https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91457

--- Comment #6 from Martin Sebor <msebor at gcc dot gnu.org> ---
The enhancement has been committed but it doesn't actually resolve the problem.
 As it turns out, it's caused by VRP not issuing a -Warray-bounds for this
case.  VRP runs before (not after as I suggested in comment #1) strlen (the
source of the -Wstringop-overflow).

For the test case in comment #2 VRP sees:

  g ()
  {
    struct A a;

    <bb 2> [local count: 1073741824]:
    MEM[(char *)&a + 1B] = 0;   <<<
    f (&a);
    a ={v} {CLOBBER};
    return;
  }

and it gives up.  There's a comment that explains why:

  /* ... References to members of structs and
     unions are excluded because MEM_REF doesn't make it possible
     to identify the member where the reference originated.
     Incomplete types are excluded as well because their size is
     not known.  */

It seems to me it could do better and handle struct member accesses that are
outside of the bounds of the enclosing declared object.  I.e., those where no
matter which member the MEM_REF refers to the access is definitely
out-of-bounds.

I'm wondering if this test passed on hppa before r273783.  Did GCC actually
issue the expecting -Warray-bounds there?

Reply via email to