https://gcc.gnu.org/bugzilla/show_bug.cgi?id=99418
Martin Sebor <msebor at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Blocks| |56456
Status|WAITING |NEW
Keywords| |diagnostic
--- Comment #9 from Martin Sebor <msebor at gcc dot gnu.org> ---
I don't know enough about the sanitizer to judge how difficult it might be to
handle this case but a patch I posted in November
(https://gcc.gnu.org/pipermail/gcc-patches/2020-November/558775.html) enhances
-Warray-bounds to diagnose the test cases in comment #8:
$ g++ -O2 -S -Wall pr99418-c8.C
pr99418-c8.C: In function ‘void f()’:
pr99418-c8.C:7:10: warning: unused variable ‘p’ [-Wunused-variable]
7 | int& p = a[10]; // (1)
| ^
pr99418-c8.C:8:6: warning: subscript 10 in argument 1 to ‘void g(int&)’ is just
past the end of ‘int [10]’ [-Warray-bounds]
8 | g(a[10]); // (2)
| ~^~~~~~~
pr99418-c8.C:6:9: note: at offset 40 into source object ‘a’ of size 40
6 | int a[10];
| ^
The enhancement doesn't handle multidimensional VLAs like those in comment #1
but it looks like the IL has enough information to make the detection possible:
int main ()
{
int[0:D.2590][0:D.2587] * mas.4;
int * _4;
<bb 2> [local count: 1073741824]:
mas.4_3 = __builtin_alloca_with_align (48, 32);
_4 = &MEM <int[0:D.2590][0:D.2587]> [(int[0:D.2569][0:D.2565]
*)mas.4_3][3]{lb: 0 sz: 12}[3];
escape (_4);
return 0;
}
With that let me confirm this request for both -Warray-bounds (I'll resubmit
the patch for GCC 12) and for the sanitizer.
Referenced Bugs:
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=56456
[Bug 56456] [meta-bug] bogus/missing -Warray-bounds
