From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: by sourceware.org (Postfix, from userid 48) id 9CDB93858D33; Wed, 8 Mar 2023 21:04:36 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 9CDB93858D33 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gcc.gnu.org; s=default; t=1678309476; bh=ODp997me7XVkKn0gtSV+ry1c+6UCs4oBwNULBDayFyI=; h=From:To:Subject:Date:From; b=YEMXkCMLrDFTgoTEdiXFDbwNZrdOkcOZu4cAisqdrlbfMCkPOzvzbMuqwhHo4Es0a kV4E11BBGrCn4Mgy5OQmV/SAOduCVZIzJyJ+chVUVrhc5m5nCZZtHfaS5DyhioW15J HbTHfa/tXDLX9oHGkQ5bEBUfDi73HSud8vVi++s4= From: "kees at outflux dot net" To: gcc-bugs@gcc.gnu.org Subject: [Bug c/109071] New: -Warray-bounds warning when array index checked via inline Date: Wed, 08 Mar 2023 21:04:36 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: gcc X-Bugzilla-Component: c X-Bugzilla-Version: 13.0 X-Bugzilla-Keywords: X-Bugzilla-Severity: normal X-Bugzilla-Who: kees at outflux dot net X-Bugzilla-Status: UNCONFIRMED X-Bugzilla-Resolution: X-Bugzilla-Priority: P3 X-Bugzilla-Assigned-To: unassigned at gcc dot gnu.org X-Bugzilla-Target-Milestone: --- X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: bug_id short_desc product version bug_status bug_severity priority component assigned_to reporter target_milestone attachments.created Message-ID: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: http://gcc.gnu.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 List-Id: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=3D109071 Bug ID: 109071 Summary: -Warray-bounds warning when array index checked via inline Product: gcc Version: 13.0 Status: UNCONFIRMED Severity: normal Priority: P3 Component: c Assignee: unassigned at gcc dot gnu.org Reporter: kees at outflux dot net Target Milestone: --- Created attachment 54611 --> https://gcc.gnu.org/bugzilla/attachment.cgi?id=3D54611&action=3Dedit PoC for -Warray-bounds false positive The Linux kernel is seeing -Warray-bounds warnings when array indexes are b= eing checked via inlines. This appears to be in the overly noisy/false positive territory, but I don't actually know what's going on. The upstream report is here: https://lore.kernel.org/lkml/20230306220947.1982272-1-trix@redhat.com/ Originally I thought this was another -fsanitizer=3Dshift issue, but after reducing the test-case, it seems to be related to inlining or some other as= pect of optimization passes. If the "assign" function is open-coded in the caller, the warning goes away. If the index checks are moved before the "assign" calls, the warning goes a= way. If there is only 1 call to "assign", the warning goes away. Fundamentally there should be no warning at all since the value of "index" = is entirely unknown _except_ when it makes the call to "warn". $ cat test.c extern void warn(void); #define MAX_ENTRIES 4 static inline void assign(int val, int *regs, int index) { if (index >=3D MAX_ENTRIES) warn(); *regs =3D val; } struct nums { int vals[MAX_ENTRIES]; }; void sparx5_psfp_sg_set(int *ptr, struct nums *sg, int index) { int *val; val =3D &sg->vals[index]; assign(0, ptr, index); assign(*val, ptr, index); } $ gcc -Wall -O2 -c -o test.o test.c test.c: In function 'sparx5_psfp_sg_set': test.c:20:24: warning: array subscript 4 is above array bounds of 'int[4]' [-Warray-bounds=3D] 20 | val =3D &sg->vals[index]; | ~~~~~~~~^~~~~~~ test.c:13:13: note: while referencing 'vals' 13 | int vals[MAX_ENTRIES]; | ^~~~=