Bug 109980 - Bogus Wstringop-overflow and Wstringop-overread warnings when attribute `access` is applied to struct arg
Summary: Bogus Wstringop-overflow and Wstringop-overread warnings when attribute `acce...
Status: NEW
Alias: None
Product: gcc
Classification: Unclassified
Component: tree-optimization (show other bugs)
Version: 13.1.1
: P3 normal
Target Milestone: ---
Assignee: Not yet assigned to anyone
URL:
Keywords: diagnostic
Depends on:
Blocks: Wstringop-overflow Wstringop-overread
  Show dependency treegraph
 
Reported: 2023-05-26 07:47 UTC by Gabriel Eiseman
Modified: 2023-05-27 01:39 UTC (History)
5 users (show)

See Also:
Host:
Target:
Build:
Known to work:
Known to fail:
Last reconfirmed: 2023-05-27 00:00:00


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Gabriel Eiseman 2023-05-26 07:47:56 UTC
I'm getting incorrect warnings for some functions using the `access` attribute.  I've managed to reduce the code that produces the error to this:

========== access.c ==========
typedef struct{
    int value, decoy;
} S;

[[gnu::access(read_write, 1)]]
int S_rw(S *self){
    return self->value += 1;
}

[[gnu::access(read_only, 1)]]
int S_ro(const S *self){
    return self->value;
}

int S_test(S *tmps){
    return tmps[1].value && S_rw(tmps + 1) && S_ro(tmps + 1);
}
====================

========== compiler options (13.1.1 20230429 x86_64-pc-linux-gnu) ==========
gcc -std=c2x -fsanitize=object-size -O1 -c access.c
====================

========== output ==========
access.c: In function ‘S_test’:
access.c:16:33: warning: ‘S_rw’ accessing 8 bytes in a region of size 4 [-Wstringop-overflow=]
   16 |         return tmps[1].value && S_rw(tmps + 1) && S_ro(tmps + 1);
      |                                 ^~~~~~~~~~~~~~
access.c:6:5: note: in a call to function ‘S_rw’ declared with attribute ‘access (read_write, 1)’
    6 | int S_rw(S *self){
      |     ^~~~
access.c:16:51: warning: ‘S_ro’ reading 8 bytes from a region of size 4 [-Wstringop-overread]
   16 |         return tmps[1].value && S_rw(tmps + 1) && S_ro(tmps + 1);
      |                                                   ^~~~~~~~~~~~~~
access.c:2:13: note: source object ‘value’ of size 4
    2 |         int value, decoy;
      |             ^~~~~
access.c:11:5: note: in a call to function ‘S_ro’ declared with attribute ‘access (read_only, 1)’
   11 | int S_ro(const S *self){
      |
====================

These incorrect warnings occur regardless of -Wall, -Wextra, and -fno-strict-aliasing.  However, the warnings go away if I remove ANY OF:
- the field `decoy`
- the `access` annotations
- the `tmps[1].value` argument to `&&`
- `-fsanitize=object-size`
- `-O1`

This looks extremely similar to
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105689
but I do not get bogus warnings at `-O2`, only with `-fsanitize=object-size` (an `-O1`).  In fact, these warnings GO AWAY when I use both `-fsanitize=object-size` and `-O2`.
Additionally, I'm seeing invalid -Wstringop-overread, not just -Wstringop-overflow, although the latter is probably caused by the same CSE bug that causes these very similar warnings in slightly different circumstances.
Comment 1 Andrew Pinski 2023-05-27 01:39:23 UTC
Confirmed.

Note the -O2 difference just comes from inlining.
So you could get away with just this for getting the warning:
```
typedef struct{
    int value, decoy;
} S;

[[gnu::access(read_write, 1)]]
int S_rw(S *self);

[[gnu::access(read_only, 1)]]
int S_ro(const S *self);

int S_test(S *tmps){
    return tmps[1].value && S_rw(tmps + 1) && S_ro(tmps + 1);
}
```