This is the mail archive of the
gcc-bugs@gcc.gnu.org
mailing list for the GCC project.
[Bug c/33024] gcc allows negatively-sized arrays
- From: "sdyoung at miranda dot org" <gcc-bugzilla at gcc dot gnu dot org>
- To: gcc-bugs at gcc dot gnu dot org
- Date: 8 Aug 2007 17:14:44 -0000
- Subject: [Bug c/33024] gcc allows negatively-sized arrays
- References: <bug-33024-14955@http.gcc.gnu.org/bugzilla/>
- Reply-to: gcc-bugzilla at gcc dot gnu dot org
------- Comment #3 from sdyoung at miranda dot org 2007-08-08 17:14 -------
Subject: Re: gcc allows negatively-sized arrays
On Wed, Aug 08, 2007 at 04:55:08PM -0000, pinskia at gcc dot gnu dot org wrote:
> ------- Comment #2 from pinskia at gcc dot gnu dot org 2007-08-08 16:55 -------
> This is not a bug, VLA's size is unsigned so -2 is converted over to
> 0xFFFFFFFD. also sizeof gives back an unsigned type. This is only undefined
> behavior anyways.
Looking at the assembly, this does not seem to be the case:
Looking at the assembly, this does not seem to be the case:
.file "test.c"
.section .rodata
.LC0:
.string "%d\n"
.text
.globl main
.type main, @function
main:
leal 4(%esp), %ecx
andl $-16, %esp
pushl -4(%ecx)
pushl %ebp
movl %esp, %ebp
pushl %ebx
pushl %ecx
subl $32, %esp
movl %gs:20, %eax
movl %eax, -12(%ebp)
xorl %eax, %eax
movl %esp, %eax
movl %eax, %ebx
movl $-2, -16(%ebp)
movl -16(%ebp), %edx
movl %edx, %eax
sall $2, %eax
addl $15, %eax
addl $15, %eax
shrl $4, %eax
sall $4, %eax
subl %eax, %esp
leal 8(%esp), %eax
movl %eax, -28(%ebp)
movl -28(%ebp), %eax
addl $15, %eax
shrl $4, %eax
sall $4, %eax
movl %eax, -28(%ebp)
movl -28(%ebp), %eax
movl %eax, -20(%ebp)
movl %edx, %eax
sall $2, %eax
movl %eax, 4(%esp)
movl $.LC0, (%esp)
call printf
movl %ebx, %esp
movl -12(%ebp), %edx
xorl %gs:20, %edx
je .L3
call __stack_chk_fail
.L3:
leal -8(%ebp), %esp
popl %ecx
popl %ebx
popl %ebp
leal -4(%ecx), %esp
ret
.size main, .-main
.ident "GCC: (GNU) 4.1.2 (Ubuntu 4.1.2-0ubuntu4)"
.section .note.GNU-stack,"",@progbits
Can you point out where in there 0xFFFFFFFD is popping up? I agree
it's undefined behaviour, but the fact that it doesn't issue a warning
about such obviously wrong behaviour seems bad.
Steve.
--
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=33024