From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gcc-bugs-return-248824-listarch-gcc-bugs=gcc.gnu.org@gcc.gnu.org>
Received: (qmail 5586 invoked by alias); 30 Mar 2008 16:03:07 -0000
Received: (qmail 4964 invoked by alias); 30 Mar 2008 16:02:20 -0000
Date: Sun, 30 Mar 2008 16:03:00 -0000
Message-ID: <20080330160220.4963.qmail@sourceware.org>
X-Bugzilla-Reason: CC
References: <bug-30911-13647@http.gcc.gnu.org/bugzilla/>
Subject: [Bug tree-optimization/30911] VRP fails to eliminate range checks in Ada code
In-Reply-To: <bug-30911-13647@http.gcc.gnu.org/bugzilla/>
Reply-To: gcc-bugzilla@gcc.gnu.org
To: gcc-bugs@gcc.gnu.org
From: "baldrick at free dot fr" <gcc-bugzilla@gcc.gnu.org>
Mailing-List: contact gcc-bugs-help@gcc.gnu.org; run by ezmlm
Precedence: bulk
List-Id: <gcc-bugs.gcc.gnu.org>
List-Archive: <http://gcc.gnu.org/ml/gcc-bugs/>
List-Post: <mailto:gcc-bugs@gcc.gnu.org>
List-Help: <mailto:gcc-bugs-help@gcc.gnu.org>
Sender: gcc-bugs-owner@gcc.gnu.org
X-SW-Source: 2008-03/txt/msg02450.txt.bz2



------- Comment #64 from baldrick at free dot fr  2008-03-30 16:02 -------
Subject: Re:  VRP fails to eliminate range checks in Ada code

> > But there are no checks on the array access.  It looks like the f-e
> > doesn't generate them in the first place (as opposed to fold or gigi
> > making a mistake).
> 
> This is as documented in the GNAT manual, section 3.2.4 Validity Checking.
> You need to pass -gnatVs to have them.

Consider the following test case:

procedure Overflow (X : Positive) return Integer is
   A : array (Positive) of Integer;
   pragma Import (Ada, A);
begin
   A (X) := X;
end;

(for which no checks are generated).  In the user guide

 GNAT GPL User's Guide 
 The GNAT Ada Compiler
 GNAT GPL Edition, Version 2007
 Document revision level 1.422
 Date: 2007/03/30 03:28:29

in section 3.2.4 it says:

 In GNAT, the result of such an evaluation in normal default mode is to
 either use the value unmodified, or to raise Constraint_Error in those
 cases where use of the unmodified value would cause erroneous execution.
 The cases where unmodified values might lead to erroneous execution are
 case statements (where a wild jump might result from an invalid value),
 and subscripts on the left hand side (where memory corruption could occur
 as a result of an invalid value).

This testcase is a clear example of erroneous execution, being of the type
explicitly mentioned.  So according to section 3.2.4 Constraint_Error should
be raised "in normal default mode".  Yet this is not the case.


-- 


http://gcc.gnu.org/bugzilla/show_bug.cgi?id=30911