|0                           |1
   Last reconfirmed|                            |2024-02-29
         Resolution|FIXED                       |---
             Status|RESOLVED                    |REOPENED

--- Comment #5 from Rainer Orth <ro at gcc dot gnu.org> ---
Thanks for the patch.  Last night's bootstrap showed that all C tests PASS =
now.

However, two of the tests FAIL when compiled as C++:

FAIL: c-c++-common/analyzer/out-of-bounds-diagram-3.c  -std=3Dc++98  (test =
for
warnings, line 25)
FAIL: c-c++-common/analyzer/out-of-bounds-diagram-3.c  -std=3Dc++98  at lin=
e 20
(test for warnings, line 19)
FAIL: c-c++-common/analyzer/out-of-bounds-diagram-3.c  -std=3Dc++98  expect=
ed
multiline pattern lines 30-45

and same for -std=3Dc++(14|17|20).  When compiling manually, there's no out=
put at
all.

There's also

FAIL: c-c++-common/analyzer/out-of-bounds-diagram-11.c  -std=3Dc++98  (test=
 for
warnings, line 12)
FAIL: c-c++-common/analyzer/out-of-bounds-diagram-11.c  -std=3Dc++98  expec=
ted
multiline pattern lines 18-36

Here's the full output:

/vol/gcc/src/hg/master/local/gcc/testsuite/c-c++-common/analyzer/out-of-bou=
nds-diagram-11.c:
In function =E2=80=98void test7(std::size_t)=E2=80=99:
/vol/gcc/src/hg/master/local/gcc/testsuite/c-c++-common/analyzer/out-of-bou=
nds-diagram-11.c:41:47:
warning: allocated buffer size is not a multiple of the pointee's size
[CWE-131] [-Wanalyzer-allocation-size]
/vol/gcc/src/hg/master/local/gcc/testsuite/c-c++-common/analyzer/out-of-bou=
nds-diagram-11.c:41:47:
note: (1) allocated =E2=80=98((size * 4) + 3)=E2=80=99 bytes and assigned t=
o =E2=80=98int32_t*=E2=80=99 {aka
=E2=80=98int*=E2=80=99} here; =E2=80=98sizeof (int32_t {aka int})=E2=80=99 =
is =E2=80=984=E2=80=99
/vol/gcc/src/hg/master/local/gcc/testsuite/c-c++-common/analyzer/out-of-bou=
nds-diagram-11.c:42:13:
warning: stack-based buffer overflow [CWE-121] [-Wanalyzer-out-of-bounds]
/vol/gcc/src/hg/master/local/gcc/testsuite/c-c++-common/analyzer/out-of-bou=
nds-diagram-11.c:41:47:
note: (1) capacity: =E2=80=98((size * 4) + 3)=E2=80=99 bytes
/vol/gcc/src/hg/master/local/gcc/testsuite/c-c++-common/analyzer/out-of-bou=
nds-diagram-11.c:42:13:
note: (2) write of 4 bytes at offset =E2=80=98(size * 4)=E2=80=99 exceeds t=
he buffer

                                 =E2=94=8C=E2=94=80=E2=94=80=E2=94=80=E2=94=
=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=
=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=
=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=
=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=
=E2=94=80=E2=94=80=E2=94=90
                                 =E2=94=82          write of =E2=80=98(int)=
 42=E2=80=99          =E2=94=82
                                 =E2=94=94=E2=94=80=E2=94=80=E2=94=80=E2=94=
=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=
=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=
=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=
=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=
=E2=94=80=E2=94=80=E2=94=98
                                           =E2=94=82                   =E2=
=94=82
                                           =E2=94=82                   =E2=
=94=82
                                           v                   v
  =E2=94=8C=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=
=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=
=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=
=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=
=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=
=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=
=80=E2=94=80=E2=94=90=E2=94=8C=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=
=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=
=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=90
  =E2=94=82         buffer allocated on stack at (1)         =E2=94=82=E2=
=94=82after valid range =E2=94=82
  =E2=94=94=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=
=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=
=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=
=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=
=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=
=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=
=80=E2=94=80=E2=94=98=E2=94=94=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=
=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=
=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=98
  =E2=94=9C=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=
=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=
=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=
=80=E2=94=AC=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=
=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=
=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=
=80=E2=94=80=E2=94=A4=E2=94=9C=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=
=E2=94=80=E2=94=80=E2=94=80=E2=94=AC=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=
=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=A4
                           =E2=94=82                                   =E2=
=94=82
           =E2=95=AD=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=
=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=
=94=80=E2=94=B4=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=
=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=95=AE=
          =E2=95=AD=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=
=E2=94=80=E2=94=80=E2=94=80=E2=94=B4=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=
=94=80=E2=94=80=E2=94=80=E2=94=80=E2=95=AE
           =E2=94=82capacity: =E2=80=98size * 4 + 3=E2=80=99 bytes=E2=94=82=
          =E2=94=82overflow of 1 byte=E2=94=82
           =E2=95=B0=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=
=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=
=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=
=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=95=AF=
          =E2=95=B0=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=
=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=
=94=80=E2=94=80=E2=94=80=E2=94=80=E2=95=AF

/vol/gcc/src/hg/master/local/gcc/testsuite/c-c++-common/analyzer/out-of-bou=
nds-diagram-11.c:
In function =E2=80=98char* test99(const char*, const char*)=E2=80=99:
/vol/gcc/src/hg/master/local/gcc/testsuite/c-c++-common/analyzer/out-of-bou=
nds-diagram-11.c:80:25:
warning: heap-based buffer overflow [CWE-122] [-Wanalyzer-out-of-bounds]
/vol/gcc/src/hg/master/local/gcc/testsuite/c-c++-common/analyzer/out-of-bou=
nds-diagram-11.c:74:44:
note: (1) capacity: =E2=80=98(len_x + len_y)=E2=80=99 bytes
/vol/gcc/src/hg/master/local/gcc/testsuite/c-c++-common/analyzer/out-of-bou=
nds-diagram-11.c:75:3:
note: (2) following =E2=80=98false=E2=80=99 branch (when =E2=80=98result=E2=
=80=99 is non-NULL)...
/vol/gcc/src/hg/master/local/gcc/testsuite/c-c++-common/analyzer/out-of-bou=
nds-diagram-11.c:77:20:
note: (3) ...to here
/vol/gcc/src/hg/master/local/gcc/testsuite/c-c++-common/analyzer/out-of-bou=
nds-diagram-11.c:80:25:
note: (4) out-of-bounds write

I'm uncertain if this isn't another issue, though.=