On Thu, Jul 18, 2024 at 10:33:49AM +0200, Josef Wolf wrote:
> On Wed, Jul 17, 2024 at 05:07:02PM +0100, Jonathan Wakely wrote:
> > On Wed, 17 Jul 2024 at 13:19, Josef Wolf <jw@xxxxxxxxxxxxx> wrote:
> > > #define MG 32
> > > static unsigned char a[MG] = {0};
> > >
> > > void init_login (void)
> > > {
> > > int i;
> > >
> > > for (i=0; i<MG; i++) {
> > > a[i] = 1;
> > > }
> > > }
> [ ... ]
> > > m68k-unknown-elf-gcc -ansi -pedantic -Wall -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -std=c99 -Wnull-dereference -g -O3 -fno-toplevel-reorder -mcpu32 -ffreestanding -c -o login.o login.c
> > > login.c: In function 'init_login':
> > > login.c:2909:22: warning: writing 1 byte into a region of size 0 [-Wstringop-overflow=]
> > > 2909 | a[i] = 1;
> > > | ~~~~~^~~
> > > login.c:2899:22: note: at offset 32 into destination object 'a' of size 32
> > > 2899 | static unsigned char a[MG] = {0};
> > > | ^
> >
> > -Wstringop-overflow is broken by design.
> >
> > This is one of the worst examples I've seen though.
>
> Yes, AFAIR I've already seen similar warnings but the were by far not as
> obvious as this one.
>
> Any plans to fix this?
Maybe -Wstringop-overflow should not be default (as it is now)? Or
maybe just -Wstringop-overflow=2 should not be. There are way too many
obvious (and confusing!) problems with it.
No doubt it also can be useful, but the defaults should be more
conservative than this. "Don't do the wrong thing".
Segher
