[Bug middle-end/66031] Spurious array bounds warning
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=66031 Mason changed: What|Removed |Added CC||slash.tmp at free dot fr --- Comment #2 from Mason --- FWIW, the following code looks somewhat fishy to me: unsigned char f = 10; extern unsigned char p[1]; char check(unsigned int n) { if (n - 1 >= f) return p[n]; return 1; } p[n] is well-defined iff n = 0 If n = 0, n - 1 = UINT_MAX, thus the test is true for any f No other value of n is allowed as an index into p. Thus I would expect gcc to turn the code into return (n == 0) ? p[0] : 1;
[Bug middle-end/66031] Spurious array bounds warning
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=66031 Richard Biener rguenth at gcc dot gnu.org changed: What|Removed |Added Status|UNCONFIRMED |NEW Last reconfirmed||2015-05-06 CC||rguenth at gcc dot gnu.org Ever confirmed|0 |1 --- Comment #1 from Richard Biener rguenth at gcc dot gnu.org --- Confirmed. We are confused by f being unsigned char somehow, so we don't see that bb 3: i_7 = i_1 + 1; _8 = (unsigned int) i_7; _9 = _8 + 4294967295; _10 = (unsigned int) f.1_5; if (_9 = _10) goto bb 4; else goto bb 6; bb 4: _11 = p[_8]; _12 = (char) _11; ... is never executed (thus _9 = _10 is true). DOM doesn't figure that out either, we are missing the simplification of i_7 = i_1 + 1; _8 = (unsigned int) i_7; _9 = _8 + 4294967295; to _9 = (unsigned int) i_1; but then we still have an unsigned int compare against f in one path and a signed int one in the other. We'd have to canonicalize to one form to eventually make DOM recognize the redundant compare - which OTOH won't help VRP to omit the warning (because VRP runs before DOM). VRPs analysis is not able to optimize such redundancy because it doesn't track symbolic ranges in addition to regular ones here. Summary: hard problem.