[Bug tree-optimization/102006] A false warning "Array subscript -N is outside array bounds warning"
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102006 Martin Sebor changed: What|Removed |Added Status|UNCONFIRMED |RESOLVED Resolution|--- |INVALID --- Comment #12 from Martin Sebor --- Thanks for letting us know. Resolving as invalid then.
[Bug tree-optimization/102006] A false warning "Array subscript -N is outside array bounds warning"
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102006 --- Comment #11 from Dmitriano --- It was UB in my code, I dereference a pointer to an object that does not exist.
[Bug tree-optimization/102006] A false warning "Array subscript -N is outside array bounds warning"
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102006
--- Comment #10 from Martin Sebor ---
With the reduced test case from attachment 51366 I get the same warning:
$ gcc -O2 -S -Wall -std=c++20 -xc++ ListTest.cpp.i
In constructor ‘double_iterator::double_iterator(single_iterator) [with T =
Element; DLink = quick_link; ForwardLink = forward_link;
BackwardLink = backward_link]’,
inlined from ‘quick_list::iterator quick_list::end()
[with T = Element; DLink = quick_link]’ at ListTest.cpp.i:66:43,
inlined from ‘void ListHolder::PrintList()’ at ListTest.cpp.i:92:73,
inlined from ‘void List_TestFunc(const TestContext&)’ at
ListTest.cpp.i:103:19:
ListTest.cpp.i:30:96: warning: array subscript 0 is outside array bounds of
‘ListHolder [1]’ [-Warray-bounds]
30 | ator i) : double_iterator(static_cast(*i)) { }
| ^
ListTest.cpp.i: In function ‘void List_TestFunc(const TestContext&)’:
ListTest.cpp.i:102:14: note: at offset -16 into object ‘holder’ of size 16
102 | ListHolder holder (context);
| ^~
[Bug tree-optimization/102006] A false warning "Array subscript -N is outside array bounds warning"
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102006 --- Comment #9 from Martin Sebor --- Created attachment 51366 --> https://gcc.gnu.org/bugzilla/attachment.cgi?id=51366&action=edit Reduced test case. Attached is a reduced test case.
[Bug tree-optimization/102006] A false warning "Array subscript -N is outside array bounds warning"
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102006 --- Comment #8 from Dmitriano --- (In reply to Dmitriano from comment #7) > (In reply to Richard Biener from comment #6) > > It sounds like the usual upcasting of a link-only node which is strictly > > non-conforming and can also result in TBAA issues but it's wide-spread. > > Note I didn't look into the source at all. > > Yes it is a warning about upcasting, I cast a list node (or list link) of > type Link to list element of type T. Theoretically Link should always be a > subobject of T in my code. Saying more exactly, Link should be a subobject of T when I cast it, but not always.
[Bug tree-optimization/102006] A false warning "Array subscript -N is outside array bounds warning"
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102006 --- Comment #7 from Dmitriano --- (In reply to Richard Biener from comment #6) > It sounds like the usual upcasting of a link-only node which is strictly > non-conforming and can also result in TBAA issues but it's wide-spread. > Note I didn't look into the source at all. Yes it is a warning about upcasting, I cast a list node (or list link) of type Link to list element of type T. Theoretically Link should always be a subobject of T in my code.
[Bug tree-optimization/102006] A false warning "Array subscript -N is outside array bounds warning"
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102006 --- Comment #6 from Richard Biener --- It sounds like the usual upcasting of a link-only node which is strictly non-conforming and can also result in TBAA issues but it's wide-spread. Note I didn't look into the source at all.
[Bug tree-optimization/102006] A false warning "Array subscript -N is outside array bounds warning"
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102006
Martin Sebor changed:
What|Removed |Added
Blocks||56456
CC||msebor at gcc dot gnu.org
Keywords||diagnostic
Component|c++ |tree-optimization
--- Comment #5 from Martin Sebor ---
I ca confirm the warning but not yet that it's a bug or limitation in GCC.
The IL does show an access via an out-of-bounds pointer to a local object:
(struct Element *)&holder + -32B, so it's working as designed. I can't tell if
the access itself, adjusted for the offset of the member, is valid (i.e.,
what's D.146911's offset within holder), but even if it is, the warning
validates pointers without considering subsequent adjustments so if something
earlier ends up emitting one that's out-of-bounds the warning will trigger.
The out-of-bounds offset first shows up in the fixup_cfg3 dump. ListHolder is
multiply derived from the same base class whose members freely cast the this
pointer to the derived class so maybe that somehow results in the intermediate
negative offset. The translation unit is almost 90,000 of twisty C++ code so
it will take a bit of time to reduce to something manageable.
void List_TestFunc (const struct TestContext & context)
{
...
struct ListHolder holder;
...
[local count: 1073741824]:
_15 = MEM[(struct base_single_link *)&holder].pNext;
if (_15 != 0B)
goto ; [85.10%]
else
goto ; [14.90%]
[local count: 913754293]:
iftmp.2_16 = &MEM[(struct Element *)_15 + -32B].D.146911;
[local count: 1073741821]:
# i$m_p_24 = PHI
goto ; [100.00%]
...
[local count: 9761289345]:
# i$m_p_21 = PHI
if (&MEM[(struct Element *)&holder + -32B].D.146911 != i$m_p_21) <<<
-Warray-bounds
goto ; [89.00%]
else
goto ; [11.00%]
Referenced Bugs:
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=56456
[Bug 56456] [meta-bug] bogus/missing -Warray-bounds
