[Bug middle-end/95276] [10/11 Regression] Amusing stringpop-overflow message building libgfortran
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=95276 Tobias Burnus changed: What|Removed |Added CC||burnus at gcc dot gnu.org --- Comment #14 from Tobias Burnus --- (In reply to Thomas Koenig from comment #8) > a.c:18:6: warning: writing 1 byte into a region of size 0 > $ LANG=de_DE.UTF-8 gcc -O2 -S a.c > a.c:18:6: Warnung: Schreiben von 140075679154576 Byte in eine Region der That's due to the missing %G in some translation such as at: msgid "%Gwriting between %wu and %wu bytes into a region of size %wu" msgstr "Schreiben von %wu bis %wu Bytes in eine Region der Größe %wu" I reported it to the translators of the de.po file.
[Bug middle-end/95276] [10/11 Regression] Amusing stringpop-overflow message building libgfortran
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=95276 Martin Sebor changed: What|Removed |Added Status|NEW |RESOLVED Resolution|--- |INVALID --- Comment #13 from Martin Sebor --- The latest trunk outputs the same warning with a better note (the offset is correct). As discussed in comment #7 the warning for the small test case is correct: the loop overflows the small buffer. It iterates at least three times, writing two bytes into the four byte destination in each iteration, for a total of six bytes. I don't see a bug here so I'm resolving it as invalid. If the test case below isn't representative of the fortran code please submit one that is. $ cat pr95276.c && gcc -O2 -S -Wall pr95276.c char a[4]; void f (char *s, int n) { if (n <= 2) return; char *d = a; for (int i = 0; i < n; i++) { extern volatile unsigned char h, l; *d++ = s[h]; *d++ = s[l]; } *d = '\0'; } pr95276.c: In function ‘f’: pr95276.c:18:6: warning: writing 1 byte into a region of size 0 [-Wstringop-overflow=] 18 | *d = '\0'; | ~~~^~ pr95276.c:1:6: note: at offset 6 into destination object ‘a’ of size 4 1 | char a[4]; | ^
[Bug middle-end/95276] [10/11 Regression] Amusing stringpop-overflow message building libgfortran
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=95276 Richard Biener changed: What|Removed |Added Version|unknown |10.1.0 Priority|P3 |P2
[Bug middle-end/95276] [10/11 Regression] Amusing stringpop-overflow message building libgfortran
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=95276 Richard Biener changed: What|Removed |Added Target Milestone|10.2|10.3 --- Comment #12 from Richard Biener --- GCC 10.2 is released, adjusting target milestone.
[Bug middle-end/95276] [10/11 Regression] Amusing stringpop-overflow message building libgfortran
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=95276 --- Comment #11 from Thomas Koenig --- (In reply to Thomas Koenig from comment #10) > The libgfortran bug is now PR 95313 . Actually, the warning is a false positive, for our code. We never call write_z with an excessive length. So, what's left is to tell -Wstringop-overflow to shut up in a way that does not incur a run-time penalty.
[Bug middle-end/95276] [10/11 Regression] Amusing stringpop-overflow message building libgfortran
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=95276 --- Comment #10 from Thomas Koenig --- The libgfortran bug is now PR 95313 .
[Bug middle-end/95276] [10/11 Regression] Amusing stringpop-overflow message building libgfortran
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=95276 --- Comment #9 from Thomas Koenig --- So, two bugs, as far as I can see: One in libgfortran, which was warned about. I will check if this is actually valid, maybe the automated test case reduction went too far. The second one about the apparent use of uninitialized memory for the warning.
[Bug middle-end/95276] [10/11 Regression] Amusing stringpop-overflow message building libgfortran
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=95276 --- Comment #8 from Thomas Koenig --- Looks like a faithful reduction that you made, it also still shows the locale dependency from comment #4: $ LANG="" gcc -O2 -S a.c a.c: In function 'f': a.c:18:6: warning: writing 1 byte into a region of size 0 [-Wstringop-overflow=] 18 | *d = '\0'; | ~~~^~ a.c:1:6: note: at offset 0 to object 'a' with size 4 declared here 1 | char a[4]; | ^ $ LANG=de_DE.UTF-8 gcc -O2 -S a.c a.c: In Funktion »f«: a.c:18:6: Warnung: Schreiben von 140075679154576 Byte in eine Region der Größe 1 [-Wstringop-overflow=] 18 | *d = '\0'; | ~~~^~ a.c:1:6: Anmerkung: bei Offset 0 zum Objekt »a« mit Größe 4 wurde hier deklariert 1 | char a[4]; | ^
[Bug middle-end/95276] [10/11 Regression] Amusing stringpop-overflow message building libgfortran
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=95276 --- Comment #7 from Martin Sebor --- There are some uninitialized local variables in the reduced test case but with those made extern I was able to reproduce the warning. But unless the test case was reduced too far or the reduction introduced bugs (or I unless missed something) I think the warning justified. ztoa_big() is being called with len > 16 and a buffer of size 33. The loop in the function iterates 2 * len times, storing into successive elements of the 33-byte itoa_buf, and then appending '\0'. So with len == 17 it writes 35 bytes into the 33-bute itoa_buf. Here's a much smaller test case that I ultimately reduced it to that shows the bug (I shrank the buffer while still keeping the size ratios). The offset of zero doesn't seem right but that's a side issue. $ cat pr95276.c && gcc -O2 -S pr95276.c char a[4]; void f (char *s, int n) { if (n <= 2) return; char *d = a; for (int i = 0; i < n; i++) { extern volatile unsigned char h, l; *d++ = s[h]; *d++ = s[l]; } *d = '\0'; } pr95276.c: In function ‘f’: pr95276.c:18:6: warning: writing 1 byte into a region of size 0 [-Wstringop-overflow=] 18 | *d = '\0'; | ~~~^~ pr95276.c:1:6: note: at offset 0 to object ‘a’ with size 4 declared here 1 | char a[4]; | ^
[Bug middle-end/95276] [10/11 Regression] Amusing stringpop-overflow message building libgfortran
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=95276 --- Comment #6 from Thomas Koenig --- Created attachment 48588 --> https://gcc.gnu.org/bugzilla/attachment.cgi?id=48588=edit shortened test case Here's the test case as shortened by multidelta.
[Bug middle-end/95276] [10/11 Regression] Amusing stringpop-overflow message building libgfortran
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=95276 Thomas Koenig changed: What|Removed |Added Target Milestone|11.0|10.2 Summary|[11 Regression] Amusing |[10/11 Regression] Amusing |stringpop-overflow message |stringpop-overflow message |building libgfortran|building libgfortran --- Comment #5 from Thomas Koenig --- gcc 10 also fails, gcc 9 is OK: $ LANG="de_DE.UTF-8" ~/lib/gcc/x86_64-pc-linux-gnu/10.0.1/cc1 -quiet -O2 w-posted.i w-posted.i: In Funktion »write_z«: w-posted.i:6484:6: Warnung: Schreiben von 139708431197600 Byte in eine Region der Größe 1 [-Wstringop-overflow=] 6484 | *q = '\0'; | ~~~^~ w-posted.i:6495:8: Anmerkung: bei Offset 0 zum Objekt »itoa_buf« mit Größe 33 wurde hier deklariert 6495 | char itoa_buf[((sizeof (GFC_REAL_16)) * 2 + 1)]; |^~~~ $ LANG="de_DE.UTF-8" ~/lib/gcc/x86_64-pc-linux-gnu/9.3.1/cc1 -quiet -O2 w-posted.i $