Vincent Lefevre <vincent+gcc@xxxxxxxxxx> writes:
> On 2011-12-29 16:20:48 -0800, Ian Lance Taylor wrote:
>> To me this only proves that the compiler is not smart enough to see that
>> (s >> 1 == 0) implies that ((s & 0xffff) == 0xffff) can not be true.
>>
>> Are you suggesting that the compiler should never warn if there is a
>> conditional guarding the array access? Would that in practice be better
>> or worse than the current behaviour?
>
> I think there should be two different options:
> * one that would trigger the warning if the compiler can prove
> that there will always be an out-of-bound access when the
> function is executed (unless the compiler can prove that the
> function will never be executed);
> * one that would trigger the warning if there may be an out-of-bound
> access.
I wonder how often the first one would actually trigger. And I wonder
how much correct code the second one triggers on today. I personally
think it would be reasonable to rewrite the original example to avoid
the warning, since the code certainly looks like it can generate an out
of bounds access.
> BTW, can the user inform the compiler that some condition holds?
> i.e. some kind of assert() but specifically for the compiler.
As far as I know there is no way to do this directly. The closest you
can come is something like
if (!condition_which_must_be_true ())
__builtin_unreachable ();
This will help the compiler in some cases but it won't track a complex
condition in any useful way.
Ian
