From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from gate.crashing.org (gate.crashing.org [63.228.1.57]) by sourceware.org (Postfix) with ESMTP id 4AD0F3858D39 for ; Mon, 31 Jan 2022 22:02:11 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 4AD0F3858D39 Authentication-Results: sourceware.org; dmarc=none (p=none dis=none) header.from=kernel.crashing.org Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=kernel.crashing.org Received: from gate.crashing.org (localhost.localdomain [127.0.0.1]) by gate.crashing.org (8.14.1/8.14.1) with ESMTP id 20VM1A3w023393; Mon, 31 Jan 2022 16:01:10 -0600 Received: (from segher@localhost) by gate.crashing.org (8.14.1/8.14.1/Submit) id 20VM1AoQ023392; Mon, 31 Jan 2022 16:01:10 -0600 X-Authentication-Warning: gate.crashing.org: segher set sender to segher@kernel.crashing.org using -f Date: Mon, 31 Jan 2022 16:01:10 -0600 From: Segher Boessenkool To: Martin Sebor Cc: Dumitru Ceara , gcc-help@gcc.gnu.org Subject: Re: Potentially false-positive -Wstringop-overflow= warning with gcc >= 11.1 Message-ID: <20220131220110.GQ614@gate.crashing.org> References: <8d42151f-7be2-4d67-5b46-a83ba55d5c1c@redhat.com> <20220128152748.GD614@gate.crashing.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.4.2.3i X-Spam-Status: No, score=-3.1 required=5.0 tests=BAYES_00, JMQ_SPF_NEUTRAL, KAM_DMARC_STATUS, KAM_NUMSUBJECT, SPF_HELO_PASS, SPF_PASS, TXREP, T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.4 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on server2.sourceware.org X-BeenThere: gcc-help@gcc.gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Gcc-help mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 31 Jan 2022 22:02:12 -0000 On Mon, Jan 31, 2022 at 02:49:43PM -0700, Martin Sebor wrote: > Some statements are also isolated from the source code even when they > don't appear there, or appear with different arguments. That's also > what happens in this case: GCC replaces the memcpy call and > the subsequent store with two: one pair is valid and another pair > of invalid statements. Here's the problem in the IL the warning > sees and points out: > > [count: 0]: > memcpy (4B, &somedata[0], 6); <<< -Warray-bounds > MEM[(struct hdr2 *)0B].h21 ={v} 0; <<< causes path isolation > __builtin_trap (); and trap to be added Yup. And GCC does not (yet) consider that memcpy to be UB itself, or the trap would be moved there, removing the warning. This may be the best we can get :-) (This of course requires the analysis to be always correct :-) ) > More to your point, it's also an example where warnings issued for > code that's reachable only under some conditions make it seem like > they point out unconditional bugs. Yes, this is hard to understand often. It makes it easy to think GCC is wrong and the user code is correct (esp. for the user who wrote it). Segher