https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102630
--- Comment #4 from Martin Sebor <msebor at gcc dot gnu.org> ---
A test case is below. Warnings for accesses at address zero are intentionally
suppressed (to avoid false positives for unreachable code) but they are issued
for accesses at nonzero offsets from null because those are often the result of
invalid arithmetic on null pointers.
This bug is about the warning in g() where supposedly the null pointer may
represent a valid address.
$ cat pr102630.c && gcc -O2 -S -Wall -fdump-tree-optimized=/dev/stdout
pr102630.c
void f (void)
{
char *p = 0;
p[0] = 0; // no warning (intentional)
p[1] = 1; // -Warray-bounds (intentional)
}
void g (void)
{
char __seg_fs *p = 0;
p[0] = 0; // no warning (intentional)
p[1] = 1; // -Warray-bounds (intentional)
}
pr102630.c: In function ‘f’:
pr102630.c:5:4: warning: array subscript 0 is outside array bounds of ‘char[0]’
[-Warray-bounds]
5 | p[1] = 1; // -Warray-bounds (intentional)
| ~^~~
;; Function f (f, funcdef_no=0, decl_uid=1978, cgraph_uid=1, symbol_order=0)
(executed once)
void f ()
{
<bb 2> [local count: 1073741824]:
MEM[(char *)0B] ={v} 0;
__builtin_trap ();
}
pr102630.c: In function ‘g’:
pr102630.c:12:4: warning: array subscript 0 is outside array bounds of
‘__seg_fs __seg_fs char[0]’ [-Warray-bounds]
12 | p[1] = 1; // -Warray-bounds (intentional)
| ~^~~
;; Function g (g, funcdef_no=1, decl_uid=1982, cgraph_uid=2, symbol_order=1)
void g ()
{
<bb 2> [local count: 1073741824]:
MEM[(<address-space-1> char *)0B] = 0;
MEM[(<address-space-1> char *)1B] = 1;
return;
}
