[Bug analyzer/108616] New: -Wanalyzer-allocation-size false negatives for use of "alloca"

dmalcolm at gcc dot gnu.org via Gcc-bugs Tue, 31 Jan 2023 09:09:20 -0800

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=108616


            Bug ID: 108616
           Summary: -Wanalyzer-allocation-size false negatives for use of
                    "alloca"
           Product: gcc
           Version: 13.0
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: analyzer
          Assignee: dmalcolm at gcc dot gnu.org
          Reporter: dmalcolm at gcc dot gnu.org
  Target Milestone: ---

Consider e.g. this bogusly-sized alloca:

#include <alloca.h>
#include <stdint.h>

int main(void)
{
    int length = 99;

    int32_t *arr = alloca(length);

   return 0;
}

No warning is emitted for -Wanalyzer-allocation-size with -fanalyzer:
  https://godbolt.org/z/eTjf6fTzE
unless we use -Wsystem-headers:
  https://godbolt.org/z/oTKnG78ob

due to alloca being a macro inside a system header to __builtin_alloca.

We ought to warn for such cases; I have a fix under construction

[Bug analyzer/108616] New: -Wanalyzer-allocation-size false negatives for use of "alloca"

Reply via email to