[Bug middle-end/92940] New: incorrect offset and size in -Wstringop-overflow for out-of-bounds store into VLA and two offset ranges

msebor at gcc dot gnu.org gcc-bugzilla@gcc.gnu.org
Sat Dec 14 00:31:00 GMT 2019


https://gcc.gnu.org/bugzilla/show_bug.cgi?id=92940

            Bug ID: 92940
           Summary: incorrect offset and size in -Wstringop-overflow for
                    out-of-bounds store into VLA and two offset ranges
           Product: gcc
           Version: 10.0
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: middle-end
          Assignee: unassigned at gcc dot gnu.org
          Reporter: msebor at gcc dot gnu.org
  Target Milestone: ---

With the last patch in the series for pr91582 applied () GCC prints the wrong
offset and size in the note that follows the (justified) -Wstringop-overflow
warning below.  The root cause is the same as in pr92939 but here the symptom
is different and the problem more apparent.

The note should print the range the out-of-bounds offset or index is in as well
as the range the size is in.

$ cat a.c && gcc -O2 -S -Wall a.c
void f (void*);

void g (int i, int j, int n)
{
  if (i < 1 || 2 < i) i = 1;
  if (j < 3 || 5 < j) j = 3;
  if (n < 3 || 4 < n) n = 3;

  char a[n];
  char *p = a;

  p += i;
  p[j] = 0;    

  f (p);
}
a.c: In function ‘g’:
a.c:13:8: warning: writing 1 byte into a region of size 0
[-Wstringop-overflow=]
   13 |   p[j] = 0;
      |   ~~~~~^~~
a.c:9:8: note: at offset 0 to an object with size 0 declared here
    9 |   char a[n];
      |        ^


More information about the Gcc-bugs mailing list