Package: gcc
Version: 4:4.7.2-1
Consider the following program.
[gibson /tmp/mdw]cat arr.c
int foo(const int *p, unsigned sz)
{
unsigned i;
int v[50000];
int x;
for (i = 0; i < sz; i++) v[i] = *p++;
x = v[i - 1];
for (; i < 1; i++) x -= 1;
return (x);
}
[gibson /tmp/mdw]gcc -c -O2 -g -pedantic -Wall arr.c
arr.c: In function ‘foo’:
arr.c:8:8: warning: array subscript is above array bounds [-Warray-bounds]
Of course, if 0 < sz <= 50000 then in fact all of the array accesses are
within bounds. (The `for' loop doesn't do anything useful, but taking
it out muffles the warning for some reason I don't understand.)
The above is a minimized version of some real code. In the real version
<http://git.distorted.org.uk/~mdw/catacomb/blob/2.1.5:/symm/square.c> I
can easily prove that an out-of-bounds access cannot occur (though that
requires detailed knowledge of the behaviour of external functions, so
I'm not surprised that the compiler doesn't do it).
This is rather vexing, since I'd like my project to be `-Werror' clean.
I can understand the merits of a warning which indicates that a program
may be incorrect, though (a) the description of `-Warray-bounds'
indicates that it should only be issued if the compiler can prove that
out-of-bounds access will occur, rather than if it can't prove that it
won't; and (b) it seems hard, in general, to silence out-of-bounds
warnings, whereas silencing (say) uninitialized-variable warnings is
easy.
So I think the documentation is correct when it says that `warns about
subscripts to arrays that are always out of bounds'. And therefore
warning about a program like the above example, where the out-of-bounds
access might or might not occur is a bug; and warning about a program
such as `square.c', linked, where in fact out-of-bounds access cannot
occur (though the analysis is certainly beyond the compiler's ability)
is definitely wrong.
-- [mdw]
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
