https://gcc.gnu.org/bugzilla/show_bug.cgi?id=101475
Bug ID: 101475
Summary: missing -Wstringop-overflow storing a compound literal
Product: gcc
Version: 11.1.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: middle-end
Assignee: unassigned at gcc dot gnu.org
Reporter: msebor at gcc dot gnu.org
Target Milestone: ---
Even with pr97027 resolved -Wstringop-overflow is not issued consistently (on
all targets) for buffer overflow when storing a larger compound literal into a
smaller buffer. The test case below is diagnosed by -Warray-bounds which is
only enabled with -Wall and at -O2, but not by -Wstringop-overflow (which is
enabled by default). Ideally the bug should be diagnosed even at -O0.
$ cat a.c && gcc -O2 -S -fdump-tree-strlen=/dev/stdout a.c
typedef struct A { char a[4]; } A;
extern char a[2];
void f (void)
{
*(A*)a = (A){ 1, 2, 3, 4 }; // missing warning
}
typedef struct B { int a[2]; } B;
void g (void)
{
*(B*)a = (B){ 1, 2 }; // missing warning
}
;; Function f (f, funcdef_no=0, decl_uid=3910, cgraph_uid=1, symbol_order=0)
;; 1 loops found
;;
;; Loop 0
;; header 0, latch 1
;; depth 0, outer -1
;; nodes: 0 1 2
;; 2 succs { 1 }
void f ()
{
<bb 2> [local count: 1073741824]:
MEM[(struct A *)&a].a[0] = 1;
MEM[(struct A *)&a].a[1] = 2;
MEM[(struct A *)&a].a[2] = 3;
MEM[(struct A *)&a].a[3] = 4;
return;
}
;; Function g (g, funcdef_no=1, decl_uid=3917, cgraph_uid=2, symbol_order=1)
;; 1 loops found
;;
;; Loop 0
;; header 0, latch 1
;; depth 0, outer -1
;; nodes: 0 1 2
;; 2 succs { 1 }
void g ()
{
<bb 2> [local count: 1073741824]:
MEM[(struct B *)&a].a[0] = 1;
MEM[(struct B *)&a].a[1] = 2;
return;
}
