[Bug middle-end/91146] [9/10 Regression] -Werror=array-bounds if compile with -fsanitize=address
jakub at gcc dot gnu.org
gcc-bugzilla@gcc.gnu.org
Wed Mar 18 09:45:01 GMT 2020
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91146
--- Comment #12 from Jakub Jelinek <jakub at gcc dot gnu.org> ---
Though, admittedly fixing that:
T *EltPtr = &Elt;
- if (I <= EltPtr && EltPtr < this->EndX)
+ if ((std::uintptr_t) I <= (std::uintptr_t) EltPtr && (std::uintptr_t)
EltPtr < (std::uintptr_t) this->EndX)
++EltPtr;
*I = ::std::move(*EltPtr);
doesn't make the warning go away.
We have:
int D.48534;
...
<bb 30> [local count: 885408257]:
# EltPtr_49 = PHI <&D.48534(27), &D.48534(28), &MEM <int> [(void *)&D.48534 +
4B](29)>
_50 = MEM[(type &)EltPtr_49];
*I_42 = _50;
before phiprop and phiprop changes that into:
<bb 38> [local count: 442704129]:
_33 = MEM[(type &)&D.48534];
goto <bb 30>; [100.00%]
...
<bb 39> [local count: 221352064]:
_34 = MEM[(type &)&D.48534];
goto <bb 30>; [100.00%]
<bb 29> [local count: 221352064]:
_48 = MEM[(type &)&D.48534 + 4];
<bb 30> [local count: 885408257]:
# EltPtr_49 = PHI <&MEM <int> [(void *)&D.48534 + 4B](29), &D.48534(38),
&D.48534(39)>
# _50 = PHI <_48(29), _33(38), _34(39)>
*I_42 = _50;
where the _48 load is clearly UB, but with -fsanitize=address the compiler
can't prove that it is unreachable, or with the adjusted testcase either.
So we are back to the dozens of other PRs of this kind, late warnings warning
on UB in dead code and the question what the users actually want, whether a
(false positive) warning, or no warning, or whether the compiler should replace
the UB code with __builtin_unreachable and let the code be further simplified,
or replace it with __builtin_trap.
More information about the Gcc-bugs
mailing list