https://gcc.gnu.org/bugzilla/show_bug.cgi?id=101600
Martin Sebor <msebor at gcc dot gnu.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Blocks| |56456 Target Milestone|--- |12.0 Ever confirmed|0 |1 CC| |msebor at gcc dot gnu.org Last reconfirmed| |2021-07-23 Summary|Spurious -Warray-bounds |[12 Regression] Spurious | |-Warray-bounds downcasting | |a polymorphic pointer Known to work| |11.1.0 Assignee|unassigned at gcc dot gnu.org |msebor at gcc dot gnu.org Status|UNCONFIRMED |ASSIGNED Known to fail| |12.0 --- Comment #1 from Martin Sebor <msebor at gcc dot gnu.org> --- Thanks for the small test case! I can confirm the false positive. The IL looks (close to) the following: <bb 5> [local count: 80404472]: # p_1 = PHI <p_9(D)(4)> if (p_1 != 0B) goto <bb 6>; [100.00%] else goto <bb 7>; [0.00%] <bb 6> [local count: 80404472]: iftmp.1_11 = &MEM[(struct S4 *)p_1 + -8B].D.2419; <<< -Warray-bounds except that p_1 is: p_1 = PHI <0B(3), p_9(D)(4)> The bug is in access_ref::get_ref () in not clearing the base0 flag, making -Warray-bounds think the pointer points to the first byte of a declared object. Referenced Bugs: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=56456 [Bug 56456] [meta-bug] bogus/missing -Warray-bounds