https://gcc.gnu.org/bugzilla/show_bug.cgi?id=79016
--- Comment #2 from Martin Sebor <msebor at gcc dot gnu.org> ---
This is also affects overflowing buffers allocated by a user-defined function
declared with attribute alloc_size.
$ cat t.c && gcc -D_FORTIFY_SOURCE=2 -O2 -S -Wall
-fdump-tree-optimized=/dev/stdout t.c
#include <string.h>
int* __attribute__ ((alloc_size (1)))
f (int);
void* g (const void *s)
{
void *p = f (8);
__builtin_memcpy (p, s, 9); // missing -Wstringop-overflow
return p;
}
void* h (const void *s)
{
void *p = f (8);
memcpy (p, s, 9); // -Wstringop-overflow with _FORTIFY_SOURCE
return p;
}
;; Function g (g, funcdef_no=14, decl_uid=2244, cgraph_uid=14, symbol_order=14)
g (const void * s)
{
void * p;
<bb 2> [local count: 1073741825]:
p_3 = f (8);
__builtin_memcpy (p_3, s_4(D), 9);
return p_3;
}
;; Function h (h, funcdef_no=15, decl_uid=2248, cgraph_uid=15, symbol_order=15)
h (const void * s)
{
void * p;
<bb 2> [local count: 1073741825]:
p_3 = f (8);
__builtin___memcpy_chk (p_3, s_4(D), 9, 8);
return p_3;
}
In file included from /usr/include/string.h:635,
from t.c:1:
In function ‘memcpy’,
inlined from ‘h’ at t.c:16:3:
/usr/include/bits/string3.h:53:10: warning: ‘__builtin___memcpy_chk’ writing 9
bytes into a region of size 8 overflows the destination [-Wstringop-overflow=]
return __builtin___memcpy_chk (__dest, __src, __len, __bos0 (__dest));
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
