[Bug c/113664] New: False positive warnings with -fno-strict-overflow (-Warray-bounds, -Wstringop-overflow)

Mon, 29 Jan 2024 13:50:10 -0800 

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=113664

            Bug ID: 113664
           Summary: False positive warnings with -fno-strict-overflow
                    (-Warray-bounds, -Wstringop-overflow)
           Product: gcc
           Version: 14.0
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: c
          Assignee: unassigned at gcc dot gnu.org
          Reporter: stefan at bytereef dot org
  Target Milestone: ---

These false positives only occur in combination with fno-strict-overflow:

================
 -Warray-bounds
================

foo.c
=========================================================
#include <stdio.h>

static char *
f(char *s, int n, char *dot)
{
  switch(n) {
  case 1:
    if (s == dot) {
      *s++ = '.';
    }
    *s++ = '0'; /* fall-through (yes, really!) */
  default:
    if (s == dot) {
      *s++ = '.';
    }
  }

  *s = '\0';
  return s;
}

char *
g(char *s)
{
  return f(s, 1, NULL);
}
=========================================================


$ /home/skrah/gcc/bin/gcc -Wall -O3 -c foo.c
$ /home/skrah/gcc/bin/gcc -Wall -O3 -fno-strict-overflow -c foo.c
In function ‘f’,
    inlined from ‘g’ at foo.c:25:10:
foo.c:11:10: warning: array subscript 0 is outside array bounds of ‘char[0]’
[-Warray-bounds=]
   11 |     *s++ = '0'; /* fall-through (yes, really!) */
      |     ~~~~~^~~~~
In function ‘g’:
cc1: note: source object is likely at address zero



=====================
 -Wstringop-overflow 
=====================

bar.c
=========================================================
#include <stdio.h>

static char *
f(char *s, int n, char *dot)
{
  switch(n) {
  case 1:
    if (s == dot) {
      *s++ = '.';
    }
    *s++ = '0'; /* fall-through (yes, really!) */
  default:
    if (s == dot) {
      *s++ = '.';
    }
  }

  *s = '\0';
  return s;
}

char *
g(char *s)
{
    char sign = '+';
    *s++ = sign;

    return f(s, 1, NULL);
}
=========================================================


$ /home/skrah/gcc/bin/gcc -Wall -O3 -c bar.c
$ /home/skrah/gcc/bin/gcc -Wall -O3 -fno-strict-overflow -c bar.c
In function ‘f’,
    inlined from ‘g’ at bar.c:28:12:
bar.c:11:10: warning: writing 1 byte into a region of size 0
[-Wstringop-overflow=]
   11 |     *s++ = '0'; /* fall-through (yes, really!) */
      |     ~~~~~^~~~~
In function ‘g’:
cc1: note: destination object is likely at address zero




Note that a very small change gives a very different warning.

Reply via email to