[Bug sanitizer/81601] [7/8 Regression] incorrect Warray-bounds warning with -fsanitize
jakub at gcc dot gnu.org
gcc-bugzilla@gcc.gnu.org
Fri Jul 28 14:16:00 GMT 2017
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=81601
--- Comment #2 from Jakub Jelinek <jakub at gcc dot gnu.org> ---
The -Warray-bounds warning has false positives, so you can run into them and in
that case using -Werror isn't really a good idea.
The problem is that the same bitfield, tp->chrono_start, is accessed 2
different ways in the IL before vrp1:
_5 = tp_2(D)->chrono_type;
if (_5 == 0)
in one spot, and
_12 = BIT_FIELD_REF <*tp_2(D), 8, 128>;
_13 = _12 & 3;
if (_13 != 0)
in another. The optimizers don't treat those two as the same thing, and we
have
thus _5 used in the first condition, _13 in second one and then again _5.
>From the first condition it determines that _5 must be zero in that branch
(that is the if (type > tp->chrono_type) condition, where you do nothing if
tp->chrono_type is not 0), it doesn't know that also implies that _13 is 0 to
optimize that as dead code, and finally sees array index of [_5 - 1], and when
_5 is known to be 0, that means [-1], which is invalid. It is invalid, but in
dead code.
More information about the Gcc-bugs
mailing list