public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug sanitizer/97490] New: [10/11 Regression] false-positive -Wstringop-overflow= with address sanitizer
@ 2020-10-19 11:15 arnd at linaro dot org
2020-10-19 12:05 ` [Bug sanitizer/97490] " rguenth at gcc dot gnu.org
` (5 more replies)
0 siblings, 6 replies; 7+ messages in thread
From: arnd at linaro dot org @ 2020-10-19 11:15 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=97490
Bug ID: 97490
Summary: [10/11 Regression] false-positive -Wstringop-overflow=
with address sanitizer
Product: gcc
Version: 10.2.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: sanitizer
Assignee: unassigned at gcc dot gnu.org
Reporter: arnd at linaro dot org
CC: dodji at gcc dot gnu.org, dvyukov at gcc dot gnu.org,
jakub at gcc dot gnu.org, kcc at gcc dot gnu.org, marxin at gcc dot gnu.org
Target Milestone: ---
Building the Linux kernel with gcc-10.1 or higher shows a couple of warnings in
one file:
drivers/net/wireless/ath/ath9k/dynack.c:209:14: warning: writing 4 bytes into a
region of size 0 [-Wstringop-overflow=]
I manually created a reduced test case:
typedef unsigned int u32;
typedef unsigned short u16;
typedef unsigned char u8;
typedef _Bool bool;
static inline void _ether_addr_copy(u8 *dst, const u8 *src)
{
*(u32 *)dst = *(const u32 *)src;
*(u16 *)(dst + 4) = *(const u16 *)(src + 4);
}
struct _ieee80211_hdr {
u8 addr1[6];
};
struct _haddr_pair {
u8 h_dest[6];
};
struct _ath_dyn_txbuf {
u16 t_rb;
struct _haddr_pair addr[64];
};
struct _ath_dynack {
bool enabled;
struct _ath_dyn_txbuf st_rbf;
};
struct _ath_hw {
int reg_ops;
struct _ath_dynack dynack;
};
void _ath_dynack_sample_tx_ts(struct _ath_hw *ah, struct _ieee80211_hdr *hdr)
{
struct _ath_dynack *da = &ah->dynack;
struct _haddr_pair *addr;
if (!da->enabled)
return;
addr = &da->st_rbf.addr[da->st_rbf.t_rb];
_ether_addr_copy(addr->h_dest, hdr->addr1);
}
$ gcc-10 -O2 -Wall -fsanitize=kernel-address -c dynack.c
test.c: In function '_ath_dynack_sample_tx_ts':
test.c:8:21: warning: writing 4 bytes into a region of size 0
[-Wstringop-overflow=]
8 | *(u32 *)dst = *(const u32 *)src;
| ~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~
test.c:26:14: note: at offset 0 to object 'enabled' with size 1 declared here
26 | bool enabled;
| ^~~~~~~
test.c:9:27: warning: writing 2 bytes into a region of size 0
[-Wstringop-overflow=]
9 | *(u16 *)(dst + 4) = *(const u16 *)(src + 4);
| ~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~
test.c:26:14: note: at offset 0 to object 'enabled' with size 1 declared here
26 | bool enabled;
| ^~~~~~~
See also https://godbolt.org/z/K5jcM8
I checked locally that this happens on all target architectures I tried, but
not with gcc-9. The code in the kernel only produces a warning on architectures
that are assumed to allow unaligned load/store instructions, otherwise a
different ether_addr_copy() function is used.
^ permalink raw reply [flat|nested] 7+ messages in thread
* [Bug sanitizer/97490] [10/11 Regression] false-positive -Wstringop-overflow= with address sanitizer
2020-10-19 11:15 [Bug sanitizer/97490] New: [10/11 Regression] false-positive -Wstringop-overflow= with address sanitizer arnd at linaro dot org
@ 2020-10-19 12:05 ` rguenth at gcc dot gnu.org
2020-10-19 12:07 ` [Bug sanitizer/97490] [10/11 Regression] false-positive -Wstringop-overflow= with address sanitizer since r10-5451-gef29b12cfbb4979a marxin at gcc dot gnu.org
` (4 subsequent siblings)
5 siblings, 0 replies; 7+ messages in thread
From: rguenth at gcc dot gnu.org @ 2020-10-19 12:05 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=97490
Richard Biener <rguenth at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Target Milestone|--- |10.3
^ permalink raw reply [flat|nested] 7+ messages in thread
* [Bug sanitizer/97490] [10/11 Regression] false-positive -Wstringop-overflow= with address sanitizer since r10-5451-gef29b12cfbb4979a
2020-10-19 11:15 [Bug sanitizer/97490] New: [10/11 Regression] false-positive -Wstringop-overflow= with address sanitizer arnd at linaro dot org
2020-10-19 12:05 ` [Bug sanitizer/97490] " rguenth at gcc dot gnu.org
@ 2020-10-19 12:07 ` marxin at gcc dot gnu.org
2021-02-26 12:13 ` rguenth at gcc dot gnu.org
` (3 subsequent siblings)
5 siblings, 0 replies; 7+ messages in thread
From: marxin at gcc dot gnu.org @ 2020-10-19 12:07 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=97490
Martin Liška <marxin at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Last reconfirmed| |2020-10-19
Summary|[10/11 Regression] |[10/11 Regression]
|false-positive |false-positive
|-Wstringop-overflow= with |-Wstringop-overflow= with
|address sanitizer |address sanitizer since
| |r10-5451-gef29b12cfbb4979a
Ever confirmed|0 |1
Known to fail| |10.2.0, 11.0
Status|UNCONFIRMED |NEW
Known to work| |9.3.0
--- Comment #1 from Martin Liška <marxin at gcc dot gnu.org> ---
Confirmed, started with Martin's commit.
^ permalink raw reply [flat|nested] 7+ messages in thread
* [Bug sanitizer/97490] [10/11 Regression] false-positive -Wstringop-overflow= with address sanitizer since r10-5451-gef29b12cfbb4979a
2020-10-19 11:15 [Bug sanitizer/97490] New: [10/11 Regression] false-positive -Wstringop-overflow= with address sanitizer arnd at linaro dot org
2020-10-19 12:05 ` [Bug sanitizer/97490] " rguenth at gcc dot gnu.org
2020-10-19 12:07 ` [Bug sanitizer/97490] [10/11 Regression] false-positive -Wstringop-overflow= with address sanitizer since r10-5451-gef29b12cfbb4979a marxin at gcc dot gnu.org
@ 2021-02-26 12:13 ` rguenth at gcc dot gnu.org
2021-04-08 12:02 ` rguenth at gcc dot gnu.org
` (2 subsequent siblings)
5 siblings, 0 replies; 7+ messages in thread
From: rguenth at gcc dot gnu.org @ 2021-02-26 12:13 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=97490
Richard Biener <rguenth at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Priority|P3 |P2
^ permalink raw reply [flat|nested] 7+ messages in thread
* [Bug sanitizer/97490] [10/11 Regression] false-positive -Wstringop-overflow= with address sanitizer since r10-5451-gef29b12cfbb4979a
2020-10-19 11:15 [Bug sanitizer/97490] New: [10/11 Regression] false-positive -Wstringop-overflow= with address sanitizer arnd at linaro dot org
` (2 preceding siblings ...)
2021-02-26 12:13 ` rguenth at gcc dot gnu.org
@ 2021-04-08 12:02 ` rguenth at gcc dot gnu.org
2022-06-28 10:42 ` [Bug sanitizer/97490] [10/11/12/13 " jakub at gcc dot gnu.org
2023-07-07 10:38 ` [Bug sanitizer/97490] [11/12/13/14 " rguenth at gcc dot gnu.org
5 siblings, 0 replies; 7+ messages in thread
From: rguenth at gcc dot gnu.org @ 2021-04-08 12:02 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=97490
Richard Biener <rguenth at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Target Milestone|10.3 |10.4
--- Comment #2 from Richard Biener <rguenth at gcc dot gnu.org> ---
GCC 10.3 is being released, retargeting bugs to GCC 10.4.
^ permalink raw reply [flat|nested] 7+ messages in thread
* [Bug sanitizer/97490] [10/11/12/13 Regression] false-positive -Wstringop-overflow= with address sanitizer since r10-5451-gef29b12cfbb4979a
2020-10-19 11:15 [Bug sanitizer/97490] New: [10/11 Regression] false-positive -Wstringop-overflow= with address sanitizer arnd at linaro dot org
` (3 preceding siblings ...)
2021-04-08 12:02 ` rguenth at gcc dot gnu.org
@ 2022-06-28 10:42 ` jakub at gcc dot gnu.org
2023-07-07 10:38 ` [Bug sanitizer/97490] [11/12/13/14 " rguenth at gcc dot gnu.org
5 siblings, 0 replies; 7+ messages in thread
From: jakub at gcc dot gnu.org @ 2022-06-28 10:42 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=97490
Jakub Jelinek <jakub at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Target Milestone|10.4 |10.5
--- Comment #3 from Jakub Jelinek <jakub at gcc dot gnu.org> ---
GCC 10.4 is being released, retargeting bugs to GCC 10.5.
^ permalink raw reply [flat|nested] 7+ messages in thread
* [Bug sanitizer/97490] [11/12/13/14 Regression] false-positive -Wstringop-overflow= with address sanitizer since r10-5451-gef29b12cfbb4979a
2020-10-19 11:15 [Bug sanitizer/97490] New: [10/11 Regression] false-positive -Wstringop-overflow= with address sanitizer arnd at linaro dot org
` (4 preceding siblings ...)
2022-06-28 10:42 ` [Bug sanitizer/97490] [10/11/12/13 " jakub at gcc dot gnu.org
@ 2023-07-07 10:38 ` rguenth at gcc dot gnu.org
5 siblings, 0 replies; 7+ messages in thread
From: rguenth at gcc dot gnu.org @ 2023-07-07 10:38 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=97490
Richard Biener <rguenth at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Target Milestone|10.5 |11.5
--- Comment #4 from Richard Biener <rguenth at gcc dot gnu.org> ---
GCC 10 branch is being closed.
^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2023-07-07 10:38 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-10-19 11:15 [Bug sanitizer/97490] New: [10/11 Regression] false-positive -Wstringop-overflow= with address sanitizer arnd at linaro dot org
2020-10-19 12:05 ` [Bug sanitizer/97490] " rguenth at gcc dot gnu.org
2020-10-19 12:07 ` [Bug sanitizer/97490] [10/11 Regression] false-positive -Wstringop-overflow= with address sanitizer since r10-5451-gef29b12cfbb4979a marxin at gcc dot gnu.org
2021-02-26 12:13 ` rguenth at gcc dot gnu.org
2021-04-08 12:02 ` rguenth at gcc dot gnu.org
2022-06-28 10:42 ` [Bug sanitizer/97490] [10/11/12/13 " jakub at gcc dot gnu.org
2023-07-07 10:38 ` [Bug sanitizer/97490] [11/12/13/14 " rguenth at gcc dot gnu.org
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).