Last week's r276603 has introduced a bug into the count_nonzero_bytes function that leads to a false positive -Wstringop-overflow in glibc's timezone/zic.c. The test case below reproduces the bogus warning. $ cat zic.i && gcc -S -O2 -Wall zic.i struct { char *s1, *s2; char c; } z; void f (char **a, int i, int j) { char * cp = __builtin_strchr (a[i], '%'); if (cp && *++cp != 's') return; z.s1 = __builtin_strdup (a[i]); if (!z.s1) __builtin_abort (); z.s2 = __builtin_strdup (a[j]); if (!z.s2) __builtin_abort (); z.c = cp ? *cp : '\0'; } zic.i: In function ‘f’: zic.i:21:7: warning: writing 8 bytes into a region of size 1 [-Wstringop-overflow=] 21 | z.c = cp ? *cp : '\0'; | ~~~~^~~~~~~~~~~~~~~~~ zic.i:4:8: note: destination object declared here 4 | char c; | ^
Patch: https://gcc.gnu.org/ml/gcc-patches/2019-10/msg00509.html
Author: msebor Date: Tue Oct 8 19:48:27 2019 New Revision: 276711 URL: https://gcc.gnu.org/viewcvs?rev=276711&root=gcc&view=rev Log: PR middle-end/92026 - gcc.dg/Wstringop-overflow-18.c FAIL PR middle-end/92014 - bogus warning: writing 8 bytes into a region of size 1 in timezone/zic.c gcc/ChangeLog: * tree-ssa-strlen.c (count_nonzero_bytes): Avoid recursing for MEM_REF again once nbytes has been set. Set the access size when not yet set. gcc/testsuite/ChangeLog: PR middle-end/92014 * gcc.dg/Wstringop-overflow-19.c: New test. Added: trunk/gcc/testsuite/gcc.dg/Wstringop-overflow-19.c Modified: trunk/gcc/ChangeLog trunk/gcc/testsuite/ChangeLog trunk/gcc/tree-ssa-strlen.c
Fixed in r276711.