[Bug tree-optimization/120929] [16 Regression] file-5.45 triggers stack protection false positives since r16-1905-g7165ca43caf470

qinzhao at gcc dot gnu.org via Gcc-bugs Wed, 02 Jul 2025 08:19:27 -0700

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=120929


qinzhao at gcc dot gnu.org changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |qinzhao at gcc dot gnu.org
           Assignee|unassigned at gcc dot gnu.org      |qinzhao at gcc dot 
gnu.org

--- Comment #2 from qinzhao at gcc dot gnu.org ---
could you please reduce the testing case to help me debug?

I suspect that this relate to the following change in gcc/tree-object-size.cc
of r10-1905-g7165ca43caf470: 

            /* Handle the following stmt #2 to propagate the size from the
1860                   stmt #1 to #3:
1861                    1  _1 = .ACCESS_WITH_SIZE (_3, _4, 1, 0, -1, 0B);
1862                    2  _5 = *_1;
1863                    3  _6 = __builtin_dynamic_object_size (_5, 1);
1864                 */
1865                else if (TREE_CODE (rhs) == MEM_REF
1866                         && POINTER_TYPE_P (TREE_TYPE (rhs))
1867                         && TREE_CODE (TREE_OPERAND (rhs, 0)) == SSA_NAME
1868                         && integer_zerop (TREE_OPERAND (rhs, 1)))
1869                  reexamine = merge_object_sizes (osi, var, TREE_OPERAND
(rhs, 0));

This change enabled more opportunities to propagate the size information, as a
result, the __builtin_dynamic_object_size might return a valid value now. 

Are you sure that the new buffer overflow is a false positive?

[Bug tree-optimization/120929] [16 Regression] file-5.45 triggers stack protection false positives since r16-1905-g7165ca43caf470

Reply via email to