https://gcc.gnu.org/bugzilla/show_bug.cgi?id=113664
Bug ID: 113664 Summary: False positive warnings with -fno-strict-overflow (-Warray-bounds, -Wstringop-overflow) Product: gcc Version: 14.0 Status: UNCONFIRMED Severity: normal Priority: P3 Component: c Assignee: unassigned at gcc dot gnu.org Reporter: stefan at bytereef dot org Target Milestone: --- These false positives only occur in combination with fno-strict-overflow: ================ -Warray-bounds ================ foo.c ========================================================= #include <stdio.h> static char * f(char *s, int n, char *dot) { switch(n) { case 1: if (s == dot) { *s++ = '.'; } *s++ = '0'; /* fall-through (yes, really!) */ default: if (s == dot) { *s++ = '.'; } } *s = '\0'; return s; } char * g(char *s) { return f(s, 1, NULL); } ========================================================= $ /home/skrah/gcc/bin/gcc -Wall -O3 -c foo.c $ /home/skrah/gcc/bin/gcc -Wall -O3 -fno-strict-overflow -c foo.c In function ‘f’, inlined from ‘g’ at foo.c:25:10: foo.c:11:10: warning: array subscript 0 is outside array bounds of ‘char[0]’ [-Warray-bounds=] 11 | *s++ = '0'; /* fall-through (yes, really!) */ | ~~~~~^~~~~ In function ‘g’: cc1: note: source object is likely at address zero ===================== -Wstringop-overflow ===================== bar.c ========================================================= #include <stdio.h> static char * f(char *s, int n, char *dot) { switch(n) { case 1: if (s == dot) { *s++ = '.'; } *s++ = '0'; /* fall-through (yes, really!) */ default: if (s == dot) { *s++ = '.'; } } *s = '\0'; return s; } char * g(char *s) { char sign = '+'; *s++ = sign; return f(s, 1, NULL); } ========================================================= $ /home/skrah/gcc/bin/gcc -Wall -O3 -c bar.c $ /home/skrah/gcc/bin/gcc -Wall -O3 -fno-strict-overflow -c bar.c In function ‘f’, inlined from ‘g’ at bar.c:28:12: bar.c:11:10: warning: writing 1 byte into a region of size 0 [-Wstringop-overflow=] 11 | *s++ = '0'; /* fall-through (yes, really!) */ | ~~~~~^~~~~ In function ‘g’: cc1: note: destination object is likely at address zero Note that a very small change gives a very different warning.