Ping: https://gcc.gnu.org/ml/gcc-patches/2019-02/msg02029.html
On 3/6/19 2:40 PM, Martin Sebor wrote:
Ping: https://gcc.gnu.org/ml/gcc-patches/2019-02/msg02029.html
(This is marked as a P1 regression.)
On 2/26/19 6:32 PM, Martin Sebor wrote:
Please disregard the original patch and consider the attached
version instead.
On 2/26/19 5:03 PM, Martin Sebor wrote:
The false positive in PR89350 is due to -Wstringop-overflow
trusting that the sizetype offset in POINTER_PLUS_EXPR means
the offset is, in fact, unsigned. Avoiding the false positive
in the cases when this isn't so is trivial but comes at a cost
of false negatives. Avoiding those will, I expect, require
enhancing the compute_builtin_object_size() function and that
seems risky at this stage so I would like to defer that until
stage 1. Except in the instance of memset, the false positives
also aren't too serious because the same problem is also
diagnosed by the -Warray-bounds warning in the wrestrict pass.
Unfortunately, the wrestrict pass only handles copy functions
and not memset.
With that as background, the attached patch avoids
the -Wstringop-overflow false positive by disabling the warning
for offsets whose lower bound is positive and upper bound negative.
To avoid the false negatives for memset the patch lets the wrestrict
pass handle the function (for the bounds checking only). While
testing this I noticed that the wrestrict pass makes the same
assumption about offsets, so it too is susceptible to similar
false positives. The rest of the patch corrects this problem
n the wrestrict pass. Because the pass doesn't depend on
the compute_builtin_object_size() function as much as
-Wstringop-overflow, the fix does not cause false positives (at
least none that I came across).
Tested on x86_64-linux.
Martin
