I've been trying to get Firefox building with gcc 4.7 on the Mozilla build slaves, and with PGO enabled, I'm getting an "array subscript is above array bounds" error (we do uses -Werror in some places) on code that doesn't look like it would have the problem. It doesn't happen without PGO. The line of code it happens on is: https://hg.mozilla.org/mozilla-central/file/bcf09432affd/netwerk/cache/nsDiskCacheMap.cpp#l1028 mBlockFile is defined here: https://hg.mozilla.org/mozilla-central/file/bcf09432affd/netwerk/cache/nsDiskCacheMap.h#l570 kNumBlockFiles is defined here: https://hg.mozilla.org/mozilla-central/file/bcf09432affd/netwerk/cache/nsDiskCacheMap.h#l59 and CalculateFileIndex here. https://hg.mozilla.org/mozilla-central/file/bcf09432affd/netwerk/cache/nsDiskCacheMap.cpp#l1028/ With these, I see no way "fileIndex - 1" can be "above array bounds" of mBlockFile[3], when fileIndex can only be 0, 1, 2 or 3. (and yes, there might be a problem when fileIndex is 0, but that's not "above array bounds")
Interestingly, if I modify CalculateFileIndex to return 3 instead of 0, the error doesn't happen. So it might be a case of confusing gcc warning/error message.
Could you attach a preprocessed file (compressed if needed) and the configuration/flags that reproduce the issue?
Created attachment 29798 [details] Preprocessed file This is the preprocessed file. In case that helps, the gcc it failed to build with is: http://puppetagain.pub.build.mozilla.org/data/repos/yum/releng/public/CentOS/6/x86_64/gcc472_0moz1-4.7.2-0moz1.x86_64.rpm The rpm spec used to create it: http://hg.mozilla.org/build/rpm-sources/file/396d84ab838e/gcc47/centos6-x86_64/gcc47.spec And the command line: /tools/gcc-4.7.2-0moz1/bin/g++ -o nsDiskCacheMap.o -c -I../../dist/stl_wrappers -I../../dist/system_wrappers -include /builds/slave/try-l64-0000000000000000000000/build/config/gcc_hidden.h -DMOZ_GLUE_IN_PROGRAM -DMOZILLA_INTERNAL_API -D_IMPL_NS_COM -DEXPORT_XPT_API -DEXPORT_XPTC_API -D_IMPL_NS_GFX -D_IMPL_NS_WIDGET -DIMPL_XREAPI -DIMPL_NS_NET -DIMPL_THEBES -DSTATIC_EXPORTABLE_JS_API -DNO_NSPR_10_SUPPORT -DIMPL_NS_NET -I/builds/slave/try-l64-0000000000000000000000/build/netwerk/cache/../base/src -I/builds/slave/try-l64-0000000000000000000000/build/netwerk/cache -I. -I../../dist/include -I/builds/slave/try-l64-0000000000000000000000/build/obj-firefox/dist/include/nspr -I/builds/slave/try-l64-0000000000000000000000/build/obj-firefox/dist/include/nss -fPIC -Wall -Wpointer-arith -Woverloaded-virtual -Werror=return-type -Wtype-limits -Wempty-body -Wsign-compare -Wno-invalid-offsetof -Wcast-align -fno-exceptions -fno-strict-aliasing -fno-rtti -ffunction-sections -fdata-sections -fno-exceptions -std=gnu++0x -pthread -pipe -DNDEBUG -DTRIMMED -g -fprofile-use -fprofile-correction -Wcoverage-mismatch -O3 -fno-omit-frame-pointer -Werror -Wno-error=uninitialized -Wno-error=deprecated-declarations -DMOZILLA_CLIENT -include ../../mozilla-config.h -MD -MF .deps/nsDiskCacheMap.o.pp /builds/slave/try-l64-0000000000000000000000/build/netwerk/cache/nsDiskCacheMap.cpp -save-temps=obj Error message: /builds/slave/try-l64-0000000000000000000000/build/netwerk/cache/nsDiskCacheMap.cpp: In member function 'nsresult nsDiskCacheMap::WriteDataCacheBlocks(nsDiskCacheBinding*, char*, uint32_t)': /builds/slave/try-l64-0000000000000000000000/build/netwerk/cache/nsDiskCacheMap.cpp:1042:68: error: array subscript is above array bounds [-Werror=array-bounds] I can't reproduce locally, so i suspect this also depends on the content of the gcda file, i'll try to get one.
Created attachment 29800 [details] nsDiskCacheMap.gcda I can reproduce with the preprocessed file and this gcda with gcc 4.7.2-5 from debian unstable with the following command line: g++ -o nsDiskCacheMap.o -c -fPIC -Wall -Wno-invalid-offsetof -fno-exceptions -fno-strict-aliasing -fno-rtti -fno-exceptions -std=gnu++0x -pipe -g -fprofile-use -fprofile-correction -Wcoverage-mismatch -O3 -fno-omit-frame-pointer -Werror -Wno-error=uninitialized -Wno-error=deprecated-declarations nsDiskCacheMap.ii
As noted in https://bugzilla.mozilla.org/show_bug.cgi?id=854105#c4, fileIndex is uint32_t, so 0 - 1 is UINT32_MAX, which makes the error valid. Now the question is why does it only show up with PGO with gcda info?
Created attachment 41887 [details] compiler output (In reply to Mike Hommey from comment #4) > Created attachment 29800 [details] > nsDiskCacheMap.gcda > > I can reproduce with the preprocessed file and this gcda with gcc 4.7.2-5 > from debian unstable with the following command line: > > g++ -o nsDiskCacheMap.o -c -fPIC -Wall -Wno-invalid-offsetof > -fno-exceptions -fno-strict-aliasing -fno-rtti -fno-exceptions -std=gnu++0x > -pipe -g -fprofile-use -fprofile-correction -Wcoverage-mismatch -O3 > -fno-omit-frame-pointer -Werror -Wno-error=uninitialized > -Wno-error=deprecated-declarations nsDiskCacheMap.ii I get lots of other errors when compiling the preprocessed file, but none from -Warray-bounds. Attaching my output as a separate file.
(In reply to Eric Gallager from comment #6) > Created attachment 41887 [details] > compiler output > > (In reply to Mike Hommey from comment #4) > > Created attachment 29800 [details] > > nsDiskCacheMap.gcda > > > > I can reproduce with the preprocessed file and this gcda with gcc 4.7.2-5 > > from debian unstable with the following command line: > > > > g++ -o nsDiskCacheMap.o -c -fPIC -Wall -Wno-invalid-offsetof > > -fno-exceptions -fno-strict-aliasing -fno-rtti -fno-exceptions -std=gnu++0x > > -pipe -g -fprofile-use -fprofile-correction -Wcoverage-mismatch -O3 > > -fno-omit-frame-pointer -Werror -Wno-error=uninitialized > > -Wno-error=deprecated-declarations nsDiskCacheMap.ii > > I get lots of other errors when compiling the preprocessed file, but none > from -Warray-bounds. Attaching my output as a separate file. Also closing since I couldn't reproduce the bug.