[Bug middle-end/101397] [11 Regression] spurious warning writing to the result of stpcpy minus 1

siddhesh at gotplt dot org via Gcc-bugs Tue, 26 Oct 2021 07:25:08 -0700

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=101397


Siddhesh Poyarekar <siddhesh at gotplt dot org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |siddhesh at gotplt dot org

--- Comment #7 from Siddhesh Poyarekar <siddhesh at gotplt dot org> ---
(In reply to CVS Commits from comment #4)
> The master branch has been updated by Martin Sebor <mse...@gcc.gnu.org>:
> 
> https://gcc.gnu.org/g:8bf5b49ebd2176b8c535147377381dd07fbdd643
> 
> commit r12-2422-g8bf5b49ebd2176b8c535147377381dd07fbdd643
> Author: Martin Sebor <mse...@redhat.com>
> Date:   Tue Jul 20 13:48:20 2021 -0600
> 
>     Correct stpcpy offset computation for -Warray-bounds et al. [PR101397].

This causes a crash with the following program due to an infinite recursion:

typedef __SIZE_TYPE__ size_t;

void
__attribute__ ((noinline))
foo (size_t x)
{
  struct T { char buf[64]; char buf2[64]; } t;
  char *p = &t.buf[8];
  char *r = t.buf2;
  size_t i;

  for (i = 0; i < x; i++)
    {
      r = __builtin_mempcpy (r, p, i);
      p = r + 1;
    }
}

$ cc1.r12-2422 -quiet -o - repro.c 
        .file   "repro.c"
        .text
Segmentation fault (core dumped)

[Bug middle-end/101397] [11 Regression] spurious warning writing to the result of stpcpy minus 1

Reply via email to