https://gcc.gnu.org/bugzilla/show_bug.cgi?id=116884
Bug ID: 116884
Summary: Bogus strcpy -Warray-bounds warning following memset
of destination after r13-455
Product: gcc
Version: 13.1.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: middle-end
Assignee: unassigned at gcc dot gnu.org
Reporter: fw at gcc dot gnu.org
Target Milestone: ---
Starting with r13-455, this test case
char *stpcpy (char *, const char *);
char *f (void);
void
g (void)
{
const char p[] = "**(!()";
char *pattern = f ();
__builtin_memset (pattern, ' ', 4096);
__builtin_strcpy (pattern, p);
}
produces
t.c: In function ‘g’:
t.c:9:3: warning: ‘__builtin_strcpy’ forming offset [7, 4096] is out of the
bounds [0, 7] of object ‘p’ with type ‘const char[7]’ [-Warray-bounds=]
9 | __builtin_strcpy (pattern, p);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
t.c:6:14: note: ‘p’ declared here
6 | const char p[] = "**(!()";
| ^
when built with gcc -Wall -O2. Reduced from posix/tst-fnmatch3.c in the glibc
test suite after an optimization that turns getpagesize () in to 4096 on
targets like x86-64.
I don't know what is going on. Clearly strcpy will stop reading at the first
null byte, so it does not matter if the destination is longer.
