public inbox for gcc-bugs@sourceware.org help / color / mirror / Atom feed
From: "msebor at gcc dot gnu.org" <gcc-bugzilla@gcc.gnu.org> To: gcc-bugs@gcc.gnu.org Subject: [Bug c++/96188] -Wstringop-overflow false positive Date: Mon, 13 Jul 2020 16:49:51 +0000 [thread overview] Message-ID: <bug-96188-4-NN9LgAt6KE@http.gcc.gnu.org/bugzilla/> (raw) In-Reply-To: <bug-96188-4@http.gcc.gnu.org/bugzilla/> https://gcc.gnu.org/bugzilla/show_bug.cgi?id=96188 Martin Sebor <msebor at gcc dot gnu.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Keywords| |diagnostic, | |missed-optimization Last reconfirmed| |2020-07-13 CC| |msebor at gcc dot gnu.org Blocks| |88443 Ever confirmed|0 |1 Status|UNCONFIRMED |NEW --- Comment #1 from Martin Sebor <msebor at gcc dot gnu.org> --- In bug reports please include the information requested here: https://gcc.gnu.org/bugs/#need (specifically the compiler outptut). Links to external sites are not a substitute since the need not reproduce the same problem in the future. This form of the warning first started paying attention to dynamically allocated memory in GCC 10. On master, the output is as follows: pr96188.C: In function ‘void F()’: pr96188.C:9:18: warning: unused variable ‘fx’ [-Wunused-variable] 9 | for (const int fx : {0}) { | ^~ cc1plus: warning: writing 16 bytes into a region of size 0 [-Wstringop-overflow=] In file included from /build/gcc-master/x86_64-pc-linux-gnu/libstdc++-v3/include/x86_64-pc-linux-gnu/bits/c++allocator.h:33, from /build/gcc-master/x86_64-pc-linux-gnu/libstdc++-v3/include/bits/allocator.h:46, from /build/gcc-master/x86_64-pc-linux-gnu/libstdc++-v3/include/string:41, from pr96188.C:2: /build/gcc-master/x86_64-pc-linux-gnu/libstdc++-v3/include/ext/new_allocator.h:115:41: note: at offset 112 to an object with size 0 allocated by ‘operator new’ here 115 | return static_cast<_Tp*>(::operator new(__n * sizeof(_Tp))); | ~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~ The -Wstringop-overflow warning is based on the MEM store in the abbreviated IL below (seen in the output of the -fdump-tree-strlen option): <bb 6> [local count: 268435456]: _87 = operator new (96); ;; P <bb 15> __cur_167 = _87 + 32; ;; P + 32 <bb 23> __cur_172 = __cur_167 + 32; ;; P + 64 <bb 33> __cur_97 = __cur_172 + 32; ;; P + 96 <bb 52> MEM <__int128 unsigned> [(char * {ref-all})__cur_97 + 16B] = _119; ;; P + 96 + 16 == P + 112 The size of the allocation is 96 (it's missing from the warning due to a known limitation) but the offset is 112. The warning is doing what it's designed to do, but it's possible that bb 52 isn't reachable and GCC can't tell. There's one jump to bb 52, from bb 51 based on this condition: _84 = _87 + 96; if (_84 != __cur_97) goto <bb 52>; [82.57%] so that would seem to confirm the theory. GCC only does limited pointer value analysis and has no support for pointer value ranges, which is why I suspect it can't figure out that the inequality in bb 51 implies that bb 52 isn't reachable. There are a number of reports of this warning for code that manipulates arrays and pointers this way. Referenced Bugs: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=88443 [Bug 88443] [meta-bug] bogus/missing -Wstringop-overflow warnings
next prev parent reply other threads:[~2020-07-13 16:49 UTC|newest] Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top 2020-07-13 15:51 [Bug c++/96188] New: " derek.mauro at gmail dot com 2020-07-13 16:49 ` msebor at gcc dot gnu.org [this message] 2020-07-13 17:10 ` [Bug c++/96188] -Wstringop-overflow false positive on std::vector::push_back with -O3 msebor at gcc dot gnu.org 2021-01-21 22:04 ` msebor at gcc dot gnu.org 2021-02-17 22:53 ` egor_suvorov at mail dot ru 2021-02-17 22:54 ` egor_suvorov at mail dot ru 2021-02-18 0:55 ` [Bug tree-optimization/96188] " msebor at gcc dot gnu.org 2021-09-06 11:01 ` pinskia at gcc dot gnu.org 2021-11-23 10:15 ` pinskia at gcc dot gnu.org 2021-12-02 21:30 ` msebor at gcc dot gnu.org
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=bug-96188-4-NN9LgAt6KE@http.gcc.gnu.org/bugzilla/ \ --to=gcc-bugzilla@gcc.gnu.org \ --cc=gcc-bugs@gcc.gnu.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).