https://gcc.gnu.org/bugzilla/show_bug.cgi?id=96259
Martin Sebor <msebor at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Resolution|--- |DUPLICATE
Status|UNCONFIRMED |RESOLVED
--- Comment #2 from Martin Sebor <msebor at gcc dot gnu.org> ---
Confirmed. The warning works as designed. The cause of the problem, as in a
number of other similar cases that have been reported recently (including
pr94655 with the same root cause), is FRE substituting a smaller member for a
larger member at the same address. Before fre4 the IL corresponds to the
access in the source code:
func (struct DataOut * data)
{
int _1;
struct DataIn * _2;
int * _7;
<bb 2> [local count: 1073741824]:
_7 = &data_5(D)->in.type;
.ASAN_CHECK (6, _7, 4, 4);
_1 = data_5(D)->in.type;
if (_1 != 0)
goto <bb 3>; [33.00%]
else
goto <bb 4>; [67.00%]
<bb 3> [local count: 354334800]:
_2 = &data_5(D)->in; <<< destination
__builtin_memset (_2, 0, 8); <<< okay
<bb 4> [local count: 1073741824]:
return;
}
Then fre4 turns the above into:
func (struct DataOut * data)
{
int _1;
int * _7;
<bb 2> [local count: 1073741824]:
_7 = &data_5(D)->in.type; <<< destination
.ASAN_CHECK (6, _7, 4, 4);
_1 = data_5(D)->in.type;
if (_1 != 0)
goto <bb 3>; [33.00%]
else
goto <bb 4>; [67.00%]
<bb 3> [local count: 354334800]:
__builtin_memset (_7, 0, 8); <<< warning
<bb 4> [local count: 1073741824]:
return;
}
There is nothing the warning can do to differentiate the result of this
transformation from a bug in the source code. To avoid compromising the
utility of the warning, either the transformation needs to change or the IL
needs to somehow/somewhere preserve the original destination of the access. (I
plan to look into the former.)
*** This bug has been marked as a duplicate of bug 94655 ***
