Intel® C++ Compiler
Community support and assistance for creating C++ code that runs on platforms based on Intel® processors.
7833 Discussions

bug report - Incorrect array bounds report in dead code

Tim_H_
Beginner
‎10-14-2016 10:40 PM
205 Views

When compiling the code snippet below with

icc -std=c++11 -m64 -mfpmath=sse -march=core-avx2 -Wall -Wextra -O0 -g -c test.o test.cpp

using icc (ICC) 17.0.0 20160721, I get the warning message

test.cpp(6): warning #175: subscript out of range
data[5] = x;
detected during instantiation of "T foo<T>::baz(T) [with T=int]" at line 13]

template <typename T>
struct foo {
	T data[sizeof(T)] = {0};
	T baz(int x) {
		if(sizeof(T) > 4) {
			data[5] = x;
		}
		return data;
	}
};
int main() {
	foo<int> x;
	int a = x.baz(3);
	foo<double> y;
	int b = y.baz(5);
	return a + b;
}

The DCE pass is correctly eliminating the conditional in baz, so it appears that the array bounds check is happening too soon here.

test.o:     file format elf64-x86-64
Disassembly of section .text:

0000000000000000 <main>:
   0:	55                   	push   rbp
   1:	48 89 e5             	mov    rbp,rsp
   4:	48 83 e4 80          	and    rsp,0xffffffffffffff80
   8:	48 81 ec 80 00 00 00 	sub    rsp,0x80
   f:	33 f6                	xor    esi,esi
  11:	bf 03 00 00 00       	mov    edi,0x3
  16:	e8 00 00 00 00       	call   1b <main+0x1b>
  1b:	c5 f8 ae 1c 24       	vstmxcsr DWORD PTR [rsp]
  20:	81 0c 24 40 80 00 00 	or     DWORD PTR [rsp],0x8040
  27:	c5 f8 ae 14 24       	vldmxcsr DWORD PTR [rsp]
  2c:	b8 05 00 00 00       	mov    eax,0x5
  31:	c5 f8 77             	vzeroupper 
  34:	48 89 ec             	mov    rsp,rbp
  37:	5d                   	pop    rbp
  38:	c3                   	ret

 

0 Kudos

Link Copied

2 Replies
Melanie_B_Intel
Employee
‎10-19-2016 08:10 AM
205 Views

gcc organizes its compiler passes differently than icc.  We do all the semantic checking before we do dead code elimination.  

--Melanie

0 Kudos
Copy link
Judith_W_Intel
Employee
‎10-19-2016 02:18 PM
205 Views

 

Actually Gnu doesn't give an warning even if the code is not dead (i.e. there truly is an out of bound violation), i.e.:

sptxl15-405> cat foo.cpp


template <typename T>
struct foo {
    T data[sizeof(T)] = {0};
    T baz(int x) {
        data[5] = x;
        return data;
    }
};

int main() {
    foo<int> x;
    int a = x.baz(3);
    foo<double> y;
    int b = y.baz(5);
    return a + b;
}

sptxl15-406> icpc -Warray-bounds -c foo.cpp
foo.cpp(7): warning #175: subscript out of range
          data[5] = x;
              ^
          detected during instantiation of "T foo<T>::baz(int) [with T=int]" at line 16

foo.cpp(16): (col. 15) remark #13384: Possible access beyond allocated symbol x.10.0.3 sized 16 bytes
sptxl15-407> g++ -Warray-bounds -c foo.cpp
sptxl15-408>

0 Kudos
Copy link
Reply

Community support is provided during standard business hours (Monday to Friday 7AM - 5PM PST). Other contact methods are available here.

Intel does not verify all solutions, including but not limited to any file transfers that may appear in this community. Accordingly, Intel disclaims all express and implied warranties, including without limitation, the implied warranties of merchantability, fitness for a particular purpose, and non-infringement, as well as any warranty arising from course of performance, course of dealing, or usage in trade.

For more complete information about compiler optimizations, see our Optimization Notice.