public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug middle-end/97047] New: missing warning reading past the end of a constant string returned from a function
@ 2020-09-14 16:20 msebor at gcc dot gnu.org
2020-09-14 16:25 ` [Bug middle-end/97047] " msebor at gcc dot gnu.org
0 siblings, 1 reply; 2+ messages in thread
From: msebor at gcc dot gnu.org @ 2020-09-14 16:20 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=97047
Bug ID: 97047
Summary: missing warning reading past the end of a constant
string returned from a function
Product: gcc
Version: 11.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: middle-end
Assignee: unassigned at gcc dot gnu.org
Reporter: msebor at gcc dot gnu.org
Target Milestone: ---
The first call to memcpy below triggers a warning for reading past the end of
the string returned from f(), but the second call doesn't.
$ cat x.c && gcc -O2 -S -Wall -fdump-tree-optimized=/dev/stdout x.c
const char* f (void) { return "123"; }
char a[32];
void g (void)
{
__builtin_memcpy (a, "123", sizeof a); // warning (good)
}
void h (void)
{
__builtin_memcpy (a, f (), sizeof a); // missing warning (bug)
}
;; Function f (f, funcdef_no=0, decl_uid=1931, cgraph_uid=1, symbol_order=0)
f ()
{
<bb 2> [local count: 1073741824]:
return "123";
}
x.c: In function ‘g’:
x.c:7:3: warning: ‘__builtin_memcpy’ forming offset [4, 31] is out of the
bounds [0, 4] [-Warray-bounds]
7 | __builtin_memcpy (a, "123", sizeof a); // warning (good)
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
;; Function g (g, funcdef_no=1, decl_uid=1935, cgraph_uid=2, symbol_order=2)
g ()
{
<bb 2> [local count: 1073741824]:
__builtin_memcpy (&a, "123", 32); [tail call]
return;
}
;; Function h (h, funcdef_no=2, decl_uid=1938, cgraph_uid=3, symbol_order=3)
h ()
{
<bb 2> [local count: 1073741824]:
MEM <unsigned char[32]> [(char * {ref-all})&a] = MEM <unsigned char[32]>
[(char * {ref-all})"123"];
return;
}
^ permalink raw reply [flat|nested] 2+ messages in thread
* [Bug middle-end/97047] missing warning reading past the end of a constant string returned from a function
2020-09-14 16:20 [Bug middle-end/97047] New: missing warning reading past the end of a constant string returned from a function msebor at gcc dot gnu.org
@ 2020-09-14 16:25 ` msebor at gcc dot gnu.org
0 siblings, 0 replies; 2+ messages in thread
From: msebor at gcc dot gnu.org @ 2020-09-14 16:25 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=97047
Martin Sebor <msebor at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Keywords| |diagnostic
Blocks| |56456, 97048
--- Comment #1 from Martin Sebor <msebor at gcc dot gnu.org> ---
With -Wall the test case triggers -Warray-bounds. Without -Wall it triggers
-Wstringop-overread.
Referenced Bugs:
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=56456
[Bug 56456] [meta-bug] bogus/missing -Warray-bounds
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=97048
[Bug 97048] [meta-bug] bogus/missing -Wstringop-overread warnings
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2020-09-14 16:25 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-09-14 16:20 [Bug middle-end/97047] New: missing warning reading past the end of a constant string returned from a function msebor at gcc dot gnu.org
2020-09-14 16:25 ` [Bug middle-end/97047] " msebor at gcc dot gnu.org
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).