https://gcc.gnu.org/bugzilla/show_bug.cgi?id=79265
--- Comment #10 from Martin Sebor <msebor at gcc dot gnu.org> ---
I expect the instrumentation for local arrays is going to behind the majority
of the complaints for sprintf, like the calls in f0, f1, and f2 (and other
nonnull functions). Local arrays are never allocated at address zero so there
is no value in ubsan instrumenting those.
Another pointless case is instrumenting function arguments and member arrays
with non-zero offset:
struct S { char a[4], b[4]; };
void f4 (struct S s)
{
__builtin_sprintf (s.a, s.b);
}
Here ubsan inserts two tests: one for s.a being non-null and another for s.b.
The second test is redundant given the first, but neither can be true in any
event. Similarly for f5 (struct S *s) where s (and so s->a) may be null but
s->b cannot.
Since in the myalloc case there arguably is a non-negligible chance that a
returns_nonnull function might return a null pointer despite the attribute I
think that problem would be best dealt with separately from the others here.
