From patchwork Tue Feb  9 08:57:42 2021
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jakub Jelinek <jakub@redhat.com>
X-Patchwork-Id: 1438208
Return-Path: <gcc-patches-bounces@gcc.gnu.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Authentication-Results: ozlabs.org;
 spf=pass (sender SPF authorized) smtp.mailfrom=gcc.gnu.org
 (client-ip=2620:52:3:1:0:246e:9693:128c; helo=sourceware.org;
 envelope-from=gcc-patches-bounces@gcc.gnu.org; receiver=<UNKNOWN>)
Authentication-Results: ozlabs.org;
	dkim=pass (1024-bit key;
 unprotected) header.d=gcc.gnu.org header.i=@gcc.gnu.org header.a=rsa-sha256
 header.s=default header.b=aGK+J6B+;
	dkim-atps=neutral
Received: from sourceware.org (server2.sourceware.org
 [IPv6:2620:52:3:1:0:246e:9693:128c])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest
 SHA256)
	(No client certificate requested)
	by ozlabs.org (Postfix) with ESMTPS id 4DZcHC1pyqz9sTD
	for <incoming@patchwork.ozlabs.org>; Tue,  9 Feb 2021 19:57:57 +1100 (AEDT)
Received: from server2.sourceware.org (localhost [IPv6:::1])
	by sourceware.org (Postfix) with ESMTP id 1EC36398B40F;
	Tue,  9 Feb 2021 08:57:51 +0000 (GMT)
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 1EC36398B40F
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gcc.gnu.org;
	s=default; t=1612861071;
	bh=aSQRBuOU+T5jFV6WJvGVwNgiwLpyeWPzdR0imVAFcZg=;
	h=Date:To:Subject:List-Id:List-Unsubscribe:List-Archive:List-Post:
	 List-Help:List-Subscribe:From:Reply-To:Cc:From;
	b=aGK+J6B+yb1aB2Qhr01hY+guvWEetYJBnXEEL8tM23U+YUL7Ezz2bWhIxduvBU60/
	 35GhpqYWjXeSa5NqVrPgtZukTkGZVALH7aBD+h/BK/8tWoidstCVAgUdVTApL+2i0Q
	 PoS2WWoY7HZ1Z38LNRt5Mu5d40GrTvHfNKLJmNos=
X-Original-To: gcc-patches@gcc.gnu.org
Delivered-To: gcc-patches@gcc.gnu.org
Received: from us-smtp-delivery-124.mimecast.com
 (us-smtp-delivery-124.mimecast.com [63.128.21.124])
 by sourceware.org (Postfix) with ESMTP id 3147E398B409
 for <gcc-patches@gcc.gnu.org>; Tue,  9 Feb 2021 08:57:48 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.3.2 sourceware.org 3147E398B409
Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com
 [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id
 us-mta-218-n_GkYHkVPs6XIDRd-e5j6w-1; Tue, 09 Feb 2021 03:57:46 -0500
X-MC-Unique: n_GkYHkVPs6XIDRd-e5j6w-1
Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com
 [10.5.11.13])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 6595785B663;
 Tue,  9 Feb 2021 08:57:45 +0000 (UTC)
Received: from tucnak.zalov.cz (ovpn-112-197.ams2.redhat.com [10.36.112.197])
 by smtp.corp.redhat.com (Postfix) with ESMTPS id E018F6FEED;
 Tue,  9 Feb 2021 08:57:44 +0000 (UTC)
Received: from tucnak.zalov.cz (localhost [127.0.0.1])
 by tucnak.zalov.cz (8.16.1/8.16.1) with ESMTPS id 1198vhkn3151377
 (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NOT);
 Tue, 9 Feb 2021 09:57:43 +0100
Received: (from jakub@localhost)
 by tucnak.zalov.cz (8.16.1/8.16.1/Submit) id 1198vgoO3151376;
 Tue, 9 Feb 2021 09:57:42 +0100
Date: Tue, 9 Feb 2021 09:57:42 +0100
To: Jonathan Wakely <jwakely@redhat.com>
Subject: [PATCH] string: Add a workaround for -Wstringop-overread false
 positives [PR98465]
Message-ID: <20210209085742.GT4020736@tucnak>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Disposition: inline
X-Spam-Status: No, score=-6.4 required=5.0 tests=BAYES_00, DKIMWL_WL_HIGH,
 DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, RCVD_IN_DNSWL_LOW,
 RCVD_IN_MSPIKE_H4, RCVD_IN_MSPIKE_WL, SPF_HELO_NONE, SPF_PASS,
 TXREP autolearn=ham autolearn_force=no version=3.4.2
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on
 server2.sourceware.org
X-BeenThere: gcc-patches@gcc.gnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Gcc-patches mailing list <gcc-patches.gcc.gnu.org>
List-Unsubscribe: <https://gcc.gnu.org/mailman/options/gcc-patches>,
 <mailto:gcc-patches-request@gcc.gnu.org?subject=unsubscribe>
List-Archive: <https://gcc.gnu.org/pipermail/gcc-patches/>
List-Post: <mailto:gcc-patches@gcc.gnu.org>
List-Help: <mailto:gcc-patches-request@gcc.gnu.org?subject=help>
List-Subscribe: <https://gcc.gnu.org/mailman/listinfo/gcc-patches>,
 <mailto:gcc-patches-request@gcc.gnu.org?subject=subscribe>
X-Patchwork-Original-From: Jakub Jelinek via Gcc-patches
 <gcc-patches@gcc.gnu.org>
From: Jakub Jelinek <jakub@redhat.com>
Reply-To: Jakub Jelinek <jakub@redhat.com>
Cc: libstdc++@gcc.gnu.org, gcc-patches@gcc.gnu.org
Errors-To: gcc-patches-bounces@gcc.gnu.org
Sender: "Gcc-patches" <gcc-patches-bounces@gcc.gnu.org>

Hi!

In the PR there are several possibilities how to improve _M_disjunct at
least in certain cases so that the compiler can figure out at least in some
cases where __s is provably disjunct from _M_data() ... _M_data() + this->size()
but it is probably GCC 12 material.

The false positive warning is on this particular copy, which is done for
non-disjunct pointers when __len2 > __len1 and the __s >= __p + __len1,
i.e. __s used to point to the characters moved through _S_move a few lines earlier
by __len2 - __len1 characters up to make space.  That is why the
_S_copy source is __s + __len2 - __len1.  Unfortunately, when the compiler
can't prove objects are disjunct, that copying from __s + __len2 - __len1
of __len2 characters can very well mean accessing characters the source
object (if it is not disjunct) provably can't have.

The following patch works around that by making the _S_copy be a __p based
pointer instead of __s based pointer.
__s + __len2 - __len1
and
__p + (__s - __p) + (__len2 - __len1)
have the same value and the latter may seem to be uselessly longer,
but it seems at least currently in GIMPLE we keep it that way and so that is
what the warning code during expansion will see, and only actually
optimize it to __s + __len2 - __len1 during RTL when we lose information
on what is a pointer and what is a mere offset with the same mode.

So, in the end we emit exactly the same assembly, just without the false
positive warning.

Bootstrapped/regtested on x86_64-linux and i686-linux, ok for trunk?

2021-02-09  Jakub Jelinek  <jakub@redhat.com>

	PR middle-end/98465
	* include/bits/basic_string.tcc (basic_string::_M_replace): When __s
	points to the characters moved by earlier _S_move, compute the source
	address using expression based on the __p pointer rather than __s
	pointer.

	* g++.dg/warn/Wstringop-overread-1.C: New test.


	Jakub

--- libstdc++-v3/include/bits/basic_string.tcc.jj	2021-02-04 18:15:05.317113098 +0100
+++ libstdc++-v3/include/bits/basic_string.tcc	2021-02-08 19:39:16.864936344 +0100
@@ -478,7 +478,10 @@ _GLIBCXX_BEGIN_NAMESPACE_VERSION
 		  if (__s + __len2 <= __p + __len1)
 		    this->_S_move(__p, __s, __len2);
 		  else if (__s >= __p + __len1)
-		    this->_S_copy(__p, __s + __len2 - __len1, __len2);
+		    {
+		      const size_type __poff = (__s - __p) + (__len2 - __len1);
+		      this->_S_copy(__p, __p + __poff, __len2);
+		    }
 		  else
 		    {
 		      const size_type __nleft = (__p + __len1) - __s;
--- gcc/testsuite/g++.dg/warn/Wstringop-overread-1.C.jj	2021-02-08 19:47:15.486646129 +0100
+++ gcc/testsuite/g++.dg/warn/Wstringop-overread-1.C	2021-02-08 19:46:16.118302317 +0100
@@ -0,0 +1,12 @@
+// PR middle-end/98994
+// { dg-do compile }
+// { dg-additional-options "-Wstringop-overread -O2" }
+
+#include <string>
+
+const char constantString[] = {42, 53};
+
+void f(std::string& s)
+{
+  s.insert(0, static_cast<const char*>(constantString), 2);
+}