[Bug tree-optimization/45978] [4.6 Regression] bogus array subscript is above array bounds warning in extremely simple code with no loops
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=45978 Jakub Jelinek jakub at gcc dot gnu.org changed: What|Removed |Added Status|NEW |RESOLVED Resolution||FIXED Target Milestone|4.6.4 |4.7.0 --- Comment #12 from Jakub Jelinek jakub at gcc dot gnu.org 2013-04-12 16:17:49 UTC --- The 4.6 branch has been closed, fixed in GCC 4.7.0.
[Bug tree-optimization/45978] [4.6 Regression] bogus array subscript is above array bounds warning in extremely simple code with no loops
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=45978 --- Comment #11 from Petr.Salinger at seznam dot cz 2012-07-16 06:48:07 UTC --- Created attachment 27800 -- http://gcc.gnu.org/bugzilla/attachment.cgi?id=27800 testcase Another failing testcase - reduced from xserver-xorg-input-mouse
[Bug tree-optimization/45978] [4.6 Regression] bogus array subscript is above array bounds warning in extremely simple code with no loops
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=45978 Jakub Jelinek jakub at gcc dot gnu.org changed: What|Removed |Added Target Milestone|4.6.3 |4.6.4 --- Comment #10 from Jakub Jelinek jakub at gcc dot gnu.org 2012-03-01 14:38:47 UTC --- GCC 4.6.3 is being released.
[Bug tree-optimization/45978] [4.6 Regression] bogus array subscript is above array bounds warning in extremely simple code with no loops
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=45978 Jakub Jelinek jakub at gcc dot gnu.org changed: What|Removed |Added Target Milestone|4.6.2 |4.6.3 --- Comment #9 from Jakub Jelinek jakub at gcc dot gnu.org 2011-10-26 17:13:44 UTC --- GCC 4.6.2 is being released.
[Bug tree-optimization/45978] [4.6 Regression] bogus array subscript is above array bounds warning in extremely simple code with no loops
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=45978 --- Comment #8 from torsten at debian dot org 2011-08-19 22:54:11 UTC --- Created attachment 25059 -- http://gcc.gnu.org/bugzilla/attachment.cgi?id=25059 An obviously correct example that triggers the bug. (In reply to comment #7) GCC 4.6.1 is being released. I just searched for this problem due to a bug report that SWIG causes out of bounds array accesses: https://sourceforge.net/tracker/?func=detailatid=101645aid=3394790group_id=1645 It turns out that the generated code is similar to the trivial example that I attached. Perhaps this makes it easier to track down the bug.
[Bug tree-optimization/45978] [4.6 Regression] bogus array subscript is above array bounds warning in extremely simple code with no loops
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=45978 Jakub Jelinek jakub at gcc dot gnu.org changed: What|Removed |Added Target Milestone|4.6.1 |4.6.2 --- Comment #7 from Jakub Jelinek jakub at gcc dot gnu.org 2011-06-27 12:33:02 UTC --- GCC 4.6.1 is being released.
[Bug tree-optimization/45978] [4.6 Regression] bogus array subscript is above array bounds warning in extremely simple code with no loops
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=45978 Richard Guenther rguenth at gcc dot gnu.org changed: What|Removed |Added Known to work||4.7.0 Summary|[4.6/4.7 Regression] bogus |[4.6 Regression] bogus |array subscript is above |array subscript is above |array bounds warning in|array bounds warning in |extremely simple code with |extremely simple code with |no loops|no loops --- Comment #6 from Richard Guenther rguenth at gcc dot gnu.org 2011-05-20 08:19:59 UTC --- The bug was indeed worked around in VRP by making it use the CCP engine. It now sees MEM[(struct Y *)retval + 16B] = vect_cst_.6_11; instead of MEM[(struct Y *)retval].ar[4] as a base which makes it not warn. The vectorizer still uses that address as base though. So I suppose we can say it's fixed in 4.7 by adjusting the pass that emits the warning.
[Bug tree-optimization/45978] [4.6 Regression] bogus array subscript is above array bounds warning in extremely simple code with no loops
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=45978
Richard Guenther rguenth at gcc dot gnu.org changed:
What|Removed |Added
Priority|P3 |P2
--- Comment #3 from Richard Guenther rguenth at gcc dot gnu.org 2011-02-08
13:37:48 UTC ---
Something like
Index: gimple-fold.c
===
--- gimple-fold.c (revision 169917)
+++ gimple-fold.c (working copy)
@@ -212,6 +212,7 @@ maybe_fold_offset_to_array_ref (location
tree min_idx, idx, idx_type, elt_offset = integer_zero_node;
tree array_type, elt_type, elt_size;
tree domain_type;
+ tree no_warning = false;
/* If BASE is an ARRAY_REF, we can pick up another offset (this time
measured in units of the size of elements type) from that ARRAY_REF).
@@ -308,26 +309,34 @@ maybe_fold_offset_to_array_ref (location
char *(c[4]);
c[3][2];
should not be simplified into (*c)[14] or tree-vrp will
- give false warnings.
- This is only an issue for multi-dimensional arrays. */
- if (TREE_CODE (elt_type) == ARRAY_TYPE
- domain_type)
+ give false warnings. For multi-dimensional arrays
+ avoid this transformation, for one-dimensional arrays
+ set TREE_NO_WARNING on out-of-bound references. */
+ if (domain_type)
{
+ bool oob = false;
if (TYPE_MAX_VALUE (domain_type)
TREE_CODE (TYPE_MAX_VALUE (domain_type)) == INTEGER_CST
tree_int_cst_lt (TYPE_MAX_VALUE (domain_type), idx))
- return NULL_TREE;
+ oob = true;
else if (TYPE_MIN_VALUE (domain_type)
TREE_CODE (TYPE_MIN_VALUE (domain_type)) == INTEGER_CST
tree_int_cst_lt (idx, TYPE_MIN_VALUE (domain_type)))
- return NULL_TREE;
+ oob = true;
else if (compare_tree_int (idx, 0) 0)
+ oob = true;
+ if (oob)
+ {
+ if (TREE_CODE (elt_type) == ARRAY_TYPE)
return NULL_TREE;
+ no_warning = true;
+ }
}
{
tree t = build4 (ARRAY_REF, elt_type, base, idx, NULL_TREE, NULL_TREE);
SET_EXPR_LOCATION (t, loc);
+TREE_NO_WARNING (t) = no_warning;
return t;
}
}
fixes this but will cause us to omit all warnings for C array accesses
that are out-of-bounds:
FAIL: gcc.dg/Warray-bounds.c (test for warnings, line 59)
FAIL: gcc.dg/Warray-bounds.c (test for warnings, line 60)
FAIL: gcc.dg/Warray-bounds.c (test for warnings, line 65)
FAIL: gcc.dg/Warray-bounds.c (test for warnings, line 66)
FAIL: gcc.dg/Warray-bounds.c (test for warnings, line 72)
FAIL: gcc.dg/Warray-bounds.c (test for warnings, line 73)
In general I'd say we should not warn from VRP after loop opts, and
for address-taking operations we should have a distinct warning,
eventually looking at object sizes, not only type bounds.
This bug is a regression only because we now vectorize the testcase to
xorps %xmm0, %xmm0
movq%rdi, %rax
movlps %xmm0, (%rdi)
movhps %xmm0, 8(%rdi)
movlps %xmm0, 16(%rdi)
movlps %xmm0, 24(%rdi)
compared to
xorl%edx, %edx
movq%rdi, %rax
movl%edx, (%rdi)
movl%edx, 4(%rdi)
movl%edx, 8(%rdi)
movl%edx, 12(%rdi)
movl%edx, 16(%rdi)
movl%edx, 20(%rdi)
movl%edx, 24(%rdi)
movl%edx, 28(%rdi)
which is a good thing.
Eventually we can mitigate the problem from inside the vectorizer by
not using
vect_p.7_13 = MEM[(struct Y *)retval].ar[0];
but instead
vect_p.7_13 = retval + off
style initial addresses. Unfortunately that isn't very easy to do.
[Bug tree-optimization/45978] [4.6 Regression] bogus array subscript is above array bounds warning in extremely simple code with no loops
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=45978 --- Comment #2 from Richard Guenther rguenth at gcc dot gnu.org 2010-11-15 12:00:20 UTC --- Hmm, I'm not sure how to address this - we warn about the address-taking operation which only at VRP time get's folded to MEM[(struct Y *)retval].ar[4] via maybe_fold_stmt_addition (which I only preserved to avoid some regressions I don't remember anymore during mem-ref development). Clearly even the first vectorized access spans more than the array (but we could set TREE_NO_WARNING on the memory reference itself).
[Bug tree-optimization/45978] [4.6 Regression] bogus array subscript is above array bounds warning in extremely simple code with no loops
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=45978 Richard Guenther rguenth at gcc dot gnu.org changed: What|Removed |Added Status|UNCONFIRMED |NEW Keywords||diagnostic Last reconfirmed||2010.10.12 09:44:10 Component|middle-end |tree-optimization Ever Confirmed|0 |1 Summary|bogus array subscript is |[4.6 Regression] bogus |above array bounds warning |array subscript is above |in extremely simple code|array bounds warning in |with no loops |extremely simple code with ||no loops Target Milestone|--- |4.6.0 --- Comment #1 from Richard Guenther rguenth at gcc dot gnu.org 2010-10-12 09:44:10 UTC --- Confirmed. The vectorizer uses MEM[(struct Y *)retval].ar[4]; as the base address for the store to .c.x, .c.y, .c.z, .d.
