[PATCH] Diagnose implicitly prototyped builtins called with wrong arguments (PR middle-end/38360, take 2)
Richard Guenther
richard.guenther@gmail.com
Tue Dec 2 22:21:00 GMT 2008
On Tue, Dec 2, 2008 at 11:13 PM, Joseph S. Myers
<joseph@codesourcery.com> wrote:
> On Tue, 2 Dec 2008, Jakub Jelinek wrote:
>
>> --- gcc/testsuite/gcc.dg/redecl-4.c.jj 2008-12-02 17:35:44.000000000 +0100
>> +++ gcc/testsuite/gcc.dg/redecl-4.c 2008-12-02 17:44:33.000000000 +0100
>> @@ -20,9 +20,11 @@ f (void)
>> strcmp (1);
>> /* Likewise, implicitly declared memcmp. */
>> if (0)
>> - memcmp (1);
>> + memcmp (1); /* { dg-error "too few arguments" } */
>
> The fact that this testcase is changing rather indicates that the proposed
> change is wrong and this call should not be rejected.
>
> The requirement that allows rejecting some bad uses of built-in functions
> is that all declarations referring to memcmp - both in the library and
> directly in the program - specify compatible types. An implicit
> declaration is one without a prototype, which is compatible with that in
> the library even if it has the wrong arguments (provided the library one
> returns int, isn't variadic, etc.). It can't be optimized as a built-in
> call and is undefined behavior if executed (so could be changed into
> evaluating the function designator and arguments then aborting), but it's
> valid C90 code if not executed. And the case for strcmp (where a
> non-prototype declaration is given before calling the function, which your
> patch doesn't cause to be diagnosed) is also valid C99 if not executed.
>
> I suppose you could add an extra argument to convert_arguments, indicating
> that invalid arguments should cause a trap to be generated and no error to
> be generated. That in turn would need to pass something down to
> convert_for_assignment (a new ic_* value, maybe) to tell it not to
> generate errors but to pass up an indication to generate a trap instead.
> That would avoid the front end producing GIMPLE containing bad calls to
> built-in functions. Except that if a pointer to the built-in function is
> stored in a function pointer variable (whose type does not include a
> prototype, or using a cast) I'd imagine such calls could be generated
> after the front end has finished and something in the optimizers would
> need to deal with them. Maybe the original patch is better after all....
Can we somehow avoid using a builtin decl for such cases? It is really
error-prone to ask everyone looking at builtin function calls to verify that
the calls do actually match what is required.
Thanks,
Richard.
More information about the Gcc-patches
mailing list