On Thu, Sep 28, 2023 at 09:29:02AM +0200, Tobias Burnus wrote:
> the following works for me. I have only tried a normal build (where it
> does silence the same warning) and not an LTO build and I just believed
> the comment - see attached patch. Comments?
>
> On 28.09.23 08:25, Richard Biener via Fortran wrote:
>
> > This particular place in libgfortran has
> >
> > /* write_z, which calls xtoa_big, is called from transfer.c,
> > formatted_transfer_scalar_write. There it is passed the kind as
> > argument, which means a maximum of 16. The buffer is large
> > enough, but the compiler does not know that, so shut up the
> > warning here. */
> > #pragma GCC diagnostic push
> > #pragma GCC diagnostic ignored "-Wstringop-overflow"
> > *q = '\0';
> > #pragma GCC diagnostic pop
> >
> > so obviously the #pragma doesn't survive through LTO. Somehow I think
> > this is a known bug, but maybe I misremember (I think we are not streaming
> > any of the ad-hoc location parts).
>
> I have replaced it now by the assert that "len <= 16", i.e.
>
> + if (len > 16)
> + __builtin_unreachable ();
>
> Build + tested on x86-64-gnu-linux
> Comment? OK for mainline?
Is it just that in correct programs len can't be > 16, or that it is really
impossible for it being > 16? I mean, we have that artificial kind 17 for
powerpc which better should be turned into length of 16, but isn't e.g.
_gfortran_transfer_integer etc. just called with a kind argument? Does
anything error earlier if it is larger? I mean, say user calling
_gfortan_transfer_integer by hand with kind 1024?
Sure, we could still say it is UB to do that kind of thing and
__builtin_unreachable () would be a way to turn that UB into manifestly
reproducable UB.
Jakub
