When building with sanitizers on Fedora we get a wierd error
message
In file included from /usr/include/string.h:519,
from ../src/internal.h:28,
from ../src/util/virsocket.h:21,
from ../src/util/virsocketaddr.h:21,
from ../src/util/virnetdevip.h:21,
from ../src/util/virnetdevip.c:21:
In function ‘memcpy’,
inlined from ‘virNetDevGetifaddrsAddress’ at ../src/util/virnetdevip.c:702:13,
inlined from ‘virNetDevIPAddrGet’ at ../src/util/virnetdevip.c:754:16:
/usr/include/bits/string_fortified.h:29:10: error: ‘__builtin_memcpy’ offset [2, 27] from the object at ‘addr’ is out of the bounds of referenced subobject ‘ss_family’ with type ‘short unsigned int’ at offset 0 [-Werror=array-bounds]
29 | return __builtin___memcpy_chk (__dest, __src, __len,
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
30 | __glibc_objsize0 (__dest));
| ~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from /usr/include/bits/socket.h:175,
from /usr/include/sys/socket.h:33,
from ../src/util/virsocket.h:66,
from ../src/util/virsocketaddr.h:21,
from ../src/util/virnetdevip.h:21,
from ../src/util/virnetdevip.c:21:
../src/util/virnetdevip.c: In function ‘virNetDevIPAddrGet’:
/usr/include/bits/socket.h:193:5: note: subobject ‘ss_family’ declared here
193 | __SOCKADDR_COMMON (ss_); /* Address family, etc. */
| ^~~~~~~~~~~~~~~~~
cc1: all warnings being treated as errors
The code is correct, and this only happens when building at -O2.
The docs for -Warray-bounds say that a value of "2" is known to
be liable to generate false positives. Rather than downgrade the
check everywhere, we do it selectively for sanitizers.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
---
meson.build | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/meson.build b/meson.build
index ca4291e37a..d4c142eebb 100644
--- a/meson.build
+++ b/meson.build
@@ -227,6 +227,11 @@ alloc_max = run_command(
# sanitizer instrumentation may enlarge stack frames
stack_frame_size = get_option('b_sanitize') == 'none' ? 4096 : 8192
+# array_bounds=2 check triggers false positive on some GCC
+# versions when using sanitizers. Seen on Fedora 34 with
+# GCC 11.1.1
+array_bounds = get_option('b_sanitize') == 'none' ? 2 : 1
+
cc_flags += [
'-fasynchronous-unwind-tables',
'-fexceptions',
@@ -238,7 +243,7 @@ cc_flags += [
'-Waggressive-loop-optimizations',
'-Walloc-size-larger-than=@0@'.format(alloc_max.stdout().strip()),
'-Walloca',
- '-Warray-bounds=2',
+ '-Warray-bounds=@0@'.format(array_bounds),
'-Wattribute-alias=2',
'-Wattribute-warning',
'-Wattributes',
--
2.31.1
On Mon, 2021-07-19 at 19:19 +0100, Daniel P. Berrangé wrote:
> When building with sanitizers on Fedora we get a wierd error
weird
> message
>
> In file included from /usr/include/string.h:519,
> from ../src/internal.h:28,
> from ../src/util/virsocket.h:21,
> from ../src/util/virsocketaddr.h:21,
> from ../src/util/virnetdevip.h:21,
> from ../src/util/virnetdevip.c:21:
> In function ‘memcpy’,
> inlined from ‘virNetDevGetifaddrsAddress’ at
> ../src/util/virnetdevip.c:702:13,
> inlined from ‘virNetDevIPAddrGet’ at
> ../src/util/virnetdevip.c:754:16:
> /usr/include/bits/string_fortified.h:29:10: error: ‘__builtin_memcpy’
> offset [2, 27] from the object at ‘addr’ is out of the bounds of
> referenced subobject ‘ss_family’ with type ‘short unsigned int’ at
> offset 0 [-Werror=array-bounds]
> 29 | return __builtin___memcpy_chk (__dest, __src, __len,
> | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> 30 | __glibc_objsize0 (__dest));
> | ~~~~~~~~~~~~~~~~~~~~~~~~~~
> In file included from /usr/include/bits/socket.h:175,
> from /usr/include/sys/socket.h:33,
> from ../src/util/virsocket.h:66,
> from ../src/util/virsocketaddr.h:21,
> from ../src/util/virnetdevip.h:21,
> from ../src/util/virnetdevip.c:21:
> ../src/util/virnetdevip.c: In function ‘virNetDevIPAddrGet’:
> /usr/include/bits/socket.h:193:5: note: subobject ‘ss_family’
> declared here
> 193 | __SOCKADDR_COMMON (ss_); /* Address family, etc. */
> | ^~~~~~~~~~~~~~~~~
> cc1: all warnings being treated as errors
>
> The code is correct, and this only happens when building at -O2.
>
> The docs for -Warray-bounds say that a value of "2" is known to
> be liable to generate false positives. Rather than downgrade the
> check everywhere, we do it selectively for sanitizers.
>
> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Tim Wiederhake <twiederh@redhat.com>
> ---
> meson.build | 7 ++++++-
> 1 file changed, 6 insertions(+), 1 deletion(-)
>
> diff --git a/meson.build b/meson.build
> index ca4291e37a..d4c142eebb 100644
> --- a/meson.build
> +++ b/meson.build
> @@ -227,6 +227,11 @@ alloc_max = run_command(
> # sanitizer instrumentation may enlarge stack frames
> stack_frame_size = get_option('b_sanitize') == 'none' ? 4096 : 8192
>
> +# array_bounds=2 check triggers false positive on some GCC
> +# versions when using sanitizers. Seen on Fedora 34 with
> +# GCC 11.1.1
> +array_bounds = get_option('b_sanitize') == 'none' ? 2 : 1
> +
> cc_flags += [
> '-fasynchronous-unwind-tables',
> '-fexceptions',
> @@ -238,7 +243,7 @@ cc_flags += [
> '-Waggressive-loop-optimizations',
> '-Walloc-size-larger-than=@0@'.format(alloc_max.stdout().strip()),
> '-Walloca',
> - '-Warray-bounds=2',
> + '-Warray-bounds=@0@'.format(array_bounds),
> '-Wattribute-alias=2',
> '-Wattribute-warning',
> '-Wattributes',
© 2016 - 2026 Red Hat, Inc.