https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102731
Martin Sebor <msebor at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Blocks| |56456, 88443
Keywords| |diagnostic
See Also| |https://gcc.gnu.org/bugzill
| |a/show_bug.cgi?id=99578
--- Comment #1 from Martin Sebor <msebor at gcc dot gnu.org> ---
Ideally, all three instances of the invalid access would be handled the same:
by issuing an appropriate warning (preferably more descriptive of the problem
than the one below) and injecting a trap (perhaps under the control of some
option).
The -Warray-bounds (or, with it disabled, the equivalent -Wstringop-overflow)
instance is the result of the logic in compute_objsize() for constant
addresses:
if (code == INTEGER_CST)
{
/* Pointer constants other than null are most likely the result
of erroneous null pointer addition/subtraction. Set size to
zero. For null pointers, set size to the maximum for now
since those may be the result of jump threading. */
if (integer_zerop (ptr))
pref->set_max_size_range ();
else
pref->sizrng[0] = pref->sizrng[1] = 0;
pref->ref = ptr;
return true;
}
Warnings issued due to this logic are discussed in pr99578 and its duplicates.
It's inconvenient for projects (like the kernel) that deliberately accesses
objects at constant addresses. The purpose of this bug is to show that the
logic isn't sufficiently effective and the warnings issued due to it not
sufficiently clear for users to understand. A better solution is needed,
preferably one that diagnoses the null pointer arithmetic before it's folded
into non-null constant dereference.
Referenced Bugs:
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=56456
[Bug 56456] [meta-bug] bogus/missing -Warray-bounds
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=88443
[Bug 88443] [meta-bug] bogus/missing -Wstringop-overflow warnings
