https://gcc.gnu.org/bugzilla/show_bug.cgi?id=100680
Bug ID: 100680
Summary: false positive warning for certain __builtin_memcmp()
argument
Product: gcc
Version: 11.1.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: c
Assignee: unassigned at gcc dot gnu.org
Reporter: jbeulich at suse dot com
Target Milestone: ---
In this example
struct s {
char a[8];
int i;
long l;
};
extern char ea[8];
static char sa[8] = { 1, 2, 3, 4 };
int test(void) {
const struct s*ps = (const struct s *)0x12345678L;
if(__builtin_memcmp(ps->a, ps->a, 8))
return 0;
if(__builtin_memcmp(ps->a, ea, 8))
return 0;
if(__builtin_memcmp(ps->a, sa, 8))
return 0;
if(__builtin_memcmp(ps->a, "abcdABCD", 8))
return 0;
return 1;
}
all except, oddly enough, the first invocation cause "'__builtin_memcmp'
specified bound of 8 exceeds source size of 0 [-Wstringop-overread]". Obviously
the above example is heavily simplified from actual uses in the Xen hypervisor
sources, but clearly in (at least) OS and alike low-level development it is not
uncommon for pointers to get derived from known integer constants.
