[Bug tree-optimization/82103] spurious stringop-overflow warning

msebor at gcc dot gnu.org gcc-bugzilla@gcc.gnu.org
Fri Dec 1 22:09:00 GMT 2017


https://gcc.gnu.org/bugzilla/show_bug.cgi?id=82103

Martin Sebor <msebor at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
          Component|rtl-optimization            |tree-optimization
           See Also|                            |https://gcc.gnu.org/bugzill
                   |                            |a/show_bug.cgi?id=83239

--- Comment #2 from Martin Sebor <msebor at gcc dot gnu.org> ---
Oddly, this only happens with the statement expression, not with direct calls
to memset.

The invalid memset first shows up in the .phicprop2 dump which shows the output
below.  This seems like another instance (similar to pr83239) where the value
of the size operand to one these built-ins could be checked and, if it's
invalid/out-of-bounds, the call replaced with a trap.

;; Function g (g, funcdef_no=0, decl_uid=1839, cgraph_uid=0, symbol_order=0)

  ...
  Replacing '__n_38' with constant '4294967295'
    Original statement:memset (_16, 0, __n_38);
    Updated statement:memset (_16, 0, 4294967295);
  ...
g (char * data, unsigned int frame_size, _Bool c)
{
  unsigned int __n;
  unsigned int __n;
  unsigned int _1;
  char * _6;
  char * _16;
  char * _22;
  unsigned int _25;
  unsigned int _28;

  <bb 2> [local count: 1073741825]:
  if (frame_size_8(D) != 0)
    goto <bb 3>; [33.00%]
  else
    goto <bb 10>; [67.00%]

  <bb 3> [local count: 354334802]:
  memset (data_10(D), 5, frame_size_8(D));
  if (c_12(D) != 0)
    goto <bb 4>; [0.00%]
  else
    goto <bb 5>; [100.00%]

  <bb 4> [local count: 354334802]:
  f ();

  <bb 5> [local count: 719407025]:
  _1 = frame_size_8(D) >> 1;
  __n_14 = _1 + 4294967295;
  _6 = data_10(D) + _1;
  _25 = _1 + 4294967285;
  if (__n_14 != 0)
    goto <bb 7>; [0.00%]
  else
    goto <bb 6>; [100.00%]

  <bb 6> [local count: 719407025]:
  # _22 = PHI <_6(5), _16(9), _6(7)>
  # _28 = PHI <_25(5), 4294967285(9), _25(7)>
  memset (_22, 4, _28);
  goto <bb 8>; [100.00%]

  <bb 7> [local count: 719407025]:
  memset (_6, 0, __n_14);
  if (_25 != 0)
    goto <bb 6>; [0.00%]
  else
    goto <bb 8>; [100.00%]

  <bb 8> [local count: 1073741825]:
  return;

  <bb 9> [local count: 354334800]:
  _16 = data_10(D);
  memset (_16, 0, 4294967295);
  goto <bb 6>; [100.00%]

  <bb 10> [local count: 719407025]:
  if (c_12(D) != 0)
    goto <bb 4>; [50.75%]
  else
    goto <bb 9>; [49.25%]

}


More information about the Gcc-bugs mailing list