https://gcc.gnu.org/bugzilla/show_bug.cgi?id=95795
Bug ID: 95795 Summary: missing warning on strnlen with a nonstring and excessive bound Product: gcc Version: 10.0 Status: UNCONFIRMED Severity: normal Priority: P3 Component: middle-end Assignee: unassigned at gcc dot gnu.org Reporter: msebor at gcc dot gnu.org Target Milestone: --- GCC warns for the first call to strnlen in f() that may read past the end of the unterminated array but it fails to warn for the second equally unsafe call in g(). $ cat z.c && gcc -O2 -S -fdump-tree-optimized=/dev/stdout z.c __attribute__ ((nonstring)) char a[3]; int f (void) { return __builtin_strnlen (a, 7); } int g (int i) { return __builtin_strnlen (a + i, 7); } ;; Function f (f, funcdef_no=0, decl_uid=1931, cgraph_uid=1, symbol_order=1) f () { long unsigned int _1; int _3; <bb 2> [local count: 1073741824]: _1 = __builtin_strnlen (&a, 7); _3 = (int) _1; return _3; } z.c: In function ‘f’: z.c:5:10: warning: ‘__builtin_strnlen’ argument 1 declared attribute ‘nonstring’ is smaller than the specified bound 7 [-Wstringop-overflow=] 5 | return __builtin_strnlen (a, 7); | ^~~~~~~~~~~~~~~~~~~~~~~~ z.c:1:34: note: argument ‘a’ declared here 1 | __attribute__ ((nonstring)) char a[3]; | ^ ;; Function g (g, funcdef_no=1, decl_uid=1934, cgraph_uid=2, symbol_order=2) g (int i) { sizetype _1; const char * _2; long unsigned int _3; int _6; <bb 2> [local count: 1073741824]: _1 = (sizetype) i_4(D); _2 = &a + _1; _3 = __builtin_strnlen (_2, 7); _6 = (int) _3; return _6; }