Hello fellas,
Recently i was working on bug, which is simplified as follow.
Mahesh,
First, to clarify: the term “sanitizer” refers to a set of dynamic techniques for finding bugs and it does not intersect at all with these statically-detected compiler warnings. The AddressSanitizer would detect out-of-bounds issues like these at runtime and in my experience false negatives and false positives are very rare. Though since the access of b[11] is actually in-bounds, it would not trigger. This behavior is likely by design and not considered a bug.
So, regarding the warnings:
If you had declared the parameter with “static” qualifying the size, and you had passed an array smaller than the size indicated, that would result in another warning from the caller. Note that this is a C99 feature that is not present in C++.
Here’s a demo showing the resulting warnings from clang when using that feature: https://godbolt.org/g/48NnME
Absent the “static” qualifier for the size, there’s no real restriction from the language regarding the access of b[11] in the thisShallError() func beyond it failing to meet an implicit API.