https://gcc.gnu.org/bugzilla/show_bug.cgi?id=106920
Bug ID: 106920
Summary: -Warray-bound false positive regression with -O2 or
-Os
Product: gcc
Version: 12.2.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: c
Assignee: unassigned at gcc dot gnu.org
Reporter: npfhrotynz-ptnqh.myvf at noclue dot notk.org
Target Milestone: ---
Hello,
I think I've run into a false positive on this file:
https://source.codeaurora.org/external/imx/imx-atf/tree/plat/imx/imx8m/hab.c?h=lf_v2.6
I could trim it down to this
----
#include <stdint.h>
typedef void hab_rvt_entry_t(void);
int main() {
hab_rvt_entry_t *a;
a = ((hab_rvt_entry_t *)(*(unsigned long *)(0x908)));
a();
return 0;
}
----
$ gcc -O2 -Warray-bounds -c t.c
t.c: In function ‘main’:
t.c:7:34: warning: array subscript 0 is outside array bounds of ‘long unsigned
int[0]’ [-Warray-bounds]
7 | a = ((hab_rvt_entry_t *)(*(unsigned long *)(0x908)));
| ~^~~~~~~~~~~~~~~~~~~~~~~~~~
----
According to godbolt this passed on 11.3 and starts emitting the warning on
12.1 (it doesn't have 12.0) and still emits it on trunk.
Note the warning requires -O2, -O3 or -Os to be emitted.
The problem seems to be that it considers an arbitrary address casted to u64*
to be a u64[0] ?
If so that might be a problem for quite a few embedded products as that is
quite common when dealing with hardware registers.
(and who doesn't love products that compile with -Werror for release builds...)
Thanks!
