This is the mail archive of the
gcc-patches@gcc.gnu.org
mailing list for the GCC project.
Re: [PR tree-optimization/84047] missing -Warray-bounds on an out-of-bounds index
- From: Richard Biener <richard dot guenther at gmail dot com>
- To: Aldy Hernandez <aldyh at redhat dot com>
- Cc: Jakub Jelinek <jakub at redhat dot com>, Martin Sebor <msebor at redhat dot com>, gcc-patches <gcc-patches at gcc dot gnu dot org>
- Date: Thu, 8 Feb 2018 11:38:40 +0100
- Subject: Re: [PR tree-optimization/84047] missing -Warray-bounds on an out-of-bounds index
- Authentication-results: sourceware.org; auth=none
- References: <9a52975c-c720-f42f-3564-7b69e361487d@redhat.com> <CAFiYyc1mjj6bgTEgC0_Y1JeCa9K_ww2-=X2k4V47z+x=0djfqA@mail.gmail.com> <CAGm3qMWA8x4tbdbQy6mfewBHX7ECaKUaQ-=_6X=t5WhsAOY=FA@mail.gmail.com>
On Thu, Feb 1, 2018 at 6:42 PM, Aldy Hernandez <aldyh@redhat.com> wrote:
> Since my patch isn't the easy one liner I wanted it to be, perhaps we
> should concentrate on Martin's patch, which is more robust, and has
> testcases to boot! His patch from last week also fixes a couple other
> PRs.
>
> Richard, would this be acceptable? That is, could you or Jakub review
> Martin's all-encompassing patch? If so, I'll drop mine.
Sorry, no - this one looks way too complicated.
> Also, could someone pontificate on whether we want to fix
> -Warray-bounds regressions for this release cycle?
Remove bogus ones? Yes. Add "missing ones"? No.
Richard.
> Thanks.
>
> On Wed, Jan 31, 2018 at 6:05 AM, Richard Biener
> <richard.guenther@gmail.com> wrote:
>> On Tue, Jan 30, 2018 at 11:11 PM, Aldy Hernandez <aldyh@redhat.com> wrote:
>>> Hi!
>>>
>>> [Note: Jakub has mentioned that missing -Warray-bounds regressions should be
>>> punted to GCC 9. I think this particular one is easy pickings, but if this
>>> and/or the rest of the -Warray-bounds regressions should be marked as GCC 9
>>> material, please let me know so we can adjust all relevant PRs.]
>>>
>>> This is a -Warray-bounds regression that happens because the IL now has an
>>> MEM_REF instead on ARRAY_REF.
>>>
>>> Previously we had an ARRAY_REF we could diagnose:
>>>
>>> D.2720_5 = "12345678"[1073741824];
>>>
>>> But now this is represented as:
>>>
>>> _1 = MEM[(const char *)"12345678" + 1073741824B];
>>>
>>> I think we can just allow check_array_bounds() to handle MEM_REF's and
>>> everything should just work.
>>>
>>> The attached patch fixes both regressions mentioned in the PR.
>>>
>>> Tested on x86-64 Linux.
>>>
>>> OK?
>>
>> This doesn't look correct. You lump MEM_REF handling together with
>> ADDR_EXPR handling but for the above case you want to diagnose
>> _dereferences_ not address-taking.
>>
>> For the dereference case you need to amend the ARRAY_REF case, for example
>> via
>>
>> Index: gcc/tree-vrp.c
>> ===================================================================
>> --- gcc/tree-vrp.c (revision 257181)
>> +++ gcc/tree-vrp.c (working copy)
>> @@ -5012,6 +5012,13 @@ check_array_bounds (tree *tp, int *walk_
>> if (TREE_CODE (t) == ARRAY_REF)
>> vrp_prop->check_array_ref (location, t, false /*ignore_off_by_one*/);
>>
>> + else if (TREE_CODE (t) == MEM_REF
>> + && TREE_CODE (TREE_OPERAND (t, 0)) == ADDR_EXPR
>> + && TREE_CODE (TREE_OPERAND (TREE_OPERAND (t, 0), 0)) == STRING_CST)
>> + {
>> + call factored part of check_array_ref passing in STRING_CST and offset
>> + }
>> +
>> else if (TREE_CODE (t) == ADDR_EXPR)
>> {
>> vrp_prop->search_for_addr_array (t, location);
>>
>> note your patch will fail to warn for "1"[1] because taking that
>> address is valid but not
>> dereferencing it.
>>
>> Richard.