https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102216
Bug ID: 102216 Summary: False positive warray-bounds with -O2 Product: gcc Version: 12.0 Status: UNCONFIRMED Severity: normal Priority: P3 Component: tree-optimization Assignee: unassigned at gcc dot gnu.org Reporter: vries at gcc dot gnu.org Target Milestone: --- With a gcc build from commit 637dfcf43cf, I run into an incorrect Warray-bounds (which causes a buildbreaker when building gdb, as reported here: https://sourceware.org/pipermail/gdb/2021-September/049687.html ). Reproducer minimized from gdb/language.c: ... $ cat language.c #include <algorithm> static inline bool compare_cstrings (const char *str1, const char *str2) { return str1 < str2; } void add_set_language_command () { static const char **language_names; language_names = new const char *[6]; language_names[0] = "auto"; language_names[1] = "local"; language_names[2] = "unknown"; const char **language_names_p = language_names; /* language_names_p == &language_names[0]. */ language_names_p++; /* language_names_p == &language_names[1]. */ language_names_p++; /* language_names_p == &language_names[2]. */ language_names_p++; /* language_names_p == &language_names[3]. */ const char **sort_begin; if (0) sort_begin = &language_names[3]; else sort_begin = language_names_p; language_names[3] = ""; language_names[4] = ""; language_names[5] = nullptr; std::sort (sort_begin, &language_names[5], compare_cstrings); } ... First with gcc-11: ... $ g++-11 -x c++ -Werror -Wall -O2 -S language.c -Warray-bounds=1 $ ... Now with trunk: ... $ g++ -x c++ -Werror -Wall -O2 -S language.c -Warray-bounds=1 In file included from /home/vries/gcc_versions/devel/install/include/c++/12.0.0/algorithm:61, from language.c:1: In function ‘void std::__final_insertion_sort(_RandomAccessIterator, _RandomAccessIterator, _Compare) [with _RandomAccessIterator = const char**; _Compare = __gnu_cxx::__ops::_Iter_comp_iter<bool (*)(const char*, const char*)>]’, inlined from ‘void std::__sort(_RandomAccessIterator, _RandomAccessIterator, _Compare) [with _RandomAccessIterator = const char**; _Compare = __gnu_cxx::__ops::_Iter_comp_iter<bool (*)(const char*, const char*)>]’ at /home/vries/gcc_versions/devel/install/include/c++/12.0.0/bits/stl_algo.h:1960:31, inlined from ‘void std::sort(_RAIter, _RAIter, _Compare) [with _RAIter = const char**; _Compare = bool (*)(const char*, const char*)]’ at /home/vries/gcc_versions/devel/install/include/c++/12.0.0/bits/stl_algo.h:4868:18, inlined from ‘void add_set_language_command()’ at language.c:40:13: /home/vries/gcc_versions/devel/install/include/c++/12.0.0/bits/stl_algo.h:1869:32: error: array subscript 19 is outside array bounds of ‘void [48]’ [-Werror=array-bounds] 1869 | std::__insertion_sort(__first, __first + int(_S_threshold), __comp); | ~~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ language.c: In function ‘void add_set_language_command()’: language.c:14:38: note: at offset 152 into object of size 48 allocated by ‘operator new []’ 14 | language_names = new const char *[6]; | ^ cc1plus: all warnings being treated as errors ... Now set 'if (0)' to 'if (1)': ... $ g++ -x c++ -Werror -Wall -O2 -S language.c -Warray-bounds=1 $ ... So either the warning is incorrect (for this fairly trivial example), or there's a compiler/std::sort bug and the warning is letting us known.