[Bug c++/105823] New: -Wrestrict / -Wstringop-overflow / -Warray-bounds warnings for uninitialized values

fiesh at zefix dot tv gcc-bugzilla@gcc.gnu.org
Thu Jun 2 14:02:30 GMT 2022 

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105823

            Bug ID: 105823
           Summary: -Wrestrict / -Wstringop-overflow / -Warray-bounds
                    warnings for uninitialized values
           Product: gcc
           Version: 13.0
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: c++
          Assignee: unassigned at gcc dot gnu.org
          Reporter: fiesh at zefix dot tv
  Target Milestone: ---

Some of our code when compiled with enough optimization resulted in weird
-Wrestrict warnings that I think were somehow drawn in through std::string and
then from libstdc++'s char_traits.h.

I tried reducing it and arrived at code which behaves as follows:

% g++ -Wall -Wextra -Wno-nonnull -Wno-stringop-overflow -Wno-array-bounds
-Werror -std=c++20 -O3 -c a.ii

fails because of -Wrestrict, and removing -Wno-stringop-overflow or
-Wno-array-bounds makes these trigger the same warning.  (stringop-overflow is
disabled in char_traits.h which I think is why we hit -Wrestrict instead.)

% g++ -Wall -Wextra -Wno-restrict -Wno-nonnull -Wno-stringop-overflow
-Wno-array-bounds -Werror -std=c++20 -O3 -c a.ii

succeeds.

The warning is:

error: 'void* __builtin_memcpy(void*, const void*, long unsigned int)'
accessing 9223372036854775808 or more bytes at offsets 0 and 0 may overlap up
to 9223372036854775809 bytes at offset -1

The code is:

char aq_ai, bi_bc;
struct ah {
  auto aq(long aj) {
    return __builtin_memcpy(0, &aq_ai, aj);
  }
  long ba_bg;
  void ba() { bi((ba_bg)); }
  ah &bi(long);
};
char *bi_ar;
ah &ah::bi(long bp) {
  if (bp) {
    if (bi_ar >= &bi_bc + bp)
      ;
    else {
      long bt = &bi_bc + bp - bi_ar;
      aq(-bt);
    }
  }
  return *this;
}
void cn() {
  ah container;
  container.ba();
}



Note that changing "bi((ba_bq));" to "bi(ba_bq);", i.e. removing the double
parentheses, makes gcc correctly determine that ba_bq is used uninitialized. 
(Maybe this is the actual bug and assigning -1 to unused values is just what
results in this warning here and is legitimate?)

More information about the Gcc-bugs mailing list