------- Additional Comments From dcb314 at hotmail dot com 2005-06-20 08:10
-------
I fiddled with the supplied patch, and got this
--- expr.c.sav 2005-06-18 14:45:34.000000000 +0100
+++ expr.c 2005-06-19 11:19:02.000000000 +0100
@@ -5537,6 +5537,20 @@
tree low_bound = (domain ? TYPE_MIN_VALUE (domain) : 0);
tree unit_size = TYPE_SIZE_UNIT (TREE_TYPE (TREE_TYPE (array)));
+ if ((domain != 0) && (TREE_CODE (index) == INTEGER_CST))
+ {
+ if ((TREE_CODE (low_bound) == INTEGER_CST
+ && tree_int_cst_lt(index, low_bound))
+ || ((TYPE_MAX_VALUE (domain) != 0)
+ && (TREE_CODE (TYPE_MAX_VALUE (domain)) == INTEGER_CST)
+ && tree_int_cst_lt (TYPE_MAX_VALUE (domain), index)
+ /* Accesses after the end of arrays of size 0 (gcc
+ extension) and 1 are likely intentional. */
+ && !tree_int_cst_lt (TYPE_MAX_VALUE (domain),
+ build_int_2 (2, 0))))
+ warning ("array subscript out of range");
+ }
+
/* We assume all arrays have sizes that are a multiple of a byte.
First subtract the lower bound, if any, in the type of the
index, then convert to sizetype and multiply by the size of the
I tried it out on the gcc34, and it seemed to work fine, finding eight
bugs in the Linux kernel.
I don't know how to progress this patch to get it into the official sources for
the gcc34 series. Advice sought.
I tried out the patch on gcc400, and it didn't work. More work needed there.
--
What |Removed |Added
----------------------------------------------------------------------------
CC| |dcb314 at hotmail dot com
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=8268
