https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91397
--- Comment #5 from Marc Glisse <glisse at gcc dot gnu.org> --- mem_strdupl calls allocate(len+1). If len+1 is 0, you proceed to write to s[len] i.e. 0[-1]. I think gcc would be happier if you handled this special case explicitly (you could error, trap, just assume it cannot happen (__builtin_unreachable), whatever). This type of warning can easily give false positives if your code is written with invariants in mind that are not visible enough to the compiler. If you had been writing to address 0, gcc would have detected that as a trap, but it doesn't do anything special for -1.
