[Bug tree-optimization/77291] False positive for -Warray-bounds
rguenth at gcc dot gnu.org
gcc-bugzilla@gcc.gnu.org
Fri Aug 19 07:37:00 GMT 2016
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=77291
Richard Biener <rguenth at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Keywords| |diagnostic, wrong-code
Status|UNCONFIRMED |ASSIGNED
Last reconfirmed| |2016-08-19
Component|c++ |tree-optimization
Ever confirmed|0 |1
--- Comment #1 from Richard Biener <rguenth at gcc dot gnu.org> ---
Confirmed. VRP does
static void
check_array_ref (location_t location, tree ref, bool ignore_off_by_one)
{
...
up_bound = array_ref_up_bound (ref);
...
/* Accesses to trailing arrays via pointers may access storage
beyond the types array bounds. */
if (warn_array_bounds < 2
&& array_at_struct_end_p (ref))
return;
but here array_at_struct_end_p returns false because the size is still
constrained
by the DECL size. _But_ VRP fails to adjust up_bound accordingly, that is,
it is relying on array_at_struct_end_p to return true if the array bounds do
not
cover all possible elements towards its extent.
It looks like idx_infer_loop_bounds may have the same issue (wrong-code).
bounds_are_valid in graphite is even worse.
I'll think about a good solution.
More information about the Gcc-bugs
mailing list