https://gcc.gnu.org/bugzilla/show_bug.cgi?id=68354
Bug ID: 68354
Summary: -Warray-bounds on a flexible array member in C++
Product: gcc
Version: 6.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: c++
Assignee: unassigned at gcc dot gnu.org
Reporter: msebor at gcc dot gnu.org
Target Milestone: ---
In C++ mode (but not in C mode), g++ silently (without -Wpedantic) accepts both
a definition of a struct with a flexible array member and an object of such a
type without an initializer but issues a warning for accesses to the array (see
below). Debugging reveals that unlike the C front end, the C++ front end sets
the bounds on flexible arrays to [0, SIZE_MAX]. The code in check_array_ref in
tree-vrp.c then trips up on such an array because it first assumes that
flexible arrays have no bounds, and further assumes that no array has an upper
bound of SIZE_MAX when adding one to the bound. When the computation wraps
around to zero, the function incorrectly deduces that the array is empty and
issues a warning.
It seems wrong for the C++ front end to set the upper bound to SIZE_MAX for any
array. First, because GCC itself assumes that no object is larger than
SIZE_MAX / 2. Second, when the size of the array element is greater than 1 as
in the case below, even the most permissive upper bound cannot be SIZE_MAX.
$ cat u.cpp && /build/gcc-trunk-svn/gcc/xgcc -B /build/gcc-trunk-svn/gcc -O2 -S
-Wall -Wextra -o/dev/null u.cpp
struct S {
int n;
int a[];
} s;
int i;
void f ()
{
i = s.a [0];
}
u.cpp: In function ‘void f()’:
u.cpp:10:15: warning: array subscript is above array bounds [-Warray-bounds]
i = s.a [0];
^
