public inbox for gcc-bugs@sourceware.org help / color / mirror / Atom feed
From: "msebor at gcc dot gnu.org" <gcc-bugzilla@gcc.gnu.org> To: gcc-bugs@gcc.gnu.org Subject: [Bug tree-optimization/106757] [12/13 Regression] Incorrect "writing 1 byte into a region of size 0" on a vectorized loop Date: Fri, 26 Aug 2022 19:21:26 +0000 [thread overview] Message-ID: <bug-106757-4-dTqy4VqIRv@http.gcc.gnu.org/bugzilla/> (raw) In-Reply-To: <bug-106757-4@http.gcc.gnu.org/bugzilla/> https://gcc.gnu.org/bugzilla/show_bug.cgi?id=106757 Martin Sebor <msebor at gcc dot gnu.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Last reconfirmed| |2022-08-26 Blocks| |88443 CC| |msebor at gcc dot gnu.org Ever confirmed|0 |1 Status|UNCONFIRMED |NEW Summary|[12/13 Regression] |[12/13 Regression] |Incorrect "writing 1 byte |Incorrect "writing 1 byte |into a region of size 0" |into a region of size 0" on |warning |a vectorized loop --- Comment #1 from Martin Sebor <msebor at gcc dot gnu.org> --- GCC unrolls the loop, and GCC 12 also vectorizes it. The combination of the two isolates stores from the loop that are out of bounds but that GCC cannot prove cannot happen: it has no insight into what value pqr_mbc_len() might return and if it's 5 or more the code would indeed write past the end. The warning just points it out. To "fix" this the unroller could use the bounds of the destination array to avoid emitting code for iterations of the loop that end up accessing objects outside their bounds (there already is logic that does that, controlled by the -faggressive-loop-optimizations option). Until then, if the function is guaranteed to return a value between 0 and 4 then adding the following assertion both avoids the warning and improves the emitted code. if (len < 0 || MBC_MAX < len) __builtin_unreachable (); The invalid stores can be seen in the IL output by the -fdump-tree-strlen=/dev/stdout developer option: <bb 7> [local count: 76354976]: bnd.6_47 = _26 >> 2; vect__3.11_53 = MEM <vector(4) char> [(char *)mbs_22]; MEM <vector(4) char> [(char *)&tmpchar] = vect__3.11_53; vectp_mbs.9_52 = mbs_22 + 4; niters_vector_mult_vf.7_48 = bnd.6_47 << 2; tmp.8_49 = (int) niters_vector_mult_vf.7_48; if (_26 == niters_vector_mult_vf.7_48) goto <bb 15>; [25.00%] else goto <bb 8>; [75.00%] <bb 8> [local count: 57266232]: _75 = (sizetype) tmp.8_49; _76 = vectp_mbs.9_52; _77 = MEM[(char *)vectp_mbs.9_52]; tmpchar[tmp.8_49] = _77; <<< -Wstringop-overflow k_79 = tmp.8_49 + 1; if (len_12 > 5) goto <bb 9>; [80.00%] else goto <bb 15>; [20.00%] <bb 9> [local count: 45812986]: _82 = 5; _83 = mbs_22 + 5; _84 = *_83; tmpchar[5] = _84; <<< -Wstringop-overflow k_86 = tmp.8_49 + 2; if (len_12 > k_86) goto <bb 10>; [80.00%] else goto <bb 15>; [20.00%] Referenced Bugs: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=88443 [Bug 88443] [meta-bug] bogus/missing -Wstringop-overflow warnings
next prev parent reply other threads:[~2022-08-26 19:21 UTC|newest] Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top 2022-08-26 18:32 [Bug c/106757] New: Incorrect "writing 1 byte into a region of size 0" warning jonathan.leffler at gmail dot com 2022-08-26 18:37 ` [Bug tree-optimization/106757] [12/13 Regression] " pinskia at gcc dot gnu.org 2022-08-26 19:21 ` msebor at gcc dot gnu.org [this message] 2022-08-29 8:26 ` [Bug tree-optimization/106757] [12/13 Regression] Incorrect "writing 1 byte into a region of size 0" on a vectorized loop rguenth at gcc dot gnu.org 2022-10-03 23:12 ` bergner at gcc dot gnu.org 2022-10-19 7:05 ` rguenth at gcc dot gnu.org 2022-12-05 20:35 ` rguenth at gcc dot gnu.org 2023-05-08 12:25 ` [Bug tree-optimization/106757] [12/13/14 " rguenth at gcc dot gnu.org 2024-03-15 1:08 ` [Bug tree-optimization/106757] [12/13 " law at gcc dot gnu.org 2024-05-26 2:59 ` jonathan.leffler at gmail dot com 2024-05-26 3:13 ` jonathan.leffler at gmail dot com 2024-05-26 5:32 ` jonathan.leffler at gmail dot com
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=bug-106757-4-dTqy4VqIRv@http.gcc.gnu.org/bugzilla/ \ --to=gcc-bugzilla@gcc.gnu.org \ --cc=gcc-bugs@gcc.gnu.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).