[Bug c/115005] New: [gcc-13] bogus -Warray-bounds warning

[Bug c/115005] New: [gcc-13] bogus -Warray-bounds warning

[sezeroz at gmail dot com]

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=115005

            Bug ID: 115005
           Summary: [gcc-13] bogus -Warray-bounds warning
           Product: gcc
           Version: 13.2.1
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: c
          Assignee: unassigned at gcc dot gnu.org
          Reporter: sezeroz at gmail dot com
  Target Milestone: ---

Created attachment 58144
  --> https://gcc.gnu.org/bugzilla/attachment.cgi?id=58144&action=edit
reduced C source exhibiting the issue

The attached C source emits bogus -Warray-bounds warnings at -O2 and -O3
(tested on i686 and x86_64):

$ gcc13 -c -O2 -Wall mmcmp-small.c

In function 'block_unpack_8bit',
    inlined from 'decrunch_mmcmp' at mmcmp-small.c:231:4:
mmcmp-small.c:155:35: warning: array subscript 4294967295 is above array bounds
of 'const uint32[8]' {aka 'const unsigned int[8]'} [-Warray-bounds=]
  155 |                 if (d >= cmd_8bits[numbits]) {
      |                          ~~~~~~~~~^~~~~~~~~
mmcmp-small.c: In function 'decrunch_mmcmp':
mmcmp-small.c:39:21: note: while referencing 'cmd_8bits'
   39 | extern const uint32 cmd_8bits[8];
      |                     ^~~~~~~~~
In function 'block_unpack_16bit',
    inlined from 'decrunch_mmcmp' at mmcmp-small.c:229:4:
mmcmp-small.c:90:35: warning: array subscript 4294967295 is above array bounds
of 'const uint32[16]' {aka 'const unsigned int[16]'} [-Warray-bounds=]
   90 |                 if (d >= cmd_16bit[numbits]) {
      |                          ~~~~~~~~~^~~~~~~~~
mmcmp-small.c: In function 'decrunch_mmcmp':
mmcmp-small.c:41:21: note: while referencing 'cmd_16bit'
   41 | extern const uint32 cmd_16bit[16];
      |                     ^~~~~~~~~

The original file in question is at
https://github.com/libxmp/libxmp/blob/master/src/depackers/mmcmp.c
I removed as much clutter as I could, but you guys would most probably reduce
it more.
The issue was originally discussed at libxmp:
https://github.com/libxmp/libxmp/issues/667
Notes particularly at
https://github.com/libxmp/libxmp/issues/667#issuecomment-1712584590

The warnings go away if numbits is changed from uint32 to uint8 or uint16: 
We had changed it to uint8 as a solution.

[Bug c/115005] [gcc-13] bogus -Warray-bounds warning

[sezeroz at gmail dot com]

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=115005

--- Comment #1 from Ozkan Sezer <sezeroz at gmail dot com> ---
Created attachment 58145
  --> https://gcc.gnu.org/bugzilla/attachment.cgi?id=58145&action=edit
preprocessed original source

[Bug tree-optimization/115005] [gcc-13] bogus -Warray-bounds warning

[pinskia at gcc dot gnu.org]

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=115005

--- Comment #2 from Andrew Pinski <pinskia at gcc dot gnu.org> ---
Folding statement: _336 = cmd_8bits[numbits_181];
Folded into: _336 = cmd_8bits[4294967295];


Which comes from:

                uint32 d = get_bits(in, numbits+1, &bb);

                if (d >= cmd_8bits[numbits]) {

get_bits:
static uint32 get_bits(HIO_HANDLE *f, int n, struct bit_buffer *bb)
{
        uint32 bits;

        if (n == 0) {
                return 0;
        }

There is a jump threading there handling n==0 (aka numbits==-1u) and that is
causing the warning. Now if I understand it numbits can't be more than 128 (or
even 16 in the 16bit case).

Adding `if (numbits >= 128) __builtin_unreachable();` right before the git_bits
gets rid of the warning and seems like would produce better code.

The reason why using smaller types works is well (numbits+1) can never be 0.

[Bug tree-optimization/115005] [gcc-13] bogus -Warray-bounds warning

[sezeroz at gmail dot com]

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=115005

--- Comment #3 from Ozkan Sezer <sezeroz at gmail dot com> ---
> There is a jump threading there handling n==0 (aka numbits==-1u) and that is
> causing the warning.

The thing is, n==0 is not guarding against numbits==-1u: it is guarding
against 0 members of fetch_16bit[] (and fetch_8bit[]) arrays. As far as
I can see, that's where gcc13 is confused, no?

> Now if I understand it numbits can't be more than 128
> (or even 16 in the 16bit case).

Indeed: 15 is the upper limit in 16 bit case, and 7 in 8 bits case.

[Bug tree-optimization/115005] [gcc-13] bogus -Warray-bounds warning

[sezeroz at gmail dot com]

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=115005

--- Comment #4 from Ozkan Sezer <sezeroz at gmail dot com> ---
(In reply to Ozkan Sezer from comment #3)
> > There is a jump threading there handling n==0 (aka numbits==-1u) and that is
> > causing the warning.
> 
> The thing is, n==0 is not guarding against numbits==-1u: it is guarding
> against 0 members of fetch_16bit[] (and fetch_8bit[]) arrays. As far as
> I can see, that's where gcc13 is confused, no?

Hm, it seems I had replaced those fetch arrays in mmcmp-small.c
adding them back and re-uploading so the issue is better visible.

[Bug tree-optimization/115005] [gcc-13] bogus -Warray-bounds warning

[sezeroz at gmail dot com]

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=115005

Ozkan Sezer <sezeroz at gmail dot com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
  Attachment #58144|0                           |1
        is obsolete|                            |

--- Comment #5 from Ozkan Sezer <sezeroz at gmail dot com> ---
Created attachment 58156
  --> https://gcc.gnu.org/bugzilla/attachment.cgi?id=58156&action=edit
reduced C source exhibiting the issue