On 11/22/2021 4:54 PM, Martin Sebor via Gcc-patches wrote:
In an effort to avoid false positives while still detecting certain out-of-bounds accesses the warning code that handles PHI nodes chooses the operand with the most space remaining as the one representative of the PHI. That's not right when the offsets into the operands are unequal, because it overly constrains the range of offsets that can be substracted from the pointer. The attached change corrects the logic here to not only use the size of the largest operand but also to extend the range of offsets into it to reflect all operand. Unfortunately, as a result of the more conservative offset computation, the fix leads to a fair number of false negatives. I tried to avoid those but couldn't come up with a clean solution that didn't require design changes, so I defer those to GCC 13. The diff is relative to the "cleanup" patch submitted below: https://gcc.gnu.org/pipermail/gcc-patches/2021-November/583735.html Tested on x86_64-linux and by building Glibc and confirming no new warnings. Martin gcc-103215.diff Extend the offset and size of merged object references [PR103215]. Resolves: PR tree-optimization/103215 - bogus -Warray-bounds with two pointers with different offsets each gcc/ChangeLog: PR tree-optimization/103215 * pointer-query.cc (access_ref::merge_ref): Extend the offset and size of the merged object instead of using the larger. gcc/testsuite/ChangeLog: PR tree-optimization/103215 * gcc.dg/Wstringop-overflow-58.c: Adjust and xfail expected warnings. * gcc.dg/Wstringop-overflow-59.c: Same. * gcc.dg/warn-strnlen-no-nul.c: Same. * gcc.dg/Warray-bounds-91.c: New test. * gcc.dg/Warray-bounds-92.c: New test. * gcc.dg/Wstringop-overflow-83.c: New test. * gcc.dg/Wstringop-overflow-85.c: New test.
OK if/when prereqs go in. jeff
