Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Tim_H_
Beginner
50 Views

bug report - Incorrect array bounds report in dead code

When compiling the code snippet below with

icc -std=c++11 -m64 -mfpmath=sse -march=core-avx2 -Wall -Wextra -O0 -g -c test.o test.cpp

using icc (ICC) 17.0.0 20160721, I get the warning message

test.cpp(6): warning #175: subscript out of range
data[5] = x;
detected during instantiation of "T foo<T>::baz(T) [with T=int]" at line 13]

template <typename T>
struct foo {
	T data[sizeof(T)] = {0};
	T baz(int x) {
		if(sizeof(T) > 4) {
			data[5] = x;
		}
		return data;
	}
};
int main() {
	foo<int> x;
	int a = x.baz(3);
	foo<double> y;
	int b = y.baz(5);
	return a + b;
}

The DCE pass is correctly eliminating the conditional in baz, so it appears that the array bounds check is happening too soon here.

test.o:     file format elf64-x86-64
Disassembly of section .text:

0000000000000000 <main>:
   0:	55                   	push   rbp
   1:	48 89 e5             	mov    rbp,rsp
   4:	48 83 e4 80          	and    rsp,0xffffffffffffff80
   8:	48 81 ec 80 00 00 00 	sub    rsp,0x80
   f:	33 f6                	xor    esi,esi
  11:	bf 03 00 00 00       	mov    edi,0x3
  16:	e8 00 00 00 00       	call   1b <main+0x1b>
  1b:	c5 f8 ae 1c 24       	vstmxcsr DWORD PTR [rsp]
  20:	81 0c 24 40 80 00 00 	or     DWORD PTR [rsp],0x8040
  27:	c5 f8 ae 14 24       	vldmxcsr DWORD PTR [rsp]
  2c:	b8 05 00 00 00       	mov    eax,0x5
  31:	c5 f8 77             	vzeroupper 
  34:	48 89 ec             	mov    rsp,rbp
  37:	5d                   	pop    rbp
  38:	c3                   	ret    

 

0 Kudos
2 Replies
Melanie_B_Intel
Employee
50 Views

gcc organizes its compiler passes differently than icc.  We do all the semantic checking before we do dead code elimination.  

--Melanie

Judith_W_Intel
Employee
50 Views

 

Actually Gnu doesn't give an warning even if the code is not dead (i.e. there truly is an out of bound violation), i.e.:

sptxl15-405> cat foo.cpp


template <typename T>
struct foo {
    T data[sizeof(T)] = {0};
    T baz(int x) {
        data[5] = x;
        return data;
    }
};

int main() {
    foo<int> x;
    int a = x.baz(3);
    foo<double> y;
    int b = y.baz(5);
    return a + b;
}

sptxl15-406> icpc -Warray-bounds -c foo.cpp
foo.cpp(7): warning #175: subscript out of range
          data[5] = x;
              ^
          detected during instantiation of "T foo<T>::baz(int) [with T=int]" at line 16

foo.cpp(16): (col. 15) remark #13384: Possible access beyond allocated symbol x.10.0.3 sized 16 bytes
sptxl15-407> g++ -Warray-bounds -c foo.cpp
sptxl15-408>

Reply