From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 1308 invoked by alias); 26 Sep 2011 09:35:03 -0000 Received: (qmail 1196 invoked by uid 22791); 26 Sep 2011 09:34:59 -0000 X-SWARE-Spam-Status: No, hits=-1.4 required=5.0 tests=AWL,BAYES_00,SPF_SOFTFAIL X-Spam-Check-By: sourceware.org Received: from service87.mimecast.com (HELO service87.mimecast.com) (91.220.42.44) by sourceware.org (qpsmtpd/0.43rc1) with SMTP; Mon, 26 Sep 2011 09:34:38 +0000 Received: from cam-owa1.Emea.Arm.com (fw-tnat.cambridge.arm.com [217.140.96.21]) by service87.mimecast.com; Mon, 26 Sep 2011 10:34:34 +0100 Received: from [10.1.77.68] ([10.1.255.212]) by cam-owa1.Emea.Arm.com with Microsoft SMTPSVC(6.0.3790.0); Mon, 26 Sep 2011 10:34:32 +0100 Message-ID: <4E804727.4000902@arm.com> Date: Mon, 26 Sep 2011 11:01:00 -0000 From: Matthew Gretton-Dann User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:6.0.2) Gecko/20110901 Thunderbird/6.0 MIME-Version: 1.0 To: Jonathan Wakely CC: Jiangning Liu , "gcc@gcc.gnu.org" , "jakub@gcc.gnu.org" , "mueller@gcc.gnu.org" , "rguenth@gcc.gnu.org" Subject: Re: A question about detecting array bounds for case Warray-bounds-3.c References: <4e80264f.6ab8ec0a.78ce.ffffad1cSMTPIN_ADDED@mx.google.com> In-Reply-To: X-MC-Unique: 111092610343406001 Content-Type: text/plain; charset=WINDOWS-1252; format=flowed Content-Transfer-Encoding: quoted-printable X-IsSubscribed: yes Mailing-List: contact gcc-help@gcc.gnu.org; run by ezmlm Precedence: bulk List-Id: List-Archive: List-Post: List-Help: Sender: gcc-owner@gcc.gnu.org X-SW-Source: 2011-09/txt/msg00315.txt.bz2 On 26/09/11 10:03, Jonathan Wakely wrote: > On 26 September 2011 08:13, Jiangning Liu wrote: >> PING... >> >>> -----Original Message----- >>> From: Jiangning Liu [mailto:jiangning.liu@arm.com] >>> Sent: Thursday, September 22, 2011 10:19 AM >>> To: gcc@gcc.gnu.org >>> Cc: 'jakub@gcc.gnu.org'; 'mueller@gcc.gnu.org'; 'rguenth@gcc.gnu.org'; >>> Matthew Gretton-Dann >>> Subject: A question about detecting array bounds for case Warray- >>> bounds-3.c >>> >>> Hi, >>> >>> For case gcc/testsuite/gcc.dg/Warray-bounds-3.c, obviously it is an >>> invalid C program, because the last iterations of all the loops cause >>> the access of arrays is beyond the max size of corresponding array >>> declarations. The condition of checking upper bound should be "<" >>> rather than "<=3D". > > Which loops are you referring to? > > struct iovec iov[43]; > ... > for (; cnt<=3D 40; ++cnt) > { > iov[2 + cnt].iov_base =3D (void *) (time->am_pm[cnt - 38] ?: ""); > iov[2 + cnt].iov_len =3D strlen (iov[2 + cnt].iov_base) + 1; > } > > What's wrong with that? The last element accessed is iov[42] which is ok. This isn't about access to iov - but rather access to the arrays in=20 struct S *time: struct S { const char *abday[7]; const char *day[7]; const char *abmon[12]; const char *mon[12]; const char *am_pm[2]; }; ... for (cnt =3D 0; cnt <=3D 7; ++cnt) { iov[2 + cnt].iov_base =3D (void *) (time->abday[cnt] ?: ""); iov[2 + cnt].iov_len =3D strlen (iov[2 + cnt].iov_base) + 1; } The last iteration (cnt =3D=3D 7) will dereference time->abday[7] which is= =20 one past the end of the array. As far as I understand it -Warray-bounds should be emitting a warning=20 for this case, but PR31227 seemed to be about removing these warnings. The PR comments do not explain why the array accesses are valid and I'm=20 hoping someone can shed some light on the situation - what are we missing? Thanks, Matt --=20 Matthew Gretton-Dann Principal Engineer, PD Software - Tools, ARM Ltd