This is the mail archive of the
gcc-patches@gcc.gnu.org
mailing list for the GCC project.
Re: [PR tree-optimization/84047] missing -Warray-bounds on an out-of-bounds index
- From: Aldy Hernandez <aldyh at redhat dot com>
- To: Richard Biener <richard dot guenther at gmail dot com>
- Cc: Jakub Jelinek <jakub at redhat dot com>, Martin Sebor <msebor at redhat dot com>, gcc-patches <gcc-patches at gcc dot gnu dot org>
- Date: Thu, 1 Feb 2018 12:42:26 -0500
- Subject: Re: [PR tree-optimization/84047] missing -Warray-bounds on an out-of-bounds index
- Authentication-results: sourceware.org; auth=none
- References: <9a52975c-c720-f42f-3564-7b69e361487d@redhat.com> <CAFiYyc1mjj6bgTEgC0_Y1JeCa9K_ww2-=X2k4V47z+x=0djfqA@mail.gmail.com>
Since my patch isn't the easy one liner I wanted it to be, perhaps we
should concentrate on Martin's patch, which is more robust, and has
testcases to boot! His patch from last week also fixes a couple other
PRs.
Richard, would this be acceptable? That is, could you or Jakub review
Martin's all-encompassing patch? If so, I'll drop mine.
Also, could someone pontificate on whether we want to fix
-Warray-bounds regressions for this release cycle?
Thanks.
On Wed, Jan 31, 2018 at 6:05 AM, Richard Biener
<richard.guenther@gmail.com> wrote:
> On Tue, Jan 30, 2018 at 11:11 PM, Aldy Hernandez <aldyh@redhat.com> wrote:
>> Hi!
>>
>> [Note: Jakub has mentioned that missing -Warray-bounds regressions should be
>> punted to GCC 9. I think this particular one is easy pickings, but if this
>> and/or the rest of the -Warray-bounds regressions should be marked as GCC 9
>> material, please let me know so we can adjust all relevant PRs.]
>>
>> This is a -Warray-bounds regression that happens because the IL now has an
>> MEM_REF instead on ARRAY_REF.
>>
>> Previously we had an ARRAY_REF we could diagnose:
>>
>> D.2720_5 = "12345678"[1073741824];
>>
>> But now this is represented as:
>>
>> _1 = MEM[(const char *)"12345678" + 1073741824B];
>>
>> I think we can just allow check_array_bounds() to handle MEM_REF's and
>> everything should just work.
>>
>> The attached patch fixes both regressions mentioned in the PR.
>>
>> Tested on x86-64 Linux.
>>
>> OK?
>
> This doesn't look correct. You lump MEM_REF handling together with
> ADDR_EXPR handling but for the above case you want to diagnose
> _dereferences_ not address-taking.
>
> For the dereference case you need to amend the ARRAY_REF case, for example
> via
>
> Index: gcc/tree-vrp.c
> ===================================================================
> --- gcc/tree-vrp.c (revision 257181)
> +++ gcc/tree-vrp.c (working copy)
> @@ -5012,6 +5012,13 @@ check_array_bounds (tree *tp, int *walk_
> if (TREE_CODE (t) == ARRAY_REF)
> vrp_prop->check_array_ref (location, t, false /*ignore_off_by_one*/);
>
> + else if (TREE_CODE (t) == MEM_REF
> + && TREE_CODE (TREE_OPERAND (t, 0)) == ADDR_EXPR
> + && TREE_CODE (TREE_OPERAND (TREE_OPERAND (t, 0), 0)) == STRING_CST)
> + {
> + call factored part of check_array_ref passing in STRING_CST and offset
> + }
> +
> else if (TREE_CODE (t) == ADDR_EXPR)
> {
> vrp_prop->search_for_addr_array (t, location);
>
> note your patch will fail to warn for "1"[1] because taking that
> address is valid but not
> dereferencing it.
>
> Richard.