https://gcc.gnu.org/bugzilla/show_bug.cgi?id=104986
Bug ID: 104986 Summary: [12 Regression] bogus writing 1 byte into a region of size 0 with -fwrapv and -O2 -fpeel-loops Product: gcc Version: 12.0 Status: UNCONFIRMED Severity: normal Priority: P3 Component: middle-end Assignee: unassigned at gcc dot gnu.org Reporter: andres at anarazel dot de Target Milestone: --- Hi, recently started seeing bogus warnings using gcc 12 to build postgres. I reduced the problem using cvise with some manual cleanups / improvements afterwards - certainly doesn't quite make sense anymore, but afaics shows a problem. Originally I hit this with -O3, but found that -O2 -fpeel-loops is sufficient to trigger the problem. repro: https://godbolt.org/z/ejK9h6von code: struct inet_struct { char family; char ipaddr[16]; }; void inetnot(struct inet_struct *dst1, struct inet_struct *dst2, struct inet_struct *src) { int nb = src->family ? 4 : 6; char *psrc = src->ipaddr; char *pdst = dst1 ? dst1->ipaddr : dst2->ipaddr; while (nb-- > 0) pdst[nb] = psrc[nb]; } gcc-12 -fwrapv -O2 -fpeel-loops -c network2.i network2.i: In function ‘inetnot’: network2.i:12:14: warning: writing 1 byte into a region of size 0 [-Wstringop-overflow=] 12 | pdst[nb] = psrc[nb]; | ~~~~~~~~~^~~~~~~~~~ network2.i:3:8: note: at offset -1 into destination object ‘ipaddr’ of size 16 3 | char ipaddr[16]; | ^~~~~~ network2.i:3:8: note: at offset -1 into destination object ‘ipaddr’ of size 16 which afaics is bogus, because the loop terminates before reaching offset -1, the condition is > 0, not >= 0. So the post decrement can't lead to -1 being reached. version: gcc version 12.0.1 20220314 (experimental) [master r12-7638-g823b3b79cd2] (Debian 12-20220313-1) Regards, Andres