[Bug c/110645] New: False positive -Warray-bounds warning

public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed

* [Bug c/110645] New: False positive -Warray-bounds warning
@ 2023-07-12 17:52 andres at anarazel dot de
  2023-07-13  8:25 ` [Bug tree-optimization/110645] " rguenth at gcc dot gnu.org
  0 siblings, 1 reply; 2+ messages in thread
From: andres at anarazel dot de @ 2023-07-12 17:52 UTC (permalink / raw)
  To: gcc-bugs

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110645

            Bug ID: 110645
           Summary: False positive -Warray-bounds warning
           Product: gcc
           Version: unknown
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: c
          Assignee: unassigned at gcc dot gnu.org
          Reporter: andres at anarazel dot de
  Target Milestone: ---

Created attachment 55531
  --> https://gcc.gnu.org/bugzilla/attachment.cgi?id=55531&action=edit
reproducer

Hi,

The attached minimized reproducer (from postgres code) triggers a clearly bogus
-Warray-bounds warning, even with -Warray-bounds=1.

$ gcc -O1 -Wall -Warray-bounds=1 -c -o /dev/null -c repro.i 
In function ‘formTextDatum’,
    inlined from ‘spgist_name_compress’ at /tmp/cvise2/repro.i:44:9:
/tmp/cvise2/repro.i:35:17: warning: ‘memcpy’ forming offset [2, 254] is out of
the bounds [0, 2] [-Warray-bounds]
   35 |                 memcpy(att->data, src, srclen);
      |                 ^~~~~~~~~~~~

This is despite srclen being strlen(src), which gcc does know is <= 1.

It seems that the known range of srclen is "widened" due to the if (srclen <
0xff), causing the warning.

It is somewhat interesting that removing -Wall removes the spurious warning,
despite -Warray-bounds=1.


This triggers for gcc-11 - HEAD at 3b007164b3e, but not in gcc-10.


I looked through quite a few bugs about spurious -Warray-bounds warnings to see
if this is a duplicate - quite possible, but I didn't find a real match for
this.

Regards,

Andres

^ permalink raw reply	[flat|nested] 2+ messages in thread

* [Bug tree-optimization/110645] False positive -Warray-bounds warning
  2023-07-12 17:52 [Bug c/110645] New: False positive -Warray-bounds warning andres at anarazel dot de
@ 2023-07-13  8:25 ` rguenth at gcc dot gnu.org
  0 siblings, 0 replies; 2+ messages in thread
From: rguenth at gcc dot gnu.org @ 2023-07-13  8:25 UTC (permalink / raw)
  To: gcc-bugs

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110645

Richard Biener <rguenth at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
     Ever confirmed|0                           |1
   Last reconfirmed|                            |2023-07-13
            Version|unknown                     |13.2.1
      Known to work|                            |10.5.0
             Status|UNCONFIRMED                 |NEW
      Known to fail|                            |11.3.0, 14.0

--- Comment #1 from Richard Biener <rguenth at gcc dot gnu.org> ---
Confirmed.  Emitted from

#0  warning_at (location=2147483699, opt=507, 
    gmsgid=0x3360cb8 "%qD forming offset %s is out of the bounds [0, %wu]")
    at /space/rguenther/src/gcc/gcc/diagnostic.cc:1903
#1  0x0000000001215eb1 in (anonymous namespace)::maybe_diag_access_bounds (
    call=<gimple_call 0x7ffff71f2d10>, func=<function_decl 0x7ffff72e5200
memcpy>, strict=0, ref=..., 
    wroff=..., do_warn=true) at
/space/rguenther/src/gcc/gcc/gimple-ssa-warn-restrict.cc:1834
#2  0x00000000012168cf in check_bounds_or_overlap (ptrqry=...,
call=<gimple_call 0x7ffff71f2d10>, 
    dst=<ssa_name 0x7ffff73a1948 13>, src=<ssa_name 0x7ffff73a15a0 3>, 
    dstsize=<ssa_name 0x7ffff71cfee8 1>, srcsize=<tree 0x0>, bounds_only=false,
do_warn=true)
    at /space/rguenther/src/gcc/gcc/gimple-ssa-warn-restrict.cc:2043
#3  0x0000000001216643 in (anonymous namespace)::pass_wrestrict::check_call
(this=0x4432a00, 
    call=<gimple_call 0x7ffff71f2d10>) at
/space/rguenther/src/gcc/gcc/gimple-ssa-warn-restrict.cc:1989
#4  0x000000000120ef00 in (anonymous namespace)::pass_wrestrict::check_block
(this=0x4432a00, 
    bb=<basic_block 0x7ffff7375cc0 (4)>) at
/space/rguenther/src/gcc/gcc/gimple-ssa-warn-restrict.cc:100
#5  0x000000000120ef78 in (anonymous namespace)::pass_wrestrict::execute
(this=0x4432a00, 
    fun=0x7ffff739b0b8) at
/space/rguenther/src/gcc/gcc/gimple-ssa-warn-restrict.cc:112
#6  0x0000000001518413 in execute_one_pass (pass=<opt_pass* 0x4432a00
"wrestrict"(207)>)
    at /space/rguenther/src/gcc/gcc/passes.cc:2651

on the path where strlen (inStr) > 254:

<bb 2> [local count: 1073741824]:
_1 = strlen (inStr_3(D));
if (_1 <= 254)
  goto <bb 3>; [50.00%]
else
  goto <bb 4>; [50.00%]

$2 = <basic_block 0x7ffff7375720 (2)>
(gdb) p debug_bb_n (4)
<bb 4> [local count: 536870913]:
_10 = _1 + 4;
att_11 = palloc (_10);
_12 = (unsigned int) _1;
att_11->len = _12;
_13 = &att_11->data;
memcpy (_13, inStr_3(D), _1);

it looks like we are confused - not sure how though.

^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2023-07-13  8:25 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-07-12 17:52 [Bug c/110645] New: False positive -Warray-bounds warning andres at anarazel dot de
2023-07-13  8:25 ` [Bug tree-optimization/110645] " rguenth at gcc dot gnu.org

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).