[Bug middle-end/78081] -Wmaybe-initialized false-alarm regression for Emacs regex.c (jump threading fallout)

["msebor at gcc dot gnu.org" <gcc-bugzilla@gcc.gnu.org>]

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=78081

Martin Sebor <msebor at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |msebor at gcc dot gnu.org
      Known to fail|5.4.0, 6.3.0, 7.0.1, 8.0    |10.2.0, 11.0, 5.5.0, 6.4.0,
                   |                            |7.2.0, 8.3.0, 9.1.0

--- Comment #4 from Martin Sebor <msebor at gcc dot gnu.org> ---
Reconfirmed with GCC 11 and both the original test case as well as the reduced
test case below.  The warning is augmented to print a couple of notes, the
first showing the condition under which the variable is determined to be
uninitialized, and the second the condition under which it's used.  The
expressions printed in the notes: (s == 0) and (s != 0 && (f (s_23) != 1), are
clearly mutually exclusive but the warning has recorded '(.NOT.) _1 == 1
(.AND.) s_23 != 0B' as the used condition and doesn't have the smarts to figure
out that the s_23 PHI <s_3(5), 0B(10)>  is equal to s_3(5) in bb 8.

$ cat pr78081.c && gcc -O2 -S -Wall -fdump-tree-uninit=/dev/stdout pr78081.c
extern int f (const char *);

int g (const char *s0, const char *s1)
{
  for (const char *s = s1; ; )
    {
      long i;

      if (s)
        i = s - s0;

      if (f (s) == 1)
        break;

      if (s)
        s = i + s0;
    }

  return -1;
}

;; Function g (g, funcdef_no=0, decl_uid=1946, cgraph_uid=1, symbol_order=0)
...
Testing if this predicate:  (.NOT.) s_3 != 0B                                 
<<< s != 0
...can be invalidated by a USE guard of:  (.NOT.) _1 == 1 (.AND.) s_23 != 0B  
<<< s != 0
[BEFORE SIMPLICATION -- [USE]:
i.0_2 = (sizetype) i_22;
is guarded by :

 (.NOT.) _1 == 1 (.AND.) s_23 != 0B


[BEFORE NORMALIZATION --[USE]:
i.0_2 = (sizetype) i_22;
is guarded by :

 (.NOT.) _1 == 1 (.AND.) s_23 != 0B


[AFTER NORMALIZATION -- [USE]:
i.0_2 = (sizetype) i_22;
is guarded by :

s_23 != 0B (.AND.)  (.NOT.) _1 == 1


[CHECK]: Found unguarded use: i.0_2 = (sizetype) i_22;

pr78081.c: In function ‘g’:
pr78081.c:16:15: warning: ‘i’ may be used uninitialized in this function
[-Wmaybe-uninitialized]
   16 |         s = i + s0;
      |             ~~^~~~
pr78081.c:7:12: note: when ‘s == 0’
    7 |       long i;
      |            ^
pr78081.c:7:12: note: used when ‘s != 0 && f (s_23) != 1’
pr78081.c:7:12: note: ‘i’ was declared here


int g (const char * s0, const char * s1)
{
  long int i;
  const char * s;
  int _1;
  sizetype i.0_2;

  <bb 2> [local count: 118111598]:

  <bb 3> [local count: 787052758]:
  # s_3 = PHI <s_13(8), s1_7(D)(2)>
  # i_4 = PHI <i_22(8), i_8(D)(2)>   <<< i_8(D) is uninitialized
  if (s_3 != 0B)
    goto <bb 4>; [90.32%]
  else
    goto <bb 11>; [9.68%]

  <bb 11> [local count: 76166394]:
  goto <bb 5>; [100.00%]

  <bb 4> [local count: 751619280]:
  i_11 = s_3 - s0_10(D);

  <bb 5> [local count: 827785674]:     <<< s_3 != 0
  # i_22 = PHI <i_4(11), i_11(4)>      <<< (2)

  <bb 6> [local count: 1073741824]:
  # s_23 = PHI <s_3(5), 0B(10)>        <<< s_23
  _1 = f (s_23);
  if (_1 == 1)
    goto <bb 9>; [11.00%]
  else
    goto <bb 7>; [89.00%]

  <bb 7> [local count: 955630225]:
  if (s_23 != 0B)                      <<< s_23 != 0
    goto <bb 8>; [70.00%]
  else
    goto <bb 10>; [30.00%]

  <bb 10> [local count: 286689065]:
  goto <bb 6>; [100.00%]

  <bb 8> [local count: 668941161]:     <<< s_23 != 0
  i.0_2 = (sizetype) i_22;             <<< (1)
  s_13 = s0_10(D) + i.0_2;             <<< use: -Wmaybe-uninitialized
  goto <bb 3>; [100.00%]

  <bb 9> [local count: 118111600]:
  return -1;

}