[Bug c++/106185] New: Spurious Wstringop-overflow in std::vector::resize

ed at catmur dot uk gcc-bugzilla@gcc.gnu.org
Mon Jul 4 14:51:01 GMT 2022 

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=106185

            Bug ID: 106185
           Summary: Spurious Wstringop-overflow in std::vector::resize
           Product: gcc
           Version: 12.1.0
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: c++
          Assignee: unassigned at gcc dot gnu.org
          Reporter: ed at catmur dot uk
  Target Milestone: ---

Since 12.1.0:
At -O3 -std=c++20 -Werror=stringop-overflow:

#include <vector>
void f() {
    std::vector<char> v;
    v.resize(26);
    v.resize(33);
    v.resize(39);
    v.resize(47);
    v.resize(v.size() + 8);
}

In file included from gcc-12.1.0/include/c++/12.1.0/vector:60,
                 from <source>:1:
In function 'constexpr typename
__gnu_cxx::__enable_if<std::__is_byte<_Tp>::__value, void>::__type
std::__fill_a1(_Tp*, _Tp*, const _Tp&) [with _Tp = char]',
    inlined from 'constexpr void std::__fill_a(_FIte, _FIte, const _Tp&) [with
_FIte = char*; _Tp = char]' at
gcc-12.1.0/include/c++/12.1.0/bits/stl_algobase.h:968:21,
    inlined from 'constexpr _OutputIterator std::__fill_n_a(_OutputIterator,
_Size, const _Tp&, random_access_iterator_tag) [with _OutputIterator = char*;
_Size = long unsigned int; _Tp = char]' at
gcc-12.1.0/include/c++/12.1.0/bits/stl_algobase.h:1119:20,
    inlined from 'constexpr _OI std::fill_n(_OI, _Size, const _Tp&) [with _OI =
char*; _Size = long unsigned int; _Tp = char]' at
gcc-12.1.0/include/c++/12.1.0/bits/stl_algobase.h:1148:29,
    inlined from 'static constexpr _ForwardIterator
std::__uninitialized_default_n_1<true>::__uninit_default_n(_ForwardIterator,
_Size) [with _ForwardIterator = char*; _Size = long unsigned int]' at
gcc-12.1.0/include/c++/12.1.0/bits/stl_uninitialized.h:663:29,
    inlined from 'static constexpr _ForwardIterator
std::__uninitialized_default_n_1<true>::__uninit_default_n(_ForwardIterator,
_Size) [with _ForwardIterator = char*; _Size = long unsigned int]' at
gcc-12.1.0/include/c++/12.1.0/bits/stl_uninitialized.h:655:9,
    inlined from 'constexpr _ForwardIterator
std::__uninitialized_default_n(_ForwardIterator, _Size) [with _ForwardIterator
= char*; _Size = long unsigned int]' at
gcc-12.1.0/include/c++/12.1.0/bits/stl_uninitialized.h:701:20,
    inlined from 'constexpr _ForwardIterator
std::__uninitialized_default_n_a(_ForwardIterator, _Size, allocator<_Tp>&)
[with _ForwardIterator = char*; _Size = long unsigned int; _Tp = char]' at
gcc-12.1.0/include/c++/12.1.0/bits/stl_uninitialized.h:766:44,
    inlined from 'constexpr void std::vector<_Tp,
_Alloc>::_M_default_append(size_type) [with _Tp = char; _Alloc =
std::allocator<char>]' at gcc-12.1.0/include/c++/12.1.0/bits/vector.tcc:642:35,
    inlined from 'constexpr void std::vector<_Tp, _Alloc>::resize(size_type)
[with _Tp = char; _Alloc = std::allocator<char>]' at
gcc-12.1.0/include/c++/12.1.0/bits/stl_vector.h:1011:21,
    inlined from 'void f()' at <source>:8:13:
gcc-12.1.0/include/c++/12.1.0/bits/stl_algobase.h:942:25: error: 'void*
__builtin_memset(void*, int, long unsigned int)' writing 7 bytes into a region
of size 4 overflows the destination [-Werror=stringop-overflow=]
  942 |         __builtin_memset(__first, static_cast<unsigned char>(__tmp),
__len);
      |        
~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from
gcc-12.1.0/include/c++/12.1.0/x86_64-linux-gnu/bits/c++allocator.h:33,
                 from gcc-12.1.0/include/c++/12.1.0/bits/allocator.h:46,
                 from gcc-12.1.0/include/c++/12.1.0/vector:61:
In member function '_Tp* std::__new_allocator<_Tp>::allocate(size_type, const
void*) [with _Tp = char]',
    inlined from 'constexpr _Tp* std::allocator< <template-parameter-1-1>
>::allocate(std::size_t) [with _Tp = char]' at
gcc-12.1.0/include/c++/12.1.0/bits/allocator.h:183:40,
    inlined from 'static constexpr _Tp*
std::allocator_traits<std::allocator<_Up> >::allocate(allocator_type&,
size_type) [with _Tp = char]' at
gcc-12.1.0/include/c++/12.1.0/bits/alloc_traits.h:464:28,
    inlined from 'constexpr std::_Vector_base<_Tp, _Alloc>::pointer
std::_Vector_base<_Tp, _Alloc>::_M_allocate(std::size_t) [with _Tp = char;
_Alloc = std::allocator<char>]' at
gcc-12.1.0/include/c++/12.1.0/bits/stl_vector.h:378:33,
    inlined from 'constexpr void std::vector<_Tp,
_Alloc>::_M_default_append(size_type) [with _Tp = char; _Alloc =
std::allocator<char>]' at gcc-12.1.0/include/c++/12.1.0/bits/vector.tcc:650:45,
    inlined from 'constexpr void std::vector<_Tp, _Alloc>::resize(size_type)
[with _Tp = char; _Alloc = std::allocator<char>]' at
gcc-12.1.0/include/c++/12.1.0/bits/stl_vector.h:1011:21,
    inlined from 'void f()' at <source>:5:13:
gcc-12.1.0/include/c++/12.1.0/bits/new_allocator.h:137:55: note: at offset [48,
52] into destination object of size 52 allocated by 'operator new'
  137 |         return static_cast<_Tp*>(_GLIBCXX_OPERATOR_NEW(__n *
sizeof(_Tp)));
      |                                                       ^
cc1plus: some warnings being treated as errors

More information about the Gcc-bugs mailing list