https://gcc.gnu.org/bugzilla/show_bug.cgi?id=109609
Richard Biener <rguenth at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |hubicka at gcc dot gnu.org
--- Comment #10 from Richard Biener <rguenth at gcc dot gnu.org> ---
On the first testcase reverting the offending rev. shows that it causes
<bb 2> [local count: 137085152]:
- MEM[(char *)&buf + 12B] = 0;
- _19 = *id_8(D);
- if (_19 != 0)
+ _18 = *id_7(D);
+ if (_18 != 0)
thus we DSE the store to the end.
The issue is that the fnspec we have for strncpy says the access size
is specified by argument 3 but what it specified there is the _maximum_
size read, not the actual size. So instead of "1cO313" it should be
"1cO31 " ('1' is somewhat odd then, it says we copy 'src' to 'dst'
but we only say the 'dst' write covers arg 3 size - I guess that's OK
for points-to analysis, the additional zeros written do not have pointers,
but if we use it differently it might be a wrong spec?)
I'm scanning other builtins for similar issues.
