X-Authentication-Warning: delorie.com: mail set sender to djgpp-bounces using -f
Date: Tue, 27 Jul 2004 09:06:40 -0400
Message-Id: <200407271306.i6RD6e8o010681@envy.delorie.com>
From: DJ Delorie <dj AT delorie DOT com>
To: djgpp AT delorie DOT com
In-reply-to: <20040727070949.29244.00000306@mb-m19.aol.com> (sterten@aol.com)
Subject: Re: assembly code of the "strange error" - program
References: <WcpNc.640$zS6 DOT 86489 AT news02 DOT tsnz DOT net> <20040727070949 DOT 29244 DOT 00000306 AT mb-m19 DOT aol DOT com>
Errors-To: nobody AT delorie DOT com
X-Mailing-List: djgpp AT delorie DOT com
X-Unsubscribes-To: listserv AT delorie DOT com
Precedence: bulk


> and that should be reason enough for a good compiler to issue a runtime
> warning at this point.

There are some gcc-extension projects that do that, but they're not
part of the official gcc.  Why?  Because (1) they slow down program
execution, and (2) the C language doesn't make it easy to do bounds
checking reliably.

If you're interested, search the gcc.gnu.org site for "bounds checking
gcc" or something to that effect.  It's one of the development
projects.

>  >     "One of the most coimmon and troublesome errors in C programming
>  >      occurs when an index value goes out of range for an array - that
>  >      is, when an index value is less than zero or greater than the size
>  >      of the array minus one."
> 
> if it's such a common error, then why is there apparantly no utility yet
> to convert .c sources into other .c sources which test the array bounds ?
> Can't be so difficult to write such a program.

It's the C language that makes it difficult to get this right.  Consider
passing an array as a pointer to a function:

	int a[5];
	foo(a);

Now, the function has a pointer... but to what?  It doesn't have any
bounds information.

> 3rd time in a few days that I hear this ;-)
> C gives me enough rope to hang myself _by accident_ .I'd wish it were
> safer to use C.

Use C++ with class-based lists instead, then you can add all sorts of
safety stuff.  Or use Pascal.

> how far am I allowed to go back, before gcc will crash ? 
> I tried : int main(){i=9;m1:printf("%i ",i);c=R[i];i++;goto m1;}
> i goes up to about 150000 and down to about -12000 before it crashes

Reading outside an array is far less dangerous that writing outside an
array.  You have to get to the extents of your memory region before
you have problems.

> So what is written by the compiler into the area directly
> before the data-area ?

If it's a local array, it's on the stack, so just before the array is
the "top" of your stack - other variables, locals, etc.  Go far enough
and you run into your static data.  Just after the array is your
function call frame - return address, etc.  Write to those and you're
toast.

>  >int U[99]; memset(U, 4, sizeof(U));
>  >memset fills the memory locations used by U with the value 4.

No, it sets it to 0x04040404.

> I prefer:  for(i=0;i<99;i++)U[i]=4;

memset is a lot faster if you want to set it to zero, though.