https://gcc.gnu.org/bugzilla/show_bug.cgi?id=68325
Bug ID: 68325
Summary: missing -Warray-bounds on a negative subscript into a
flexible array member
Product: gcc
Version: 6.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: c
Assignee: unassigned at gcc dot gnu.org
Reporter: msebor at gcc dot gnu.org
Target Milestone: ---
GCC issues a -Warray-bounds warning for negative subscripts into arrays of
non-zero size but fails to do the same for flexible array members, or "fake"
flexible array members (last array members of structs of any dimension). Since
GCC imposes a limit of SIZE_MAX / 2 on the size of any object it's safe to
assume that a negative subscript is invalid regardless of the number of
elements in the array, and array references with such indices should be
diagnosed.
$ cat z.c && gcc -DN=99 -O2 -S -Wall -Wextra -o/dev/null z.c
struct S {
int n;
int a[N];
} s;
int foo (void) {
return s.a [-__INT_MAX__];
}
int bar (struct S *p)
{
return p->a [-__INT_MAX__];
}
$
As a data point, Clang diagnoses negative subscripts into "fake" flexible array
members (those declared last, even with zero elements), but not those into C99
flexible array members.
$ clang -S -Wall -o/dev/null z.c -DN='0'
z.c:7:12: warning: array index -2147483647 is before the beginning of the array
[-Warray-bounds]
return s.a [-__INT_MAX__];
^ ~~~~~~~~~~~~
z.c:3:3: note: array 'a' declared here
int a[N];
^
z.c:12:12: warning: array index -2147483647 is before the beginning of the
array
[-Warray-bounds]
return p->a [-__INT_MAX__];
^ ~~~~~~~~~~~~
z.c:3:3: note: array 'a' declared here
int a[N];
^
2 warnings generated.
