https://gcc.gnu.org/bugzilla/show_bug.cgi?id=108432
Bug ID: 108432
Summary: Analyzer fails to detect out-of-bounds issues within
loops
Product: gcc
Version: 13.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: analyzer
Assignee: dmalcolm at gcc dot gnu.org
Reporter: dmalcolm at gcc dot gnu.org
Target Milestone: ---
Consider:
https://samate.nist.gov/SARD/test-cases/149169/versions/2.0.0
Without optimization, gcc trunk with -fanalyzer fails to report the
out-of-bounds write:
https://godbolt.org/z/brx5cT18o
At -O1 and above (https://godbolt.org/z/PdvcE5MhE), we get:
<source>: In function 'main':
<source>:22:25: warning: iteration 9 invokes undefined behavior
[-Waggressive-loop-optimizations]
22 | bStr[i] = (char)i + 'a';
/* FLAW */
| ~~~~~~~~^~~~~~~~~~~~~~~
<source>:21:23: note: within this loop
21 | for (i = 1; i <= 10; ++i)
| ~~^~~~~
The analyzer probably ought to try to at least check the final iteration of a
loop (I believe it currently will at least detect issues in the initial
iteration of a loop).
