On 7/30/21 10:45 AM, Jeff Law via Gcc wrote:
On 7/30/2021 10:19 AM, Aldy Hernandez via Libc-alpha wrote:
There's a new jump threader in GCC which is much more aggressive, and
may trigger latent problems with other warning passes, especially
-Warray-bounds, -Woverflow, and -Wuninitialized.
[ ... ]
Ugh. First attempt got blocked as message was slightly too big.
I think this is pretty generic as I've seen it on multiple ports and
Joseph mentioned them as well.
With an s390-linux-gnu (not s390x!) cross compiler you should be able to
trigger:
bash-5.1# s390-linux-gnu-gcc -std=gnu99 -O2 -Wall -mlong-double-128 *.i
In file included from t.61.c:437:
In function 'from_t_61_single',
inlined from 'gconv' at ../iconv/skeleton.c:568:15:
../iconv/loop.c:440:22: warning: writing 1 byte into a region of size 0
[-Wstringop-overflow=]
In file included from t.61.c:437:
../iconv/loop.c: In function 'gconv':
../iconv/loop.c:382:17: note: at offset 2 into destination object
'bytebuf' of size 2
I don't know if it's a real failure or a false positive. I haven't even
bisected, but I suspect the new threader is the triggering change.
Ideally the threader threaded a path we hadn't previously and by some
chain of events exposed a out of bounds write that needs to be fixed.
The warning is valid for the IL. Bytebuf is unsigned char[2] and
in bb 25 the warning sees:
<bb 25> [local count: 2288797]:
_613 = *inptr_96;
bytebuf[2] = _613; <<< -Wstringop-overflow
goto <bb 32>; [100.00%]
GCC can't tell if the code is reachable and neither can I. As
far as I can see it's the result of unrolling one if the loops
in the function, likely this one:
do
bytebuf[inlen++] = *inptr++;
while (inlen < 2 && inptr < inend);
Adding:
if (inlen >= 2) __builtin_unreachable ();
just above it avoids the warning.
Martin
