[Bug tree-optimization/89350] New: [9 Regression] Wrong -Wstringop-overflow= warning since r261518

Thu, 14 Feb 2019 03:19:48 -0800 

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=89350

            Bug ID: 89350
           Summary: [9 Regression] Wrong -Wstringop-overflow= warning
                    since r261518
           Product: gcc
           Version: unknown
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: tree-optimization
          Assignee: unassigned at gcc dot gnu.org
          Reporter: marxin at gcc dot gnu.org
  Target Milestone: ---

I see following wrong warning:

$ cat snippet.c
char buf[128];
char *src = "HCSparta";

int main(int argc, char **argv)
{
    char *dst = buf + sizeof(buf);

    if (argc)
    {
      dst -= argc;
      __builtin_memcpy(dst, src, argc + 0);
    }
}

$ gcc snippet.c  -O2 -Wstringop-overflow=2  -fno-common -g
snippet.c: In function ‘main’:
snippet.c:11:7: warning: ‘__builtin_memcpy’ writing 1 or more bytes into a
region of size 0 overflows the destination [-Wstringop-overflow=]
   11 |       __builtin_memcpy(dst, src, argc + 0);
      |       ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

$ gcc snippet.c  -O2 -Wstringop-overflow=2  -fno-common -g -fsanitize=address
&& ./a.out
[OK]

While doing s/0/1:

$ cat snippet.c
char buf[128];
char *src = "HCSparta";

int main(int argc, char **argv)
{
    char *dst = buf + sizeof(buf);

    if (argc)
    {
      dst -= argc;
      __builtin_memcpy(dst, src, argc + 1);
    }
}

$ gcc snippet.c  -O2 -Wstringop-overflow=2  -fno-common -g
[OK]

But:

$ gcc snippet.c  -O2 -Wstringop-overflow=2  -fno-common -g -fsanitize=address
&& ./a.out
=================================================================
==6195==ERROR: AddressSanitizer: global-buffer-overflow on address
0x000000404220 at pc 0x7ffff763a5d0 bp 0x7fffffffdb70 sp 0x7fffffffd320
WRITE of size 2 at 0x000000404220 thread T0
    #0 0x7ffff763a5cf in __interceptor_memcpy
/home/marxin/Programming/gcc/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:790
    #1 0x4010b4 in main /tmp/snippet.c:11
    #2 0x7ffff73b4b7a in __libc_start_main ../csu/libc-start.c:308
    #3 0x401119 in _start (/tmp/a.out+0x401119)

0x000000404220 is located 0 bytes to the right of global variable 'buf' defined
in 'snippet.c:1:6' (0x4041a0) of size 128
SUMMARY: AddressSanitizer: global-buffer-overflow
/home/marxin/Programming/gcc/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:790
in __interceptor_memcpy
...

Reply via email to