Note: This is a public test instance of Red Hat Bugzilla. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback at bugzilla.redhat.com.
Bug 1909564 - Regression: false -Wstringop-overread warning from gcc-c++-11.0.0-0.10.fc34
Summary: Regression: false -Wstringop-overread warning from gcc-c++-11.0.0-0.10.fc34
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: gcc
Version: 34
Hardware: Unspecified
OS: Unspecified
unspecified
high
Target Milestone: ---
Assignee: Jakub Jelinek
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks: 1914324 1923590
TreeView+ depends on / blocked
 
Reported: 2020-12-21 00:16 UTC by Mattias Ellert
Modified: 2021-02-13 13:19 UTC (History)
14 users (show)

Fixed In Version: gcc-11.0.0-0.19.fc34 gcc-11.0.0-0.19.fc35
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2021-02-13 13:19:14 UTC
Type: Bug
Embargoed:


Attachments (Terms of Use)
Test case (deleted)
2020-12-21 00:16 UTC, Mattias Ellert
no flags Details


Links
System ID Private Priority Status Summary Last Updated
GNU Compiler Collection 98465 0 P2 ASSIGNED Bogus -Wstringop-overread with -std=gnu++20 -O2 and std::string::insert 2021-02-13 05:31:24 UTC

Description Mattias Ellert 2020-12-21 00:16:26 UTC
Created attachment 1740806 [details]
Test case

Description of problem:

False positive -Wstringop-overread warning.
This is a regression in gcc-c++-11.0.0-0.10.fc34 wrt gcc-c++-11.0.0-0.7.fc34.

The warning says: reading 3 bytes from a region of size 1
But the source of the copy is a string constant "ABC", which clearly is not one character long.

Version-Release number of selected component (if applicable):

gcc-c++-11.0.0-0.10.fc34

How reproducible:

Always

Steps to Reproduce:
1. tar -z -x -f gcc-bug.tar.gz (see attachment)
2. cd gcc-bug
3. make

Actual results:

Error

g++ -fPIC -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1  -m64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -c -o test.o test.cpp
g++ -shared -Wl,-z,relro -Wl,--as-needed  -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld  -o libtest.so test.o
In function ‘copy’,
    inlined from ‘_S_copy’ at /usr/include/c++/11/bits/basic_string.h:351:21,
    inlined from ‘_S_copy’ at /usr/include/c++/11/bits/basic_string.h:346:7,
    inlined from ‘_M_replace’ at /usr/include/c++/11/bits/basic_string.tcc:481:20,
    inlined from ‘replace’ at /usr/include/c++/11/bits/basic_string.h:1946:19,
    inlined from ‘insert’ at /usr/include/c++/11/bits/basic_string.h:1714:22,
    inlined from ‘operator+’ at /usr/include/c++/11/bits/basic_string.h:6154:23,
    inlined from ‘B’ at test.cpp:4:40:
/usr/include/c++/11/bits/char_traits.h:402:56: warning: ‘__builtin_memcpy’ reading 3 bytes from a region of size 1 [-Wstringop-overread]
  402 |         return static_cast<char_type*>(__builtin_memcpy(__s1, __s2, __n));
      |                                                        ^

Expected results:

No error (as with gcc-c++-11.0.0-0.7.fc34)

g++ -fPIC -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1  -m64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -c -o test.o test.cpp
g++ -shared -Wl,-z,relro -Wl,--as-needed  -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld  -o libtest.so test.o

Additional info:

Reduced from kischei failure:

https://koschei.fedoraproject.org/package/xrootd?collection=f34

Comment 1 Mattias Ellert 2020-12-24 12:42:21 UTC
Still happens with gcc-c++-11.0.0-0.11.fc34.

Comment 2 Mattias Ellert 2021-01-11 20:20:26 UTC
Still happens with gcc-c++-11.0.0-0.12.fc34.

Comment 3 Kamil Dudka 2021-01-13 18:00:44 UTC
This regression broke the build of cbmc, which compiles with -Werror:

    https://koji.fedoraproject.org/koji/taskinfo?taskID=59589370

I ended up with the following minimal example (compiled with `-O2 -g -Wp,-D_GLIBCXX_ASSERTIONS -c`):

#include <string>

struct T { std::string s; };

T f() {
    T obj;
    obj.s = "location";
    return obj;
}

Comment 4 Martin Sebor 2021-01-13 18:08:22 UTC
The upstream bug is https://gcc.gnu.org/bugzilla/show_bug.cgi?id=98465.

Comment 5 Antonio T. sagitter 2021-01-15 20:59:59 UTC
Same error for gtengine-5.6 (not pushed yet):

[ 86%] Building CXX object Graphics/CMakeFiles/gtgraphics.dir/GL45/GL45InputLayoutManager.cpp.o
cd /builddir/build/BUILD/GeometricTools-GTE-version-5.6/Graphics && /usr/bin/g++ -DGTE_DISABLE_PCH -DGTE_USE_LINUX -DGTE_USE_MAT_VEC -DGTE_USE_OPENGL -DGTE_USE_ROW_MAJOR -DNDEBUG -Dgtgraphics_EXPORTS -I/builddir/build/BUILD/GeometricTools-GTE-version-5.6/GTE/Graphics/.. -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1  -m64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -DNDEBUG -fPIC -c -Wall -Werror -O3 -std=c++14 -o CMakeFiles/gtgraphics.dir/GL45/GL45InputLayoutManager.cpp.o -c /builddir/build/BUILD/GeometricTools-GTE-version-5.6/GTE/Graphics/GL45/GL45InputLayoutManager.cpp
In file included from /usr/include/c++/11/string:40,
                 from /builddir/build/BUILD/GeometricTools-GTE-version-5.6/GTE/Graphics/../Graphics/DataFormat.h:10,
                 from /builddir/build/BUILD/GeometricTools-GTE-version-5.6/GTE/Graphics/../Graphics/VertexFormat.h:10,
                 from /builddir/build/BUILD/GeometricTools-GTE-version-5.6/GTE/Graphics/VertexFormat.cpp:9:
In function 'std::char_traits<char>::copy(char*, char const*, unsigned long)',
    inlined from 'std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >::_S_copy(char*, char const*, unsigned long)' at /usr/include/c++/11/bits/basic_string.h:351:21,
    inlined from 'std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >::_M_replace(unsigned long, unsigned long, char const*, unsigned long)' at /usr/include/c++/11/bits/basic_string.tcc:481:20,
    inlined from 'std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >::replace(unsigned long, unsigned long, char const*, unsigned long)' at /usr/include/c++/11/bits/basic_string.h:1946:19,
    inlined from 'std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >::insert(unsigned long, char const*)' at /usr/include/c++/11/bits/basic_string.h:1714:22,
    inlined from 'std::operator+<char, std::char_traits<char>, std::allocator<char> >(char const*, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >&&)std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >' at /usr/include/c++/11/bits/basic_string.h:6154:23,
    inlined from 'gte::Logger::Logger(char const*, char const*, int, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&)' at /builddir/build/BUILD/GeometricTools-GTE-version-5.6/GTE/Graphics/../Mathematics/Logger.h:86:44:
/usr/include/c++/11/bits/char_traits.h:402:56: error: 'memcpy' reading 6 bytes from a region of size 1 [-Werror=stringop-overread]
  402 |         return static_cast<char_type*>(__builtin_memcpy(__s1, __s2, __n));
      |                                        ~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~

Comment 6 Ben Cotton 2021-02-09 16:12:44 UTC
This bug appears to have been reported against 'rawhide' during the Fedora 34 development cycle.
Changing version to 34.


Note You need to log in before you can comment on or make changes to this bug.