https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102805
Bug ID: 102805
Summary: at -O2, spurious stringop-overflow warning writing to
std::vector::back()
Product: gcc
Version: 11.2.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: c++
Assignee: unassigned at gcc dot gnu.org
Reporter: rudick at gmail dot com
Target Milestone: ---
g++ -O2 -Wextra -Wall -Werror -Wextra vectorBackWrite.cpp
#include <vector>
#include <stddef.h>
#include <iostream>
extern FILE* f;
void triggerBug(uint64_t start, uint64_t end) {
if (f && end > start) {
std::vector<char> data(end - start + 1);
auto res = fread(&data[0], end-start, 1, f);
if (res == 1) {
data.back() = 0;
}
}
}
error is:
vectorBackWrite.cpp: In function ‘void triggerBug(uint64_t, uint64_t)’:
vectorBackWrite.cpp:11:19: error: writing 1 byte into a region of size 0
[-Werror=stringop-overflow=]
11 | data.back() = 0;
| ~~~~~~~~~~~~^~~
In file included from
/opt/gcc-11.2.0/include/c++/11.2.0/x86_64-linux-gnu/bits/c++allocator.h:33,
from /opt/gcc-11.2.0/include/c++/11.2.0/bits/allocator.h:46,
from /opt/gcc-11.2.0/include/c++/11.2.0/vector:64,
from vectorBackWrite.cpp:1:
/opt/gcc-11.2.0/include/c++/11.2.0/ext/new_allocator.h:127:48: note: at offset
[0, 9223372036854775806] into destination object of size [2,
9223372036854775807] allocated by ‘operator new’
127 | return static_cast<_Tp*>(::operator new(__n * sizeof(_Tp)));
| ~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~
cc1plus: all warnings being treated as errors
Interestingly, this also fails w/ the same error:
*(data.rbegin()) = 0;
but this is accepted:
data[data.size()-1] = 0;
code works in gcc7 & gcc9 on the same platform, & works on gcc11 with -O1
It also seems to require the fread to be present
Version: 11.2.0
system: CentOS Linux 7.7.1908 on Intel Xeon
