From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 14299 invoked by alias); 15 Sep 2009 14:56:52 -0000 Received: (qmail 14277 invoked by uid 22791); 15 Sep 2009 14:56:50 -0000 X-SWARE-Spam-Status: No, hits=-1.6 required=5.0 tests=AWL,BAYES_00,J_CHICKENPOX_31,J_CHICKENPOX_33,J_CHICKENPOX_61,SPF_PASS X-Spam-Check-By: sourceware.org Received: from smtp-out.google.com (HELO smtp-out.google.com) (216.239.45.13) by sourceware.org (qpsmtpd/0.43rc1) with ESMTP; Tue, 15 Sep 2009 14:56:46 +0000 Received: from wpaz5.hot.corp.google.com (wpaz5.hot.corp.google.com [172.24.198.69]) by smtp-out.google.com with ESMTP id n8FEuiqc006908 for ; Tue, 15 Sep 2009 07:56:44 -0700 Received: from pxi40 (pxi40.prod.google.com [10.243.27.40]) by wpaz5.hot.corp.google.com with ESMTP id n8FEt6Nl000381 for ; Tue, 15 Sep 2009 07:56:41 -0700 Received: by pxi40 with SMTP id 40so3340277pxi.5 for ; Tue, 15 Sep 2009 07:56:41 -0700 (PDT) Received: by 10.115.39.11 with SMTP id r11mr13902397waj.152.1253026601239; Tue, 15 Sep 2009 07:56:41 -0700 (PDT) Received: from localhost.localdomain.google.com ([67.218.103.122]) by mx.google.com with ESMTPS id 23sm4095858pxi.1.2009.09.15.07.56.39 (version=TLSv1/SSLv3 cipher=RC4-MD5); Tue, 15 Sep 2009 07:56:40 -0700 (PDT) To: "Peter A. Felvegi" Cc: gcc@gcc.gnu.org Subject: Re: array subscript is below array bounds : false positive? References: <4AAF6A13.2090303@praire-chicken.com> From: Ian Lance Taylor Date: Tue, 15 Sep 2009 14:56:00 -0000 In-Reply-To: <4AAF6A13.2090303@praire-chicken.com> (Peter A. Felvegi's message of "Tue\, 15 Sep 2009 12\:18\:59 +0200") Message-ID: User-Agent: Gnus/5.11 (Gnus v5.11) Emacs/22.3 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-System-Of-Record: true X-IsSubscribed: yes Mailing-List: contact gcc-help@gcc.gnu.org; run by ezmlm Precedence: bulk List-Id: List-Archive: List-Post: List-Help: Sender: gcc-owner@gcc.gnu.org X-SW-Source: 2009-09/txt/msg00270.txt.bz2 "Peter A. Felvegi" writes: > I've run into this strange warning when compiling w/ optimization: > gcc-4.3 -O2 -Werror -Wall -c -o t.o t.c > cc1: warnings being treated as errors > t.c: In function =E2=80=98foo=E2=80=99: > t.c:25: error: array subscript is below array bounds This question is appropriate for gcc-help@gcc.gnu.org, not gcc@gcc.gnu.org. Please take any followups to gcc-help. Thanks. > t.c is : > ---->8---->8---->8---->8---->8---->8---->8---->8---->8---->8---- > #define ASSERT(x) if (x) { } else { __asm__("int $0x03"); } > #define SIZE 5 > > char hnd[SIZE]; > char flg[SIZE]; > > char crd(); > int idx(char); > void set(int i, char v); > > #if 1 > void set(int i, char v) > { > ASSERT(i >=3D0 && i < SIZE); > flg[i] =3D v; > } > #endif > > > void foo() > { > char c =3D crd(); > int i =3D idx(0); > ASSERT(i !=3D -1); > hnd[i] =3D c; // array subscript is below array bounds > set(i, 1); > } > ---->8---->8---->8---->8---->8---->8---->8---->8---->8---->8---- > > Suppose that idx(c) returns the position of c in an array, an the > return value of -1 means that c is not in the array. The assertion > checks that. > > The funny thing is, if I change the source a bit, the warning goes away: > 1) set '#if 1' to '#if 0' so that only the prototype of set() is visible > 2) comment out the ASSERT() int set() > 3) comment out ASSERT() just before the marked line > 4) comment out set(i, 1) just after the marked line > > The warning is not present under -O2. gcc is getting fooled because of your ASSERT macro. The optimizer is pulling the reference to hnd[i] into the ASSERT branches, because it can then optimize the reference knowing that i =3D=3D -1. That is: ASSERT (i !=3D -1) hnd[i] =3D c; =3D> if (i !=3D -1) { } else { __asm__ (""); } hnd[i] =3D c; =3D> if (i !=3D -1) { hnd[i] =3D c; } else { __asm__ (""); hnd[-1] =3D c; } You can avoid this kind of thing by telling gcc that your assert condition does not return. void assert_failure () __attribute__ ((noreturn, always_inline)); void assert_failure() { __asm__ ("int $0x03"); } #define ASSERT(x) if (x) { } else { assert_failure(); } Ian