[Bug middle-end/99578] gcc-11 -Warray-bounds or -Wstringop-overread warning when accessing a pointer from integer literal

andrew.cooper3 at citrix dot com via Gcc-bugs Wed, 19 May 2021 11:01:07 -0700

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=99578


Andrew Cooper <andrew.cooper3 at citrix dot com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |andrew.cooper3 at citrix dot 
com

--- Comment #14 from Andrew Cooper <andrew.cooper3 at citrix dot com> ---
I too have had what appears to be this bug, raised against a microkernel
project.

The logic is a test case involving interactions at the x86-64 lower canonical
boundary, and reads like so:

    ...
    uint64_t *ptr = (void *)0x00007ffffffffff8ul;

    memcpy(ptr, "\x90\x90\xf\xbxen\x90", 8);
    ...

This yields:

    include/xtf/libc.h:36:37: error: ‘__builtin_memcpy’ offset [0, 7] is out of
the bounds [0, 0] [-Werror=array-bounds]
       36 | #define memcpy(d, s, n)             __builtin_memcpy(d, s, n)
          |                                     ^~~~~~~~~~~~~~~~~~~~~~~~~
    main.c:81:5: note: in expansion of macro ‘memcpy’
       81 |     memcpy(ptr, "\x90\x90\xf\xbxen\x90", 8);
          |     ^~~~~~

It is worth pointing out that it is common for kernels to have some virtual
addresses derived from compile-time constants, notably the fixmap and
frametable.

[Bug middle-end/99578] gcc-11 -Warray-bounds or -Wstringop-overread warning when accessing a pointer from integer literal

Reply via email to