public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug c/110878] New: -Wstringop-overread incorrectly warns about arguments to functions with static array parameter declarations
@ 2023-08-02 19:21 campbell+gcc-bugzilla at mumble dot net
2023-08-02 19:31 ` [Bug c/110878] -Wstringop-overflow " pinskia at gcc dot gnu.org
` (4 more replies)
0 siblings, 5 replies; 6+ messages in thread
From: campbell+gcc-bugzilla at mumble dot net @ 2023-08-02 19:21 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110878
Bug ID: 110878
Summary: -Wstringop-overread incorrectly warns about arguments
to functions with static array parameter declarations
Product: gcc
Version: 13.2.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: c
Assignee: unassigned at gcc dot gnu.org
Reporter: campbell+gcc-bugzilla at mumble dot net
Target Milestone: ---
Isolated from code passing a pointer into an array and the length of the array
as separate arguments, where each function has the minimum length of the array
encoded in its parameter declaration, and uses runtime conditionals to
guarantee the minimum is met:
// bar(p, n) may access p[0], p[1], ..., p[n-1], and requires n >= 128
void bar(unsigned char[static 128], unsigned);
// foo(p, n) may access p[0], p[1], ..., p[n-1], and requires n >= 16
void
foo(unsigned char p[static 16], unsigned n)
{
if (n % 128)
n -= n % 128;
if (n)
bar(p, n);
}
<source>: In function 'foo':
<source>:12:17: error: 'bar' accessing 128 bytes in a region of size 16
[-Werror=stringop-overflow=]
12 | bar(p, n);
| ^~~~~~~~~
<source>:12:17: note: referencing argument 1 of type 'unsigned char[128]'
<source>:2:6: note: in a call to function 'bar'
2 | void bar(unsigned char[static 128], unsigned n);
| ^~~
cc1: all warnings being treated as errors
Compiler returned: 1
Reproduced in GCC 10.5, 11.4, and 12.3. Not reproduced in any earlier versions
of GCC.
Using `if (n >= 128)' doesn't change anything, presumably because GCC doesn't
know the connection between p and n.
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug c/110878] -Wstringop-overflow incorrectly warns about arguments to functions with static array parameter declarations
2023-08-02 19:21 [Bug c/110878] New: -Wstringop-overread incorrectly warns about arguments to functions with static array parameter declarations campbell+gcc-bugzilla at mumble dot net
@ 2023-08-02 19:31 ` pinskia at gcc dot gnu.org
2023-08-02 19:36 ` pinskia at gcc dot gnu.org
` (3 subsequent siblings)
4 siblings, 0 replies; 6+ messages in thread
From: pinskia at gcc dot gnu.org @ 2023-08-02 19:31 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110878
--- Comment #1 from Andrew Pinski <pinskia at gcc dot gnu.org> ---
There is another bug report dealing with this. But IIRC this is an expected
warning as foo is being passed an array which is size 16 but then passed to bar
as size 128 which would be undefined.
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug c/110878] -Wstringop-overflow incorrectly warns about arguments to functions with static array parameter declarations
2023-08-02 19:21 [Bug c/110878] New: -Wstringop-overread incorrectly warns about arguments to functions with static array parameter declarations campbell+gcc-bugzilla at mumble dot net
2023-08-02 19:31 ` [Bug c/110878] -Wstringop-overflow " pinskia at gcc dot gnu.org
@ 2023-08-02 19:36 ` pinskia at gcc dot gnu.org
2023-08-02 19:52 ` campbell+gcc-bugzilla at mumble dot net
` (2 subsequent siblings)
4 siblings, 0 replies; 6+ messages in thread
From: pinskia at gcc dot gnu.org @ 2023-08-02 19:36 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110878
Andrew Pinski <pinskia at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Depends on| |108154
--- Comment #2 from Andrew Pinski <pinskia at gcc dot gnu.org> ---
This is basically a dup of bug 108154 I think.
Referenced Bugs:
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=108154
[Bug 108154] Inappropriate -Wstringop-overread in the C99 [static n] func param
decl
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug c/110878] -Wstringop-overflow incorrectly warns about arguments to functions with static array parameter declarations
2023-08-02 19:21 [Bug c/110878] New: -Wstringop-overread incorrectly warns about arguments to functions with static array parameter declarations campbell+gcc-bugzilla at mumble dot net
2023-08-02 19:31 ` [Bug c/110878] -Wstringop-overflow " pinskia at gcc dot gnu.org
2023-08-02 19:36 ` pinskia at gcc dot gnu.org
@ 2023-08-02 19:52 ` campbell+gcc-bugzilla at mumble dot net
2023-08-02 20:00 ` pinskia at gcc dot gnu.org
2023-08-03 21:01 ` muecker at gwdg dot de
4 siblings, 0 replies; 6+ messages in thread
From: campbell+gcc-bugzilla at mumble dot net @ 2023-08-02 19:52 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110878
--- Comment #3 from Taylor R Campbell <campbell+gcc-bugzilla at mumble dot net> ---
(In reply to Andrew Pinski from comment #1)
> There is another bug report dealing with this. But IIRC this is an expected
> warning as foo is being passed an array which is size 16 but then passed to
> bar as size 128 which would be undefined.
There is nothing undefined here.
The caller's requirement as noted in the comment (which is not formally
expressible in C, as far as I know, but is obviously extremely
widespread practice) is that for foo(p, n) or bar(p, n), p must point
to the first element of an array of at least n elements.
foo additionally imposes the requirement that p have at least 16
elements. bar additionally imposes the requirement that p have at
least 128 elements.
When the caller meets foo's contract, foo meets bar's contract. So
there is nothing undefined.
From C11, Sec. 6.7.6.3 `Function declarators (including prototypes)',
paragraph 7, p. 133:
> A declaration of a parameter as ``array of type'' shall be adjusted
> to ``qualified pointer to type'', where the type qualifiers (if any)
> are those specified within the [ and ] of the array type derivation.
> If the keyword static also appears within the [ and ] of the array
> type derivation, then for each call to the function, the value of the
> corresponding actual argument shall provide access to the first
> element of an array with at least as many elements as specified by
> the size expression.
Here, as required, the value of the corresponding actual argument does
provide access to the first element of an array with at least as many
elements as specified by the size expression.
In other words, this states a requirement about run-time values, which
the code meets, not about compile-time parameter declarations, which is
what GCC appears to object to.
(In reply to Andrew Pinski from comment #2)
> This is basically a dup of bug 108154 I think.
That one appears to be different: it trips -Wstringop-overread, not
-Wstringop-overflow.
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug c/110878] -Wstringop-overflow incorrectly warns about arguments to functions with static array parameter declarations
2023-08-02 19:21 [Bug c/110878] New: -Wstringop-overread incorrectly warns about arguments to functions with static array parameter declarations campbell+gcc-bugzilla at mumble dot net
` (2 preceding siblings ...)
2023-08-02 19:52 ` campbell+gcc-bugzilla at mumble dot net
@ 2023-08-02 20:00 ` pinskia at gcc dot gnu.org
2023-08-03 21:01 ` muecker at gwdg dot de
4 siblings, 0 replies; 6+ messages in thread
From: pinskia at gcc dot gnu.org @ 2023-08-02 20:00 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110878
--- Comment #4 from Andrew Pinski <pinskia at gcc dot gnu.org> ---
(In reply to Taylor R Campbell from comment #3)
> (In reply to Andrew Pinski from comment #2)
> > This is basically a dup of bug 108154 I think.
>
> That one appears to be different: it trips -Wstringop-overread, not
> -Wstringop-overflow.
The infrastructure for both are the same for this static array parameters
though. So ....
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug c/110878] -Wstringop-overflow incorrectly warns about arguments to functions with static array parameter declarations
2023-08-02 19:21 [Bug c/110878] New: -Wstringop-overread incorrectly warns about arguments to functions with static array parameter declarations campbell+gcc-bugzilla at mumble dot net
` (3 preceding siblings ...)
2023-08-02 20:00 ` pinskia at gcc dot gnu.org
@ 2023-08-03 21:01 ` muecker at gwdg dot de
4 siblings, 0 replies; 6+ messages in thread
From: muecker at gwdg dot de @ 2023-08-03 21:01 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110878
Martin Uecker <muecker at gwdg dot de> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |muecker at gwdg dot de
--- Comment #5 from Martin Uecker <muecker at gwdg dot de> ---
It is true that there is no UB, but the warning is not directly related to
whether something is UB or not. It simply assumes that 16 is an upper bound
although the standard does require this.
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2023-08-03 21:01 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-08-02 19:21 [Bug c/110878] New: -Wstringop-overread incorrectly warns about arguments to functions with static array parameter declarations campbell+gcc-bugzilla at mumble dot net
2023-08-02 19:31 ` [Bug c/110878] -Wstringop-overflow " pinskia at gcc dot gnu.org
2023-08-02 19:36 ` pinskia at gcc dot gnu.org
2023-08-02 19:52 ` campbell+gcc-bugzilla at mumble dot net
2023-08-02 20:00 ` pinskia at gcc dot gnu.org
2023-08-03 21:01 ` muecker at gwdg dot de
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).