https://gcc.gnu.org/bugzilla/show_bug.cgi?id=90989
Bug ID: 90989
Summary: incorrrect strlen result after second strcpy into the
same destination
Product: gcc
Version: 9.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: tree-optimization
Assignee: unassigned at gcc dot gnu.org
Reporter: msebor at gcc dot gnu.org
Target Milestone: ---
When strcpy is called more than once on a dynamically created string to
overwrite the first string with a longer one, and with a string call like
strlen in between, the length of the longer string is then incorrectly
computed. The bug requires the second copy to be represented by a MEM_REF
(ordinary memcpy works fine).
$ cat b.c && gcc -O2 -S -Wall -Wpedantic -fdump-tree-strlen=/dev/stdout b.c
int f (void)
{
char b[6];
__builtin_strcpy (b, "12");
int n = __builtin_strlen (b);
__builtin_strcpy (b, "12345");
if (__builtin_strlen (b) != 5) // GCC thinks strlen returns 2 here
__builtin_abort ();
return n;
}
;; Function f (f, funcdef_no=0, decl_uid=1906, cgraph_uid=1, symbol_order=0)
f ()
{
int n;
char b[6];
long unsigned int _1;
long unsigned int _2;
<bb 2> [local count: 1073741824]:
__builtin_memcpy (&b, "12", 3);
_1 = 2;
n_5 = (int) _1;
MEM <unsigned char[6]> [(char * {ref-all})&b] = MEM <unsigned char[6]> [(char
* {ref-all})"12345"];
_2 = 2;
if (_2 != 5)
goto <bb 3>; [0.00%]
else
goto <bb 4>; [100.00%]
<bb 3> [count: 0]:
__builtin_abort ();
<bb 4> [local count: 1073741824]:
b ={v} {CLOBBER};
return n_5;
}
