On Fri, Jul 18, 2014 at 1:15 PM, H. Peter Anvin <hpa@xxxxxxxxx> wrote: > On 07/18/2014 01:08 PM, Andy Lutomirski wrote: >> >> i isn't an index in to the syms array at all. This code is completely >> wrong. See the patch I sent in reply to Stephen's original email. >> >> But, to your earlier point, presumably this could warn: >> >> for (int i = 0; i < 10; i++) >> if (array[i] > array[5] + 1) >> fail(); >> >> I think that's absurd. There's nothing wrong with that code. A given >> test should have to be always true or always false on *all* loop >> iterations to be flagged, I think. >> > > No, the issue is that gcc is telling you that the code will do the wrong > thing in this case. Yes, only for one iteration, but still. > > The reason this is a concern is that: (x > x + n) and its variants is > often used to mean (x > INT_MAX - n) without the type knowledge, but > that is actually invalid standard C because signed types are not > guaranteed to wrap. Right, but the constant in this case is *much* less than INT_MAX. Anyway, this is moot. I do wonder whether the kind of people who build hardened kernels should enable -fwrapv, though. --Andy > > -hpa > -- Andy Lutomirski AMA Capital Management, LLC -- To unsubscribe from this list: send the line "unsubscribe linux-next" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
