https://gcc.gnu.org/bugzilla/show_bug.cgi?id=92936
Martin Sebor <msebor at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Resolution|--- |FIXED
Target Milestone|--- |11.0
Status|ASSIGNED |RESOLVED
--- Comment #4 from Martin Sebor <msebor at gcc dot gnu.org> ---
Implemented for GCC 11. GCC 11 issues the following warnings. Only accesses
that exceed the size of the largest object are diagnosed for now. Doing
otherwise would lead to false positives for some common idioms (accessing
either a small buffer or a dynamically allocated larger buffer). Those cases
will require a predicate analysis to handle in a more robust way.
$ gcc -O2 -S -Wall pr92936.c
pr92936.c: In function ‘f’:
pr92936.c:17:8: warning: array subscript 5 is outside array bounds of ‘char[5]’
[-Warray-bounds]
17 | p[n] = 0; // -Warray-bounds
| ~^~~
pr92936.c:5:15: note: while referencing ‘a5’
5 | char a3[3], a5[5], *p;
| ^~
pr92936.c:11:8: warning: array subscript 3 is outside array bounds of ‘char[3]’
[-Warray-bounds]
11 | p[n] = 0; // -Warray-bounds
| ~^~~
pr92936.c:5:8: note: while referencing ‘a3’
5 | char a3[3], a5[5], *p;
| ^~
pr92936.c: In function ‘g’:
pr92936.c:40:12: warning: writing 1 byte into a region of size 0
[-Wstringop-overflow=]
40 | p[n + 9] = 2; // missing warning
| ~~~~~~~~~^~~
pr92936.c:25:8: note: at offset [12, 14] into destination object ‘a3’ of size 3
25 | char a3[3], a5[5], *p;
| ^~
pr92936.c:25:15: note: at offset [12, 14] into destination object ‘a5’ of size
5
25 | char a3[3], a5[5], *p;
| ^~
pr92936.c:41:12: warning: writing 1 byte into a region of size 0
[-Wstringop-overflow=]
41 | p[12345] = 3; // missing warning
| ~~~~~~~~~^~~
pr92936.c:25:8: note: at offset 12345 into destination object ‘a3’ of size 3
25 | char a3[3], a5[5], *p;
| ^~
pr92936.c:25:15: note: at offset 12345 into destination object ‘a5’ of size 5
25 | char a3[3], a5[5], *p;
| ^~
