https://gcc.gnu.org/bugzilla/show_bug.cgi?id=79950
Martin Sebor <msebor at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |msebor at gcc dot gnu.org
--- Comment #7 from Martin Sebor <msebor at gcc dot gnu.org> ---
One part of the problem is that v[v.size()] isn't necessarily out of bounds (in
the -Warray-bounds sense) because v.size() <= v.capacity(). At a minimum,
though, v[v.size()] is an uninitialized read (in the -Wuninitialized sense),
but GCC can't tell that from just f1's definition. For a checker to diagnose
this problem it would need be taught about std::vector. Not only that, because
vector is represented using pointers (begin, end, end-of-storage), GCC would
probably also need be taught about pointer relationships (i.e., that begin <=
end <= end-of-storage always holds). Basically support some form of pointer
ranges. That would be a great feature to have (not just for vectors) but I
don't have the impression anyone is working on it. (The alternative to pointer
ranges is to implement some sort of a pattern checker for containers as
suggested in comment #4. Such checkers are usually the province of static
analyzers. I'm not aware of a precedent for something like that in GCC.)
