------- Comment #1 from jakub at gcc dot gnu dot org 2007-03-16 19:17 ------- Another testcase, this time from glibc's malloc.c: struct malloc_chunk { long prev_size; long size; struct malloc_chunk* fd; struct malloc_chunk* bk; }; typedef struct malloc_chunk* mchunkptr; struct malloc_state { mchunkptr top; mchunkptr last_remainder; mchunkptr bins[128 * 2 - 2]; }; #define bin_at(m, i) \ (mchunkptr) (((char *) &((m)->bins[((i) - 1) * 2])) \ - __builtin_offsetof (struct malloc_chunk, fd))
void malloc_init_state(struct malloc_state *av) { int i; mchunkptr bin; for (i = 1; i < 128; ++i) { bin = bin_at(av,i); bin->fd = bin->bk = bin; } } at -O2 -Wall this warns: warning: array subscript is below array bounds -- http://gcc.gnu.org/bugzilla/show_bug.cgi?id=31227