https://gcc.gnu.org/bugzilla/show_bug.cgi?id=86827
Bug ID: 86827
Summary: -Warray-bounds produces negative indicies
Product: gcc
Version: 8.1.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: c
Assignee: unassigned at gcc dot gnu.org
Reporter: liuw at liuw dot name
Target Milestone: ---
Created attachment 44484
--> https://gcc.gnu.org/bugzilla/attachment.cgi?id=44484&action=edit
Test code
The attached program fails to build with gcc 8.1 (Debian 8.1.0-12).
$ gcc -m32 -march=i686 -std=gnu99 -Wall -O2 -Werror -c -o t.o t.c
t.c: In function 'func':
t.c:41:9: error: 'memcpy' offset [-204, -717] is out of the bounds [0, 216] of
object 'ctrl' with type 'struct kdd_ctrl' [-Werror=array-bounds]
memcpy(buf, ((uint8_t *)&ctrl.c32) + offset, len);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
t.c:27:21: note: 'ctrl' declared here
struct kdd_ctrl ctrl;
And to quote Martin in a thread to gcc-help:
It looks like a bug in the implementation of the warning.
The offset is determined not to be in the range [-205, -716]
(pointer offsets are in ptrdiff_t) or (since the variable is
unsigned) in [4294966580, 4294967091]. That means that it
can be either in the range [0, 4294966579] or in [4294967092,
UINT_MAX]. But the warning code seems to get this anti-range
wrong and treats it as [-204, -717].
