[Bug c/66031] New: Spurious array bounds warning

[Bug c/66031] New: Spurious array bounds warning

[jmattson at vmware dot com]

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=66031

            Bug ID: 66031
           Summary: Spurious array bounds warning
           Product: gcc
           Version: 4.8.1
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: c
          Assignee: unassigned at gcc dot gnu.org
          Reporter: jmattson at vmware dot com
  Target Milestone: ---

Created attachment 35472
  --> https://gcc.gnu.org/bugzilla/attachment.cgi?id=35472&action=edit
Preprocessed source file

As a result of inlining, gcc generates an unreachable out-of-bounds array
access and then complains about it.

% gcc -v
Using built-in specs.
COLLECT_GCC=gcc
COLLECT_LTO_WRAPPER=/usr/lib64/gcc/x86_64-suse-linux/4.8/lto-wrapper
Target: x86_64-suse-linux
Configured with: ../configure --prefix=/usr --infodir=/usr/share/info
--mandir=/usr/share/man --libdir=/usr/lib64 --libexecdir=/usr/lib64
--enable-languages=c,c++,objc,fortran,obj-c++,java,ada
--enable-checking=release --with-gxx-include-dir=/usr/include/c++/4.8
--enable-ssp --disable-libssp --disable-plugin
--with-bugurl=http://bugs.opensuse.org/ --with-pkgversion='SUSE Linux'
--disable-libgcj --disable-libmudflap --with-slibdir=/lib64 --with-system-zlib
--enable-__cxa_atexit --enable-libstdcxx-allocator=new --disable-libstdcxx-pch
--enable-version-specific-runtime-libs --enable-linker-build-id
--program-suffix=-4.8 --enable-linux-futex --without-system-libunwind
--with-arch-32=i586 --with-tune=generic --build=x86_64-suse-linux
Thread model: posix
gcc version 4.8.1 20130909 [gcc-4_8-branch revision 202388] (SUSE Linux) 

% gcc -O2 -Wall v.i
v.c: In function ‘main’:
v.c:7:28: warning: array subscript is above array bounds [-Warray-bounds]
    if (n - 1 >= f) return p[n];
                            ^
>From gcc-bugs-return-485587-listarch-gcc-bugs=gcc.gnu.org@gcc.gnu.org Wed May 06 02:08:11 2015
Return-Path: <gcc-bugs-return-485587-listarch-gcc-bugs=gcc.gnu.org@gcc.gnu.org>
Delivered-To: listarch-gcc-bugs@gcc.gnu.org
Received: (qmail 45025 invoked by alias); 6 May 2015 02:08:11 -0000
Mailing-List: contact gcc-bugs-help@gcc.gnu.org; run by ezmlm
Precedence: bulk
List-Id: <gcc-bugs.gcc.gnu.org>
List-Archive: <http://gcc.gnu.org/ml/gcc-bugs/>
List-Post: <mailto:gcc-bugs@gcc.gnu.org>
List-Help: <mailto:gcc-bugs-help@gcc.gnu.org>
Sender: gcc-bugs-owner@gcc.gnu.org
Delivered-To: mailing list gcc-bugs@gcc.gnu.org
Received: (qmail 44947 invoked by uid 55); 6 May 2015 02:08:06 -0000
From: "jason at gcc dot gnu.org" <gcc-bugzilla@gcc.gnu.org>
To: gcc-bugs@gcc.gnu.org
Subject: [Bug c++/60417] [DR 1518] Bogus error on C++03 aggregate initialization
Date: Wed, 06 May 2015 02:08:00 -0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: gcc
X-Bugzilla-Component: c++
X-Bugzilla-Version: 4.9.0
X-Bugzilla-Keywords: rejects-valid
X-Bugzilla-Severity: normal
X-Bugzilla-Who: jason at gcc dot gnu.org
X-Bugzilla-Status: RESOLVED
X-Bugzilla-Resolution: FIXED
X-Bugzilla-Priority: P3
X-Bugzilla-Assigned-To: jason at gcc dot gnu.org
X-Bugzilla-Target-Milestone: 4.9.2
X-Bugzilla-Flags:
X-Bugzilla-Changed-Fields:
Message-ID: <bug-60417-4-E58CyMWgyq@http.gcc.gnu.org/bugzilla/>
In-Reply-To: <bug-60417-4@http.gcc.gnu.org/bugzilla/>
References: <bug-60417-4@http.gcc.gnu.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit
X-Bugzilla-URL: http://gcc.gnu.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-SW-Source: 2015-05/txt/msg00427.txt.bz2
Content-length: 840

https://gcc.gnu.org/bugzilla/show_bug.cgi?id`417

--- Comment #11 from Jason Merrill <jason at gcc dot gnu.org> ---
Author: jason
Date: Wed May  6 02:07:34 2015
New Revision: 222836

URL: https://gcc.gnu.org/viewcvs?rev"2836&root=gcc&view=rev
Log:
        DR 1518
        DR 1630
        PR c++/54835
        PR c++/60417
        * call.c (convert_like_real): Check value-initialization before
        explicit.
        * typeck2.c (process_init_constructor_record): Don't set
        CONSTRUCTOR_IS_DIRECT_INIT.
        (process_init_constructor_array): Likewise.
        * init.c (build_vec_init): Likewise.

Added:
    trunk/gcc/testsuite/g++.dg/cpp0x/initlist-dr1518.C
Modified:
    trunk/gcc/cp/ChangeLog
    trunk/gcc/cp/call.c
    trunk/gcc/cp/init.c
    trunk/gcc/cp/typeck2.c
    trunk/gcc/testsuite/g++.dg/cpp0x/initlist40.C

[Bug middle-end/66031] Spurious array bounds warning

[rguenth at gcc dot gnu.org]

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=66031

Richard Biener <rguenth at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|UNCONFIRMED                 |NEW
   Last reconfirmed|                            |2015-05-06
                 CC|                            |rguenth at gcc dot gnu.org
     Ever confirmed|0                           |1

--- Comment #1 from Richard Biener <rguenth at gcc dot gnu.org> ---
Confirmed.  We are confused by f being unsigned char somehow, so we don't see
that

  <bb 3>:
  i_7 = i_1 + 1;
  _8 = (unsigned int) i_7;
  _9 = _8 + 4294967295;
  _10 = (unsigned int) f.1_5;
  if (_9 >= _10)
    goto <bb 4>;
  else
    goto <bb 6>;

  <bb 4>:
  _11 = p[_8];
  _12 = (char) _11;
...

is never executed (thus _9 >= _10 is true).

DOM doesn't figure that out either, we are missing the simplification of

  i_7 = i_1 + 1;
  _8 = (unsigned int) i_7;
  _9 = _8 + 4294967295;

to

  _9 = (unsigned int) i_1;

but then we still have an unsigned int compare against f in one path and
a signed int one in the other.  We'd have to canonicalize to one form to
eventually make DOM recognize the redundant compare - which OTOH won't help
VRP to omit the warning (because VRP runs before DOM).  VRPs analysis is
not able to optimize such redundancy because it doesn't track symbolic
ranges in addition to regular ones here.

Summary: hard problem.