Bug 48267 - incorrect signed overflow warning when a pointer cannot possibly overflow
Summary: incorrect signed overflow warning when a pointer cannot possibly overflow
Status: NEW
Alias: None
Product: gcc
Classification: Unclassified
Component: middle-end (show other bugs)
Version: 4.5.2
: P3 minor
Target Milestone: ---
Assignee: Not yet assigned to anyone
Keywords: diagnostic
Depends on:
Reported: 2011-03-24 07:58 UTC by Paul Eggert
Modified: 2011-03-24 12:14 UTC (History)
0 users

See Also:
Known to work:
Known to fail: 4.5.2, 4.7.0
Last reconfirmed: 2011-03-24 12:14:46


Note You need to log in before you can comment on or make changes to this bug.
Description Paul Eggert 2011-03-24 07:58:09 UTC
I ran into this problem when compiling the GNU Emacs trunk with a GCC
4.5.2 that I built on RHEL 5.5 (x86-64).  I narrowed it down to the
following stripped-down test case.  This smells different from the previous
bug report I filed in this area (PR48228) on the same platform.

When I compile the following program with "gcc -S -Wstrict-overflow -O2"
GCC reports "warning: assuming pointer wraparound does not occur when comparing
P +- C1 with P +- C2".  This warning is incorrect, since
signed overflow is obviously impossible in this function: the only
pointers computed are head_table and head_table + 1, which are both
in range.  Changing the "+ 1" to "+ 7" generates even more warnings,
though the program is still correct.

int head_table[7];

foo (void)
  const int *p;
  int x = 0;

  for (p = head_table; p < head_table + 1; p++)
    x ^= *p;
  return x;
Comment 1 Richard Biener 2011-03-24 12:14:46 UTC
Confirmed.  Happens from

#1  0x00000000007307e7 in fold_undefer_overflow_warnings (issue=1 '\001', 
    stmt=0x7ffff5b373c0, code=2)
    at /space/rguenther/src/svn/trunk/gcc/fold-const.c:281
281       warning_at (locus, OPT_Wstrict_overflow, "%s", warnmsg);
#2  0x0000000000afdfdf in evaluate_stmt (stmt=0x7ffff5b373c0)
    at /space/rguenther/src/svn/trunk/gcc/tree-ssa-ccp.c:2117
2117          fold_undefer_overflow_warnings (is_constant, stmt, 0);
#3  0x0000000000aff7c5 in visit_cond_stmt (stmt=0x7ffff5b373c0, 
    at /space/rguenther/src/svn/trunk/gcc/tree-ssa-ccp.c:2443
2443      val = evaluate_stmt (stmt);
#4  0x0000000000aff8f8 in ccp_visit_stmt (stmt=0x7ffff5b373c0, 
    taken_edge_p=0x7fffffffda48, output_p=0x7fffffffda40)
    at /space/rguenther/src/svn/trunk/gcc/tree-ssa-ccp.c:2501
2501            return visit_cond_stmt (stmt, taken_edge_p);

(gdb) call debug_gimple_stmt (stmt)
if (p_1 < &head_table[1])

which calls fold_binary with &head_table < &head_table[1] and in the end warns

8688                  if (code != EQ_EXPR
8689                      && code != NE_EXPR
8690                      && bitpos0 != bitpos1
8691                      && (pointer_may_wrap_p (base0, offset0, bitpos0)
8692                          || pointer_may_wrap_p (base1, offset1, bitpos1)))
8693                    fold_overflow_warning (("assuming pointer wraparound does not "
8694                                            "occur when comparing P +- C1 with "
8695                                            "P +- C2"),
8696                                           WARN_STRICT_OVERFLOW_CONDITIONAL)

because we call pointer_may_wrap_p with base0 which isn't an address
but an object which is bogus.  It's argument has to depend on
indirect_base in which case we stripped an ADDR_EXPR.