https://gcc.gnu.org/bugzilla/show_bug.cgi?id=97631
Bug ID: 97631
Summary: bogus "writing one too many bytes" warning for memcpy
with strlen argument
Product: gcc
Version: 11.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: tree-optimization
Assignee: unassigned at gcc dot gnu.org
Reporter: msebor at gcc dot gnu.org
Target Milestone: ---
The -Wstringop-overflow instance in f() is correct and intended but the one in
g() is neither. It most likely crept in by mistake in r279392. The test case
was reduced from libfido2.
$ cat xxx.c && gcc -O2 -S -Wall xxx.c
typedef __SIZE_TYPE__ size_t;
char* f (char *s)
{
size_t n = __builtin_strlen (s);
if (n == 0)
return 0;
char *d = __builtin_malloc (n);
__builtin_strcpy (d, s); // -Wstringop-overflow (good)
return d;
}
char* g (char *s)
{
size_t n = __builtin_strlen (s);
if (n == 0)
return 0;
char *d = __builtin_malloc (n);
__builtin_memcpy (d, s, n); // bogus overflow warning
return d;
}
xxx.c: In function ‘f’:
xxx.c:10:3: warning: ‘__builtin_strcpy’ writing one too many bytes into a
region of a size that depends on ‘strlen’ [-Wstringop-overflow=]
10 | __builtin_strcpy (d, s); // -Wstringop-overflow (good)
| ^~~~~~~~~~~~~~~~~~~~~~~
xxx.c:9:13: note: at offset 0 to an object allocated by ‘__builtin_malloc’ here
9 | char *d = __builtin_malloc (n);
| ^~~~~~~~~~~~~~~~~~~~
xxx.c: In function ‘g’:
xxx.c:21:3: warning: ‘__builtin_memcpy’ writing one too many bytes into a
region of a size that depends on ‘strlen’ [-Wstringop-overflow=]
21 | __builtin_memcpy (d, s, n); // bogus overflow warning
| ^~~~~~~~~~~~~~~~~~~~~~~~~~
xxx.c:20:13: note: at offset 0 to an object allocated by ‘__builtin_malloc’
here
20 | char *d = __builtin_malloc (n);
| ^~~~~~~~~~~~~~~~~~~~
